Analysis and Optimization of Delegation-based Sequenced Packet Exchange (SPX) Protocol: A Kailar Logic Approach

Accountability within electronic commerce protocols has tremendous significance, especially those that require answerability for the actions taken by participants. In this study, the authors evaluate the delegation of accountability based on the Sequenced Packet Exchange (SPX) protocol. The study emphasizes the concept of provability as a benchmark to formalize accountability. Moreover, this paper proposed a new framework that enables principals to delegate individual rights to other principals and how the delegator's accountability is handed over or retained, which provides the crucial functionality of tracing how accountability is distributed among principals within a system. The study provides a novel solution to accountability challenges and analysis of protocols, such as introducing novel conditions for distributing essential credentials among the grantor and the grantee and analyzing delegation-based protocols. The approach adopted will help prevent potential compromises of the integrity of online transactions. By extension, it will also serve as a best practice solution for settling legal disputes among principals. Keywords—Delegator; accountability; grantor; Kailar logic; principal; client; delegate; grantee


I. INTRODUCTION
The advent of cutting-edge technologies such as Big Data, Cloud Computing, the Internet of Things (IoT), and Web-Based Distributed applications has increased the need for electronic commerce transactions and other web-based services. Apart from revolutionizing the way business is conducted. Research has shown that companies that leverage these technologies gain massive profit margins compared to legacy systems [1].
Also, electronic commerce has progressively developed because of the rapid increase in businesses migrating to the web, which has opened up a new paradigm for computer scientists willing to dedicate their time and resources to the research, design, development, and optimization of protocols that provide security, authentication, authorization, verification, and confidentiality including accountability of internet-based commercial transactions [2], [3].
Lack of accountability among principals in any electronic transaction can introduce deception because of the prevalence of fraud and malicious activities on the internet. Consequently, this can make the electronic transaction process very unreliable. Therefore, proving accountability among principal actors deserves an equal degree of importance as offline transactions. For instance, in a data breach or privacy violation, a network administrator may delegate backup service of sensitive data to junior staff. Therefore, it will be essential for the parties to prove to a third party about their conduct for accountability purposes.
The design of efficient and error-free electronic transaction protocol has been a challenging task in computer science. Computer scientists often rely on formal analysis to detect, optimize flaws and redundancies in the design and production stages. However, most analysis methods before Kailar logic deal with various entities' beliefs and protocols. Therefore, this paper presents a formal analysis method using Kailar Logic [4]. The ability of principals to prove accountability in any electronic transactions is analyzed and evaluated, including how accountability is assured using existing protocols [5], [6].
There has been significant work on other protocols, but research on the analysis of delegation-based protocols is yet to be adequately explored. In this work, the author uses the Kailar Logic analysis method and techniques based on the Delegation-Based SPX protocol to prove accountability among participating principals. In this context, the primary objective of proving accountability and provability among participants within the protocol form the basis of the study [7].

A. Accountability
Accountability in scientific journals is "the state whereby a principal is associated with an action that can be proven to a third party," wherein the third party is different from the prover and the initiator [4]. Similarly, Accountability also means a particular subject can prove to a third party that it is responsible for initiating a specific action or object. However, in this paper, the focus of Accountability is on internet transactions. How relevant principals involved in the transaction keep track of the evidence of each party. For instance, the whole transaction process should be evident or transparent to all participants [7].
Since the goal of the Kailar framework (Kailar Logic) is to provide Accountability among participants of a given Internet transaction, thus ensuring non-repudiation of the parties, which is made possible with the help of transaction records or digital *Corresponding Author www.ijacsa.thesai.org fingerprints. The whole concept hinges on tracking every transaction end-to-end during the process and, most importantly, the source or origin. The result can be used as evidence to resolve legal disputes among participants of any online Internet transaction. This paper uses Accountability based on the above definition [8].

B. Summary of Provability and Belief
A statement y is believed by an individual if he or she is convinced of it. However, suppose a participant can convince another participant about statement y. In that case, it means the participant can prove statement y, which is achieved through the collective conveyance of the validity of statement y to an audience through a set of statements referred to as proof of statement y. Similarly, the capability to produce the required set of statements that can convince an audience about statement y is the capability to prove statement y [9].

