In English

A Software Architecture to Ensure Surveillance Accountability

Mukelabei Mukelabai
Göteborg : Chalmers tekniska högskola, 2016. 149 s.
[Examensarbete på avancerad nivå]

To meet various security objectives, organisations may employ surveillance technologies such as CCTV cameras or many other forms of online surveillance. However, several concerns have arisen as these technologies are becoming more and more privacy intrusive; thus threatening the civil liberties of the citizens they are meant to protect. More particularly, accountability and transparency are the most endangered privacy principles due to these surveillance activities.

The complexity of surveillance activities and proliferation of personal information in today’s ubiquitous computing world renders access control and encryption techniques insufficient to protect privacy. Hence regulations and systems are needed to hold surveillance organisations accountable for the misuse of the information they gather and also make their operations transparent. This requires the use of an approach that ensures public trust and is also acceptable by Surveillance Organizations (SOs) as it should not compromise the main security objectives of the SO. However, some proposed approaches to achieve this accountability are either too weak as they rely on blindly trusting the SO or are too expensive or too intrusive in their requirements which would make them unacceptable by the SO. In certain legal cases, a court of law may request the SO to disclose to it, records related to a citizen under investigation.

This thesis presents an architecture that includes two additional entities to the SO and Court: a Time Stamping Authority and an independent Data Protection Authority (DPA). This is to ensure the accountability of the SO to the DPA and also ensure that the SO can never use any observed fact about a Data Subject (a citizen in this context), in a court of law, without having previously committed that observation to the DPA.The architecture is evaluated by a model of its protocols which are for secrecy, authentication and integrity properties using ProVerif, a well known and mature protocol verification tool. Secrecy is used to prove that a secret observation cannot be leaked thus compromising the SO’s mission, while authentication and integrity properties ensure the accountability of the SO.

The results provided by ProVerif show that secrecy and authentication can be preserved thus leading to the conclusion that it is possible for Software Engineers to design architectures that make a surveillance organization accountable while preserving its security objectives.

Nyckelord: Surveillance, Architecture, Accountability, Transparency, Security, Protocol,



Publikationen registrerades 2016-06-20. Den ändrades senast 2016-06-20

CPL ID: 237983

Detta är en tjänst från Chalmers bibliotek