Accountability in Electronic Commerce Protocols

| In most commercial and legal transactions, the ability to hold individuals or organizations accountable for transactions is important. Hence, electronic protocols that implement commercial transactions must be designed to provide adequate accountability assurances for transacting parties. Without such assurances, electronic transactions can be susceptible to disputes. Currently, protocol design for electronic commerce is done in an ad-hoc manner, a technique which has been shown to be error-prone by past experience with key distribution protocols 4]. Despite the importance of accountability in electronic commerce, and the subtlety of designing error-free protocols, currently, there are no analysis methods to examine whether a protocol design conforms to the accountability goals of the transaction that it implements. Since most current protocol analysis methods have been developed to analyze key management protocols, they focus on properties such as message replay detection, and key origin authentication (e. In this paper 1 , a new framework is proposed for the analysis of communication protocols that require accountability, such as those for electronic commerce. This framework can be used to analyze protocol designs to detect accountability (or lack thereof). Arguments are presented to show that a heretofore un-explored property \provability" is pertinent to examining the potential use of communication protocols in the context of litigation, and in the context of audit. A set of postulates which are applicable to the analysis of proofs in general and the proofs of accountability in particular, are proposed. The proposed approach is more natural for the analysis of accountability than the existing belief logics (e.g., 4]) that have been used in the past for the analysis of key distribution protocols. Some recently proposed protocols for electronic commerce and public-key delegation are analyzed to illustrate the use of the new analysis framework in detecting (and suggesting remedies for eliminating) their lack of accountability, and in detecting and eliminating redundancies .