Tamper-proof privacy auditing for artificial intelligence systems
Authors: 
Andrew Sutton and Reza SamaviAuthors Info & Claims
Andrew Sutton and Reza SamaviAuthors Info & ClaimsJuly 2018
Pages 5374 - 5378
Abstract
Privacy audit logs are used to capture the actions of participants in a data sharing environment in order for auditors to check compliance with privacy policies. However, collusion may occur between the auditors and participants to obfuscate actions that should be recorded in the audit logs. In this paper, we propose a Linked Data based method of utilizing blockchain technology to create tamperproof audit logs that provide proof of log manipulation and non-repudiation.
References
[1]
Rafael Accorsi. Log data as digital evidence: What secure logging protocols have to offer? In Computer Software and Applications Conference, 2009. COMPSAC' 09. 33rd Annual IEEE International, volume 2, pages 398-403. IEEE, 2009.
[2]
Nicolai Anderson. Blockchain technology: A game-changer in accounting? Deloitte, March, 2016.
[3]
Denis Butin, Marcos Chicote, and Daniel Le Métayer. Log design for accountability. IEEE Security and Privacy Workshops, 2013.
[4]
Jeremy J Carroll, Christian Bizer, Pat Hayes, and Patrick Stickler. Named graphs. Web Semantics: Science, Services and Agents on the World Wide Web, 3(4):247-267, 2005.
[5]
Jordi Cucurull and Jordi Puiggalí. Distributed immutabilization of secure logs. In International Workshop on Security and Trust Management, pages 122-137. Springer, 2016.
[6]
Tom Heath and Christian Bizer. Linked data: Evolving the web into a global data space. Synthesis lectures on the semantic web: theory and technology, 1(1):1-136, 2011.
[7]
Andreas Kasten, Ansgar Scherp, and Peter Schauß. A framework for iterative signing of graph data on the web. In European Semantic Web Conference, pages 146-160. Springer, 2014.
[8]
Andreas Kasten. Secure semantic web data management: confidentiality, integrity, and compliant availability in open and distributed networks. PhD thesis, University of Koblenz and Landau, Germany, 2016.
[9]
Lory Kehoe, David Dalton, Cillian Leonwicz, and Thomas Jankovich. Blockchain disrupting the financial services industry? Deloitte, 2015.
[10]
Florian Kleedorfer, Yana Panchenko, Christina Maria Busch, and Christian Huemer. Verifiability and traceability in a linked data based messaging system. In Proceedings of the 12th International Conference on Semantic Systems, pages 97-100. ACM, 2016.
[11]
Sporny Manu. Building better blockchains. In Linked Data in Distributed Ledgers Workshop Keynote. WWW2017, 2017.
[12]
Ralph C Merkle. Protocols for public key cryptosystems. In Security and Privacy, 1980 IEEE Symposium on, pages 122-122. IEEE, 1980.
[13]
Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. 2008.
[14]
Marc Pilkington. Blockchain technology: principles and applications. Research handbook on digital transformations, page 225, 2016.
[15]
Alex Rodriguez. Restful web services: The basics. IBM developer Works, page 33, 2008.
[16]
Reza Samavi and Mariano P Consens. Publishing l2tap logs to facilitate transparency and accountability. In LDOW, 2014.
[17]
Reza Samavi and Mariano P Consens. Publishing privacy logs to facilitate transparency and accountability. Journal of Web Semantics, 2018.
[18]
Craig Sayers and Alan H Karp. Computing the digest of an rdf graph. Mobile and Media Systems Laboratory, HP Laboratories, Palo Alto, USA, Tech. Rep. HPL-2003-235, 1, 2004.
[19]
Matthew Spoke. How blockchain tech will change auditing for good, 2015.
[20]
Vassilios Stathopoulos, Panayiotis Kotzanikolaou, and Emmanouil Magkos. Secure log management for privacy assurance in electronic communications. computers & security, 27(7-8):298-308, 2008.
[21]
Vipin Swarup, Len Seligman, and Arnon Rosenthal. A data sharing agreement framework. In International Conference on Information Systems Security, pages 22-36. Springer, 2006.
[22]
Yue Tong, Jinyuan Sun, Sherman SM Chow, and Pan Li. Cloud-assisted mobile-access of health data with privacy and auditability. IEEE Journal of biomedical and health Informatics, 18(2):419-429, 2014.
[23]
Daniel J Weitzner, Harold Abelson, Tim Berners-Lee, Joan Feigenbaum, James Hendler, and Gerald Jay Sussman. Information accountability. Communications of the ACM, 51(6):82-87, 2008.
Recommendations
Privacy-Preserving Certificateless Cloud Auditing with Multiple Users
Cloud auditing is one of the important processes to ensure the security and integrity of data in cloud storage. Implementing cloud auditing requires various cryptographic tools such as identity-based cryptography and its variant: certificateless ...
Certificateless public auditing scheme with designated verifier and privacy-preserving property in cloud storage
AbstractIn recent years, cloud storage has become an attractive service for data owners to store their personal data. Since they lose physical control of their data, it is necessary to regularly audit its integrity. The public auditing ...
Privacy-Preserving Auditing for Attribute-Based Credentials
Computer Security - ESORICS 2014AbstractPrivacy-enhancing attribute-based credentials (PABCs) allow users to authenticate to verifiers in a data-minimizing way, in the sense that users are unlinkable between authentications and only disclose those attributes from their credentials that ...
Comments
Information & Contributors
Information
Published In
Sponsors
- Adobe
- IBMR: IBM Research
- ERICSSON
- Microsoft: Microsoft
- AI Journal: AI Journal
Publisher
AAAI Press
Publication History
Published: 13 July 2018
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0