{"title":"信任但要验证:网络服务的责任","authors":"Aydan R. Yumerefendi, J. Chase","doi":"10.1145/1133572.1133585","DOIUrl":null,"url":null,"abstract":"This paper promotes accountability as a central design goal for dependable networked systems. We define three properties for accountable systems that extend beyond the basic security properties of authentication, privacy, and integrity. These accountability properties reduce the vulnerability of network services to subversion, tampering, corruption, and abuse. For example, actions taken in accountable systems and their clients are provable or even legally binding, to support contractual relationships in federated systems.We propose a framework for accountable network services, and explore its applicability and limitations. The foundation of our approach is to preserve digitally signed records of actions and/or internal state snapshots of each service, and use them to detect tampering, verify the consistency of actions and behavior, and prove responsibility for unexpected states or actions. We outline the key challenges in generalizing the principles and methodology of accountable design for practical use.","PeriodicalId":285758,"journal":{"name":"EW 11","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"69","resultStr":"{\"title\":\"Trust but verify: accountability for network services\",\"authors\":\"Aydan R. Yumerefendi, J. Chase\",\"doi\":\"10.1145/1133572.1133585\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper promotes accountability as a central design goal for dependable networked systems. We define three properties for accountable systems that extend beyond the basic security properties of authentication, privacy, and integrity. These accountability properties reduce the vulnerability of network services to subversion, tampering, corruption, and abuse. For example, actions taken in accountable systems and their clients are provable or even legally binding, to support contractual relationships in federated systems.We propose a framework for accountable network services, and explore its applicability and limitations. The foundation of our approach is to preserve digitally signed records of actions and/or internal state snapshots of each service, and use them to detect tampering, verify the consistency of actions and behavior, and prove responsibility for unexpected states or actions. We outline the key challenges in generalizing the principles and methodology of accountable design for practical use.\",\"PeriodicalId\":285758,\"journal\":{\"name\":\"EW 11\",\"volume\":\"48 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-09-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"69\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"EW 11\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1133572.1133585\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"EW 11","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1133572.1133585","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Trust but verify: accountability for network services
This paper promotes accountability as a central design goal for dependable networked systems. We define three properties for accountable systems that extend beyond the basic security properties of authentication, privacy, and integrity. These accountability properties reduce the vulnerability of network services to subversion, tampering, corruption, and abuse. For example, actions taken in accountable systems and their clients are provable or even legally binding, to support contractual relationships in federated systems.We propose a framework for accountable network services, and explore its applicability and limitations. The foundation of our approach is to preserve digitally signed records of actions and/or internal state snapshots of each service, and use them to detect tampering, verify the consistency of actions and behavior, and prove responsibility for unexpected states or actions. We outline the key challenges in generalizing the principles and methodology of accountable design for practical use.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
