TC: Small: Collaborative Research: Accountability and Identifiability

TC：小型：协作研究：问责制和可识别性

• 批准号: 1016875
• 负责人: Joan Feigenbaum
• 金额: $ 25万
• 依托单位: Yale University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2010
• 资助国家: 美国
• 起止时间: 2010-08-01 至 2014-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1016875&HistoricalAwards=false
• 关键词: TC; Small; Collaborative; Research; Accountability

The World Wide Web and other networked information systems provide enormous benefits by enabling access to unprecedented amounts of information. However, for many years, users have been frustrated by the fact that these systems also create significant problems. Sensitive personal data are disclosed, confidential corporate data are stolen, copyrights are infringed, and databases owned by one government organization are accessed by members of another in violation of government policy. The frequency of such incidents continues to increase, and an incident must now be truly outrageous to be considered newsworthy. This project takes the view that when security violations occur, it should be possible to punish the violators in some fashion. Although "accountability" is widely agreed to be important and desirable, there has been little theoretical work on the subject; indeed, there does not even seem to be a standard definition of "accountability," and researchers in different areas use it to mean different things. This project addresses these issues, the relationship between accountability and other goals (such as user privacy), and the requirements (such as identifiability of violators and violations) for accountability in real-world systems. This clarification of the important notion of accountability will help propel a next generation of network-mediated interaction and services that users understand and trust.The project's technical approach to accountability as an essential component of trustworthiness involves two intertwined research thrusts. The first thrust focuses on definitions and foundational theory. Intuitively, accountability is present in any system in which actions are governed by well defined rules, and violations of those rules are punished. Project goals are to identify ambiguities and gaps in this intuitive notion, provide formal definitions that capture important accountability desiderata, and explicate relationships of accountability to well studied notions such as identifiability, authentication, authorization, privacy, and anonymity. The second thrust focuses on analysis, design, and abstraction. The project studies fundamental accountability and identifiability requirements in real-world systems, both technological and social. One project goal is to use the resulting better understanding of the extent to which accountability is truly at odds with privacy and other desirable system properties to design new protocols with provable accountability properties. Building on that understanding and insights gained in designing protocols, the project also addresses fundamental trade-offs and impossibility results about accountability and identifiability in various settings. The broader impacts of the work include not only engagement with students but also a new perspective on real world accountability in trustworthy systems.

万维网和其他网络信息系统通过访问前所未有的信息来提供巨大的好处。 但是，多年来，这些系统也会造成重大问题的事实感到沮丧。 披露敏感的个人数据，机密的公司数据被盗，版权受到侵犯，另一个政府组织拥有的数据库被另一个政府组织所拥有的数据库违反了政府政策。 此类事件的频率继续增加，现在必须真正令人发指才能被认为是新闻价值的。 该项目认为，当发生安全性时，应该有可能以某种方式惩罚违规者。 尽管“问责制”被广泛同意是重要和可取的，但关于该主题的理论工作很少。确实，似乎没有对“问责制”的标准定义，而不同领域的研究人员则使用它来表示不同的事情。 该项目解决了这些问题，问责制和其他目标（例如用户隐私）之间的关系以及对现实世界系统中问责制的要求（例如违反者和违规行为的可识别性）。 对重要责任制概念的澄清将有助于推动用户理解和信任的下一代网络介导的互动和服务。项目对责任的技术方法是可信赖性的重要组成部分，涉及两个相互交织的研究推力。 第一个推力集中在定义和基础理论上。 直观地，在任何制度中都存在责任制，在任何制度中，措施受定义明确的规则管辖，违反这些规则的行为受到惩罚。 项目目标是在此直观概念中确定歧义和差距，提供正式的定义，以捕获重要的问责制，并将责任感与诸如可识别性，身份验证，授权，隐私和匿名性等诸如诸如识别性，身份验证，验证，授权，隐私和匿名之类的概念之间进行解释。 第二个推力集中在分析，设计和抽象上。 项目研究在技术和社会的现实系统中的基本问责制和可识别性要求。 一个项目的目标是更好地理解责任感与隐私和其他理想的系统属性的程度，以设计具有可证明的问责制属性的新协议。在设计协议中获得的理解和见解的基础上，该项目还解决了基本的权衡，以及在各种环境中的问责制和可识别性的不可能结果。 这项工作的更广泛影响不仅包括与学生的互动，还包括对可信赖系统中现实世界问责制的新观点。