Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Bates, Adama; * | Butler, Kevin R.B.a | Sherr, Micahb | Shields, Clayb | Traynor, Patricka | Wallach, Danc
Affiliations: [a] University of Florida, Gainesville, FL, USA. E-mails: bates@cise.ufl.edu, butler@ufl.edu, traynor@cise.ufl.edu | [b] Georgetown University, Washington, DC, USA. E-mails: msherr@cs.georgetown.edu, clay@cs.georgetown.edu | [c] Rice University, Houston, TX, USA. E-mail: dwallach@cs.rice.edu
Correspondence: [*] Corresponding author: Adam Bates, Southeastern Security for Enterprise and Infrastructure (SENSEI) Center, Department of Computer & Information Science & Engineering, E451 CSE Building, PO Box 116120, Gainesville, FL 32611, USA. Tel.: +1 352 392 1090; Fax: +1 352 392 1220; E-mail: bates@cise.ufl.edu.
Abstract: In many democratic countries, Communications Assistance for Law Enforcement Act (CALEA) wiretaps are used by law enforcement agencies to perform investigations and gather evidence for legal procedures. However, existing CALEA wiretap implementations are often engineered with the assumption that wiretap operators are trustworthy and wiretap targets do not attempt to evade the wiretap. Although it may be possible to construct more robust wiretap architectures by reengineering significant portions of the telecommunications infrastructure, such efforts are prohibitively costly. This paper instead proposes a lightweight accountable wiretapping system for enabling secure audits of existing CALEA wiretapping systems. Our proposed system maintains a tamper-evident encrypted log over wiretap events, enforces access controls over wiretap records, and enables privacy-preserving aggregate queries and compliance checks. We demonstrate using campus-wide telephone trace data from a large university that our approach provides efficient auditing functionalities while incurring only modest overhead. Based on publicly available wiretap reporting statistics, we conservatively estimate that our architecture can support tamper-evident logging for all of the United States’ ongoing CALEA wiretaps using three commodity PCs.
Keywords: Wiretapping, accountability, secure logging, secure audit
DOI: 10.3233/JCS-140515
Journal: Journal of Computer Security, vol. 23, no. 2, pp. 167-195, 2015
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl