Accountability and deterrence in online life

Feigenbaum, Joan; Hendler, James A.; Jaggard, Aaron D.; Weitzner, Daniel J.; Wright, Rebecca N.

doi:10.1145/2527031.2527043

Cited by 34 publications

(29 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This very general use of the word "accountability" may create barriers to adoption, because the word connotes "answerability" and "standing up to be counted" in ways that suggest formal adjudication and the inability to act anonymously while remaining accountable. We explore these terminological issues more fully in a recent paper with Hendler and Weitzner [7]. Here, we stress that the value of our formal framework does not depend on the use of the word "accountability."…”

Section: Discussionmentioning

confidence: 99%

Towards a formal model of accountability

Feigenbaum

Jaggard

Wright

2011

Proceedings of the 2011 New Security Paradigms Workshop

Self Cite

View full text Add to dashboard Cite

We propose a focus on accountability as a mechanism for ensuring security in information systems. To that end, we present a formal definition of accountability in information systems. Our definition is more general and potentially more widely applicable than the accountability notions that have previously appeared in the security literature. In particular, we treat in a unified manner scenarios in which accountability is enforced automatically and those in which enforcement must be mediated by an authority; similarly, our formalism includes scenarios in which the parties who are held accountable can remain anonymous and those in which they must be identified by the authorities to whom they are accountable. Essential elements of our formalism include event traces and utility functions and the use of these to define punishment and related notions.

show abstract

Section: Discussionmentioning

confidence: 99%

Towards a formal model of accountability

Feigenbaum

Jaggard

Wright

2011

Proceedings of the 2011 New Security Paradigms Workshop

Self Cite

View full text Add to dashboard Cite

show abstract

“…Misuse refers to the unauthorised access, use, modification, or disclosure of information, or other use of information that is not for the purpose for which the information was provided [10,11]. Much like in the offline world we live in, it is expected that when users are aware of the accountability measures, they would not engage in inappropriate activities [12]. As a result, AeH systems allow information to be made available to legitimate users more openly and effectively without threatening patients' information privacy.…”

Section: Information Accountability Frameworkmentioning

confidence: 99%

Managing and sharing health data through Information Accountability protocols

Grunwell

Batista

Campos

et al. 2015

2015 17th International Conference on E-Health Networking, Application &Amp; Services (HealthCom)

View full text Add to dashboard Cite

Concerns over the security and privacy of patient information are one of the biggest hindrances to sharing health information and the wide adoption of eHealth systems. At present, there are competing requirements between healthcare consumers' (i.e. patients) requirements and healthcare professionals' (HCP) requirements. While consumers want control over their information, healthcare professionals want access to as much information as required in order to make wellinformed decisions and provide quality care. In order to balance these requirements, the use of an Information Accountability Framework devised for eHealth systems has been proposed. In this paper, we take a step closer to the adoption of the Information Accountability protocols and demonstrate their functionality through an implementation in FluxMED, a customisable EHR system.

show abstract

“…In general, they may offer accountability either for protocol violations or for undesirable content or behavior (Feigenbaum, Hendler, Jaggard, Weitzner, and Wright 2011). DISSENT and other protocols based on DC-nets (Waidner and Pfitzmann 1989a;Golle and Juels 2004), and verifiable shuffles (Neff 2003;Khazaei, Moran, and Wikström 2012;Bayer and Groth 2012) aim to hold users accountable for protocol violations.…”

Section: Related Workmentioning

confidence: 99%

Security Analysis of Accountable Anonymity in Dissent

Syta

Corrigan-Gibbs

Weng

et al. 2014

ACM Trans. Inf. Syst. Secur.

View full text Add to dashboard Cite

Users often wish to communicate anonymously on the Internet, for example in group discussion or instant messaging forums. Existing solutions are vulnerable to misbehaving users, however, who may abuse their anonymity to disrupt communication. Dining Cryptographers Networks (DC-nets) leave groups vulnerable to denial-of-service and Sybil attacks, mix networks are difficult to protect against traffic analysis, and accountable voting schemes are unsuited to general anonymous messaging.DISSENT is the first general protocol offering provable anonymity and accountability for moderate-size groups, while efficiently handling unbalanced communication demands among users. We present an improved and hardened DISSENT protocol, define its precise security properties, and offer rigorous proofs of these properties. The improved protocol systematically addresses the delicate balance between provably hiding the identities of well-behaved users, while provably revealing the identities of disruptive users, a challenging task because many forms of misbehavior are inherently undetectable. The new protocol also addresses several non-trivial attacks on the original DISSENT protocol stemming from subtle design flaws.

show abstract

Accountability and deterrence in online life

Cited by 34 publications

References 16 publications

Towards a formal model of accountability

Towards a formal model of accountability

Managing and sharing health data through Information Accountability protocols

Security Analysis of Accountable Anonymity in Dissent

Contact Info

Product

Resources

About