Log Design for Accountability

2013 IEEE Security and Privacy Workshops Pub Date : 2013-05-23 DOI:10.1109/SPW.2013.26

Denis Butin, Marcos Chicote, D. Métayer

{"title":"Log Design for Accountability","authors":"Denis Butin, Marcos Chicote, D. Métayer","doi":"10.1109/SPW.2013.26","DOIUrl":null,"url":null,"abstract":"Accountability is a requirement to be included in the initial design phase of systems because of its strong impact on log architecture implementation. As an illustration, the logs we examine here record actions by data controllers handling personally identifiable information to deliver services to data subjects. The structures of those logs seldom consider requirements for accountability, preventing effective dispute resolution. We address the question of what information should be included in logs to make their a posteriori compliance analysis meaningful. Real-world scenarios are used to show that decisions about log architecture are nontrivial and should be made from the design stage on. Four categories of situations for which straightforward solutions are problematic are presented. Our contribution shows how log content choices and accountability definitions mutually affect each other and incites service providers to rethink up to what extent they can be held responsible. These different aspects are synthesized into key guidelines to avoid common pitfalls in accountable log design. This analysis is based on case studies performed on our implementation of the PPL policy language.","PeriodicalId":383569,"journal":{"name":"2013 IEEE Security and Privacy Workshops","volume":"46 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"37","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE Security and Privacy Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPW.2013.26","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 37

Abstract

Accountability is a requirement to be included in the initial design phase of systems because of its strong impact on log architecture implementation. As an illustration, the logs we examine here record actions by data controllers handling personally identifiable information to deliver services to data subjects. The structures of those logs seldom consider requirements for accountability, preventing effective dispute resolution. We address the question of what information should be included in logs to make their a posteriori compliance analysis meaningful. Real-world scenarios are used to show that decisions about log architecture are nontrivial and should be made from the design stage on. Four categories of situations for which straightforward solutions are problematic are presented. Our contribution shows how log content choices and accountability definitions mutually affect each other and incites service providers to rethink up to what extent they can be held responsible. These different aspects are synthesized into key guidelines to avoid common pitfalls in accountable log design. This analysis is based on case studies performed on our implementation of the PPL policy language.

查看原文本刊更多论文

问责制日志设计

问责制是系统初始设计阶段的一个需求，因为它对日志体系结构实现有很大的影响。作为说明，我们在这里检查的日志记录了数据控制器处理个人可识别信息以向数据主体提供服务的操作。这些日志的结构很少考虑到责任的要求，从而妨碍有效解决争端。我们解决了应该在日志中包含哪些信息以使其事后遵从性分析有意义的问题。实际场景用于显示关于日志体系结构的决策是非常重要的，应该从设计阶段开始就做出决策。提出了四种直接解决问题的情况。我们的贡献展示了日志内容选择和问责制定义是如何相互影响的，并促使服务提供商重新思考他们应该在多大程度上承担责任。这些不同的方面被综合到关键的指导方针中，以避免责任日志设计中的常见缺陷。此分析基于对PPL策略语言的实现进行的案例研究。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 IEEE Security and Privacy Workshops

自引率

0.00%

发文量