Towards Improving Accountability in Sensitive-Disclosure Scenarios
Pages 115 - 119
Abstract
Public transparency has become increasingly important to uphold trust in government agencies and private companies alike, e.g., by establishing police accountability and proving abiding to ethical supply chain practices. Oftentimes, however, this public interest conflicts with the need for confidentiality of ongoing processes. In this paper, we investigate these sensitive-disclosure scenarios and the requirements for technical solutions to support the data dissemination in these scenarios. We identify translucent blockchains as a promising building block to provide transparency in sensitive-disclosure scenarios with fine-granular access control.
References
[1]
2009. Exec. Order No. 13,526—Classified National Security Information. Federal Register 75, 2 (2009), pp. 707–731. https://www.archives.gov/files/isoo/pdf/cnsi-eo.pdf
[2]
Administrative Committee of the European Court of Auditors. 2023. Delegated Decision No 17-2023 of the Administrative Committee of the European Court of Auditors of 1 March 2023 on implementing rules for handling RESTREINT UE/EU RESTRICTED information at the European Court of Auditors. Official Journal of the European Union L, 86 (2023), pp. 65–82. http://data.europa.eu/eli/proc_rules/2023/17/oj
[3]
Lital Badash, Nachiket Tapas, Asaf Nadler, Francesco Longo, and Asaf Shabtai. 2021. Blockchain-Based Bug Bounty Framework. In Proceedings of the 36th Annual ACM Symposium on Applied Computing(SAC’21). ACM, pp. 239–248. https://doi.org/10.1145/3412841.3441906
[4]
Lennart Bader, Jan Pennekamp, Roman Matzutt, David Hedderich, Markus Kowalski, Volker Lücken, and Klaus Wehrle. 2021. Blockchain-Based Privacy Preservation for Supply Chains Supporting Lightweight Multi-Hop Information Accountability. Information Processing & Management 58, 3 (2 2021). https://doi.org/10.1016/j.ipm.2021.102529
[5]
Massimo Bartoletti and Livio Pompianu. 2017. An Analysis of Bitcoin OP_RETURN Metadata. In Financial Cryptography and Data Security (FC), Michael Brenner, Kurt Rohloff, Joseph Bonneau, Andrew Miller, Peter Y.A. Ryan, Vanessa Teague, Andrea Bracciali, Massimiliano Sala, Federico Pintore, and Markus Jakobsson (Eds.). Springer Cham, pp. 218–230.
[6]
Gabriel Bracha. 1984. An Asynchronous ⌊(n − 1)/3⌋ -Resilient Consensus Protocol. In Symposium on Principles of Distributed Computing (PODC). ACM, pp. 154–162. https://doi.org/10.1145/800222.806743
[7]
Hasan Cavusoglu, Huseyin Cavusoglu, and Srinivasan Raghunathan. 2007. Efficiency of Vulnerability Disclosure Mechanisms to Disseminate Vulnerability Knowledge. IEEE Transactions on Software Engineering 33, 3 (2007), pp. 171–185. https://doi.org/10.1109/TSE.2007.26
[8]
Council of the European Union. 2003. Council Regulation (EC, Euratom) No 1700/2003 of 22 September 2003 amending Regulation (EEC, Euratom) No 354/83 concerning the opening to the public of the historical archives of the European Economic Community and the European Atomic Energy Community. Official Journal of the European Union L, 243 (2003), pp. 0001–0004. http://data.europa.eu/eli/reg/2003/1700/oj
[9]
European Network and Information Security Agency (ENISA). 2021. Joint Statement on Log4Shell. https://www.enisa.europa.eu/news/enisa-news/statement-on-log4shell Accessed on 2024-01-26.
[10]
European Parliament and Council of the European Union. 2022. Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) (Text with EEA relevance). Official Journal of the European Union L, 333 (2022), pp. 80–152. https://eur-lex.europa.eu/eli/dir/2022/2555
[11]
Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. 2007. Secure Distributed Key Generation for Discrete-Log Based Cryptosystems. Journal of Cryptology 20, 1 (2007), pp. 51–83. https://doi.org/10.1007/s00145-006-0347-3
[12]
German Research Foundation. 2019. Rules of Procedure for Dealing with Scientific Misconduct. Technical Report. https://www.dfg.de/de/verfahrensordnung-zum-umgang-mit-wissenschaftlichem-fehlverhalten-verfowf–246936
[13]
Emmanuel-Pierre Guittet, Niovi Vavoula, Anastassia Tsoukala, and Monika Baylis. 2022. Democratic Oversight of the Police. Technical Report. https://www.europarl.europa.eu/committees/en/democratic-oversight-of-the-police/product-details/20220606CAN66202
[14]
Martin Henze, René Hummen, Roman Matzutt, Daniel Catrein, and Klaus Wehrle. 2013. Maintaining User Control While Storing and Processing Sensor Data in the Cloud. International Journal of Grid and High Performance Computing (IJGHPC) 5, 4 (12 2013), pp. 97–112. https://doi.org/10.4018/ijghpc.2013100107
[15]
David Hess. 2019. The Transparency Trap: Non-Financial Disclosure and the Responsibility of Business to Respect Human Rights. American Business Law Journal 56, 1 (2019), pp. 5–53. https://doi.org/10.1111/ablj.12134
[16]
