Skip to Main content Skip to Navigation
New interface
Conference papers

Log Design for Accountability

Denis Butin 1, 2, * Marcos Chicote 1, 2 Daniel Le Métayer 1, 2, * 
* Corresponding author
1 PRIVATICS - Privacy Models, Architectures and Tools for the Information Society
Inria Grenoble - Rhône-Alpes, CITI - CITI Centre of Innovation in Telecommunications and Integration of services, Inria Lyon
Abstract : The position put forward in this paper is that accountability is a requirement to be taken into account from the initial design phase of a system because of its strong impact on log architecture implementation. As an illustration, the logs we consider here record actions by data controllers handling personally identifiable information to deliver services to data subjects. The structures of those logs seldom take into account requirements for accountability, preventing effective dispute resolution. We address the question of what information should be included in logs to make their a posteriori compliance analysis meaningful. Real-world scenarios are used to show that decisions about log architectures are nontrivial and should be made from the design stage on. Three categories of situations for which straightforward solutions are problematic are presented. Our discussion shows how log content choices and accountability definitions mutually affect each other and incites service providers to rethink up to what extent they can be held responsible. These different aspects are synthesized into key guidelines to avoid common pitfalls in accountable log design. This analysis is based on case studies performed on our implementation of the PPL policy language.
Document type :
Conference papers
Complete list of metadata

Cited literature [22 references]  Display  Hide  Download
Contributor : Denis Butin Connect in order to contact the contributor
Submitted on : Monday, June 10, 2013 - 2:14:48 PM
Last modification on : Friday, August 5, 2022 - 3:51:08 AM
Long-term archiving on: : Wednesday, September 11, 2013 - 3:05:10 AM


Files produced by the author(s)



Denis Butin, Marcos Chicote, Daniel Le Métayer. Log Design for Accountability. DUMA13 - 4th International Workshop on Data Usage Management - 2013, May 2013, San Francisco, United States. ⟨10.1109/SPW.2013.26⟩. ⟨hal-00799100⟩



Record views


Files downloads