Accountability is a recent paradigm in security protocol design which aims to
eliminate traditional trust assumptions on parties and hold
them accountable for their misbehavior.
It is meant to establish trust in the first place and to
recognize and react if this trust is violated.
In this work, we discuss a protocol-agnostic definition of accountability:
a protocol provides accountability (w.r.t. some security property)
if it can identify all misbehaving parties, where
misbehavior is defined as a deviation from the protocol that causes
a security violation.
We provide a mechanized method for the
verification of accountability and demonstrate its use for
verification and attack finding on various examples from the
accountability and causality literature, including Certificate Transparency and
Kroll’s Accountable Algorithms protocol.
We reach a high degree of automation by expressing accountability in terms of
a set of trace properties and show their soundness and completeness.
History
Preferred Citation
Robert Künnemann, Ilkan Esiyok and Michael Backes. Automated Verification of Accountability in Security Protocols. In: IEEE Computer Security Foundations Symposium (CSF). 2019.
@inproceedings{cispa_all_2896,
title = "Automated Verification of Accountability in Security Protocols",
author = "Künnemann, Robert and Esiyok, Ilkan and Backes, Michael",
booktitle="{IEEE Computer Security Foundations Symposium (CSF)}",
year="2019",
}