Alex Hoffman, Eric Becerril-Blas, Kevin Moreno, and Yoohwan Kim. 2020. Decentralized Security Bounty Management on Blockchain and IPFS. In 2020 10th Annual Computing and Communication Workshop and Conference(CCWC’21). IEEE, pp. 241–247. https://doi.org/10.1109/CCWC47524.2020.9031109
[17]
James R. Hollyer, B. Peter Rosendorff, and James Raymond Vreeland. 2011. Democracy and Transparency. The Journal of Politics 73, 4 (2011), pp. 1191–1205. https://doi.org/10.1017/S0022381611000880
[18]
Peter B. Jubb. 1999. Whistleblowing: A Restrictive Definition and Interpretation. Journal of Business Ethics 21 (1999), pp. 77–94. https://doi.org/10.1023/A:1005922701763
[19]
Andrea Lisi, Prateeti Mukherjee, Laura De Santis, Lei Wu, Dmitrij Lagutin, and Yki Kortesniemi. 2022. Automated Responsible Disclosure of Security Vulnerabilities. IEEE Access 10 (2022), pp. 10472–10489. https://doi.org/10.1109/ACCESS.2021.3126401
[20]
Gerald G. Moy. 2018. The role of whistleblowers in protecting the safety and integrity of the food supply. npj Science of Food 2, 8 (2018). https://doi.org/10.1038/s41538-018-0017-5
[21]
Adi Shamir. 1979. How to Share a Secret. Commun. ACM 22, 11 (1979), pp. 612–613. https://doi.org/10.1145/359168.359176
[22]
Antonio Emerson B. Tomaz, José Cláudio do Nascimento, and José Neuman de Souza. 2022. Blockchain-based whistleblowing service to solve the problem of journalistic conflict of interest. Annals of Telecommunications 77 (2022), pp. 101–118. https://doi.org/10.1007/s12243-021-00860-0
[23]
Eric Wagner, Roman Matzutt, Jan Pennekamp, Lennart Bader, Iraki Bajelidze, Klaus Wehrle, and Martin Henze. 2022. Scalable and Privacy-Focused Company-Centric Supply Chain Management. In Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2022). IEEE. https://doi.org/10.1109/ICBC54727.2022.9805503
[24]
Huaqun Wang, Debiao He, Zhe Liu, and Rui Guo. 2020. Blockchain-Based Anonymous Reporting Scheme With Anonymous Rewarding. IEEE Transactions on Engineering Management 67, 4 (2020), pp. 1514–1524. https://doi.org/10.1109/TEM.2019.2909529
[25]
Karl Wüst and Arthur Gervais. 2018. Do you Need a Blockchain?. In 2018 Crypto Valley Conference on Blockchain Technology (CVCBT). IEEE, pp. 45–54. https://doi.org/10.1109/CVCBT.2018.00011
[26]
Mingchao Yu, Saeid Sahraei, Songze Li, Salman Avestimehr, Sreeram Kannan, and Pramod Viswanath. 2020. Coded Merkle Tree: Solving Data Availability Attacks in Blockchains. In Financial Cryptography and Data Security, Joseph Bonneau and Nadia Heninger (Eds.). Springer International Publishing, Cham, pp. 114–134.
[27]
Jan Henrik Ziegeldorf, Roman Matzutt, Martin Henze, Fred Grossmann, and Klaus Wehrle. 2018. Secure and anonymous decentralized Bitcoin mixing. Future Generation Computer Systems 80 (2018), pp. 448–466. https://doi.org/10.1016/j.future.2016.05.018
[28]
Guy Zyskind, Oz Nathan, and Alex ’Sandy’ Pentland. 2015. Decentralizing Privacy: Using Blockchain to Protect Personal Data. In 2015 IEEE Security and Privacy Workshops. pp. 180–184. https://doi.org/10.1109/SPW.2015.27
Index Terms
- Towards Improving Accountability in Sensitive-Disclosure Scenarios
Recommendations
A Step Towards Empowerment and Digital Inclusion of Rural Public in India
ICEGOV '17: Proceedings of the 10th International Conference on Theory and Practice of Electronic GovernanceThe emergence of Information and Communication Technology (ICT) has provided an easy, effective, economic and efficient way to provide various government services and welfare schemes at grass root level. Indian government is also moving towards e-...
Accountability Work: Examining the Values, Technologies and Work Practices that Facilitate Transparency in Charities
CHI '18: Proceedings of the 2018 CHI Conference on Human Factors in Computing SystemsCharities are subject to stringent transparency and accountability requirements from government and funders to ensure that they are conducting work and spending money appropriately. Charities are increasingly important to civic life and have unique ...
Transparency and Accountability After 2015: e-Parliament for Citizens' Engagement in the Ghanaian Environment
ICEGOV '15-16: Proceedings of the 9th International Conference on Theory and Practice of Electronic GovernanceBeyond providing information, Information and Communication Technology (ICT) really contributes to citizens' participation to public debate. With the use of ICT, Civil societies have played a big role especially in the areas of training, research, ...
Comments
Information & Contributors
Information
Published In
June 2024
235 pages
Copyright © 2024 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 05 June 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- BMBF
Conference
EICC 2024
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 171Total Downloads
- Downloads (Last 12 months)171
- Downloads (Last 6 weeks)37
Reflects downloads up to 25 Jan 2025
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatLogin options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in