Abstract Accountability Language: Translation, Compliance and Application
With the rise of the services-based economy and the democratization of on-line services, more and more users (individual and/or business) use on-line applications in their daily lives. Usually personal data transits between different actors involved in a service’s delivery chain (e.g. application/storage service providers) and thus might raise some privacy issues. Accountability, which is the property of an entity of being responsible for its acts, can help mitigate data privacy and data disclosures issues in such applications. In this paper, we propose a translational semantics for our accountability language and we present some expected properties. We introduce a natural criterion to achieve the accountability compliance of two clauses and few heuristics to speed up the resolution time. We demonstrate the feasibility of our verification process with a realistic health care use case and the TSPASS theorem prover.
Walid Benghabrit, Hervé Grall, Jean-Claude Royer, and Mohamed Sellami, "Abstract Accountability Language: Translation, Compliance and Application", ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE, 1-4 December 2015, New Delhi, India.