A Formal Framework for Specifying and Analyzing Logs as Electronic Evidence

The issues of logging for determining liability requires to define, prior to a dispute, the logging system and the log analysis in a manner that would determine the parties liable for a predetermined misbehavior of the system. We propose a formal framework for specifying and reasoning about decentralized logs to be used in legal disputes. In addition, we study how previous results can be used in the incremental analysis of larger inputs to obtain precise or approximated results. We illustrate our approach with an example of a travel arrangement service.

[1]  Frank Dignum,et al.  Organizational structure and responsibility , 2007, Artificial Intelligence and Law.

[2]  Eric Van Buskirk,et al.  Digital Evidence: Challenging the Presumption of Reliability , 2006, J. Digit. Forensic Pract..

[3]  Steve A. Schneider,et al.  ZB 2005: Formal Specification and Development in Z and B, 4th International Conference of B and Z Users, Guildford, UK, April 13-15, 2005, Proceedings , 2005, ZB.

[4]  Mourad Debbabi,et al.  Forensic analysis of logs: Modeling and verification , 2007, Knowl. Based Syst..

[5]  Mohamed Nassim Seghir,et al.  A Lightweight Approach for Loop Summarization , 2011, ATVA.

[6]  Alex Groce,et al.  Formal Analysis of Log Files , 2010, J. Aerosp. Comput. Inf. Commun..

[7]  Dan S. Wallach,et al.  Finding the Evidence in Tamper-Evident Logs , 2008, 2008 Third International Workshop on Systematic Approaches to Digital Forensic Engineering.

[8]  Fred B. Schneider Accountability for Perfection , 2009, IEEE Secur. Priv..

[9]  Jerry den Hartog,et al.  Audit-based compliance control , 2007, International Journal of Information Security.

[10]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[11]  Noureddine Boudriga,et al.  Cognitive-Maps Based Investigation of Digital Security Incidents , 2008, 2008 Third International Workshop on Systematic Approaches to Digital Forensic Engineering.

[12]  Fredesvinda Insa The Admissibility of Electronic Evidence in Court (A.E.E.C.): Fighting against High-Tech Crime - Results of a European Study , 2006, J. Digit. Forensic Pract..

[13]  Fred B. Schneider Labeling-in Security , 2009, IEEE Secur. Priv..

[14]  Ueli Maurer New approaches to digital evidence , 2004, Proceedings of the IEEE.

[15]  Stéphane Frénot,et al.  Liability in software engineering: overview of the LISE approach and illustration on a case study , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[16]  Frank Waters,et al.  The B Book , 1971 .

[17]  S. Anderson,et al.  Secure Synthesis of Code: A Process Improvement Experiment , 1999, World Congress on Formal Methods.

[18]  Eileen Kraemer,et al.  The inference validity problem in legal discovery , 2009, 2009 31st International Conference on Software Engineering - Companion Volume.

[19]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[20]  Wolfgang Emmerich,et al.  Service-Level Agreements for Electronic Services , 2010, IEEE Transactions on Software Engineering.

[21]  Daniel Le Métayer,et al.  Designing Log Architectures for Legal Evidence , 2010, 2010 8th IEEE International Conference on Software Engineering and Formal Methods.

[22]  Paul Benoit,et al.  Météor: A Successful Application of B in a Large Project , 1999, World Congress on Formal Methods.

[23]  Alex Groce,et al.  An Entry Point for Formal Methods: Specification and Analysis of Event Logs , 2010, FMA.

[24]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[25]  Christian Johansen,et al.  Run-Time Monitoring of Electronic Contracts , 2008, ATVA.

[26]  Alexandre Petrenko,et al.  A formal approach to property testing in causally consistent distributed traces , 2006, Formal Aspects of Computing.

[27]  Gordon J. Pace,et al.  CLAN: A Tool for Contract Analysis and Conflict Discovery , 2009, ATVA.

[28]  Frédéric Badeau,et al.  Using B as a High Level Programming Language in an Industrial Project: Roissy VAL , 2005, ZB.

[29]  Keith Marzullo,et al.  Toward Models for Forensic Analysis , 2007, Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'07).

[30]  Marek J. Sergot,et al.  Using the event calculus for tracking the normative state of contracts , 2005, Int. J. Cooperative Inf. Syst..

[31]  Frank Dignum,et al.  A logic for reasoning about responsibility , 2010, Log. J. IGPL.