C. Asymmetric and Symmetric Encryption
The past decades have witnessed the use of Symmetric Encryption algorithms in many systems and protocols. The encryption scheme is where a single secret key is used to encrypt and decrypt a message possessed by all the participants involved in the communication. Co-relating this definition to the new concept of Believe and Provability, assuming we have two participants in an Internet transaction, namely A and B. If B receives a message encrypted with a key he possesses, which he did not send, he has believed that A sent it. However, he cannot prove this to a third party, making this approach unsuitable for this paper.
Nonetheless, with the growing vulnerabilities on the Internet, the need for a new approach in the form of Asymmetric Encryption is required. This encryption scheme involves two related keys, one public, and the other secret or private keys. The former (public) is used to encrypt the message while the latter decrypts the same message. Moreover, while the private key is kept secure by the participating entities, the public key is made available to everyone to encrypt the message they wish to send. This approach addresses the gap in the symmetric scheme because it does not rely on trust but instead keys belonging to participants themselves, therefore providing accountability. However, they are also susceptible to tampering. Consequently, this work considers using asymmetric encryption techniques for the entire analysis process of the proposed approach.
Based on existing literature, security researchers have made significant progress in protocol analysis. However, the degree of exploration into protocol analysis detailing characteristics of accountability is sparse. In this study, accountability analysis of delegation-based protocols is explored. This inspired the notion that delegation is about the standard technique of conveying accountabilities among principals. The main contributions of the paper are the following:  Developed a new framework that enables principals to delegate individual rights to other principals and went further to show how the delegator's accountability is either handed over or retained.
 Provides a novel solution to accountability challenges and analysis of protocols.
 The result of the approach will help prevent potential compromise of the integrity of online transactions. It will also serve as solution for legal disputes settlement among principals.
The rest of the paper is organized as follows: Section 2 discusses the related work. Section 3 deals with Kailar Logic and its properties, and Section 4 summarizes the symbols and theories utilized in this work. Similarly, Section 5 discusses the proposed Delegation-Based SPX protocol, and finally, Section 6 concludes with a summary.

II. RELATED WORK
Determining which protocol fulfills or lacks the necessary accountability for electronic commerce and other domains, the past decades have seen several researchers proposed quite a few accountability logics for electronic transactions. Therefore, this section discussed a few of the works accomplished by researchers in analyzing accountability.
In [8], the authors stressed the importance of accountability and how it can resolve disputes among participants in any internet transaction. They stated that accountability enables each party to be aware of what has been done and who is responsible for every action performed during the transaction, consequently holding participants involved in a transaction accountable for their actions with undeniable justification. Furthermore, the authors stress that the primary goal of accountability is to use sufficient recorded evidence to resolve disputes among participants, which could be used in a court of law if disputes arise at the end of a transaction, however, despite many researchers' claim that they proposed a protocol that meets the accountability need of internet transactions. The authors of this paper have argued that such claimants are yet to meet the standards needed to eliminate disputes effectively.
The need to address this gap inspired them to propose a new accountability security property for Internet transactions. In their approach to enhancing security, the following two accountability properties were proposed. The first property is centered on responsibility by harvesting evidence for all activities made during Internet transactions, which participants will use to resolve disputes if it arises. Finally, the second property involves responsiveness, availability of evidence, and the speed at which trusted third participants send evidence to external participants to resolve disputes.
A detailed and reliable accountability analysis approach using a mobile payment protocol is proposed in [10]. The proposed protocol comprises five engaging parties: client or payer, who purchases services and goods from merchants, a merchant or payee denoted as a store, or a person who has services and goods to sell to the client. Similarly, a financial company denoted Mobile Network Operator (MNO) serves as a financial company for both the payer and the payee.
Finally, the Time stamp center (TSC) for authorization among the parties. The protocol underscores seven phases with specific functions. They are as follows: payment initialization, payment subtraction request, payment authorization request, www.ijacsa.thesai.org payment confirmation request, payment confirmation response, payment authorization response, and payment subtraction response. The major drawback of the protocol is the use of symmetric encryption, which is the main focus of this paper. Also, the protocol provides weak authentication, such as providing only on payer side. This paper therefore deduces that the approach in this protocol can lead to potential fraud by the attacker. As a result, it lacks all the attributes of accountability.
Similarly, the vulnerability of KN's logic, such as lack of reasoning for accountability in symmetric key and revealing secret information to a verifier, was identified by the authors of [11]. Therefore, to mitigate these challenges, a novel logic (KP's logic) is proposed that will only send the required information to the verifier, and the authors claimed that their approach could eliminate disputes among participants. Nonetheless, research has shown that KP's logic lacks the critical reasoning for accountability in symmetric encryption, inspiring the authors in [12] to extend the KP's logic and proposed the KSL's logic, which has the robustness of analyzing protocols for both asymmetric and symmetric encryption processes. However, their proposed protocol details were never described in detail, but information for more reading was provided in their reference section [13].
Kailar is probably the first to propose a modal logic with the primary objective of reasoning about accountability. It continues to highlight Kaila's definition for accountability as concerned with the ability to prove the association of an originator with some action to a third party without revealing any private information to the third party." The prover is the party who can prove such statements, while the verifier is the party being convinced of the proof. Kailar has adopted the "CanProve" modal operator to validate the notion of accountability, for instance, "A CanProve x to B," where A and B signify the prover and verifier, respectively, and x stands for a general statement about some action [14].
Nevertheless, research has shown that Kailar's approach can only provide reasoning for the accountability of signed messages but is insufficient for analyzing complex cryptographic messages such as hashed messages and signed encrypted messages. Also, quite a few researchers have stated that Kailar's prover CanProve x to verifier cannot justify the predicates and rules because of its lack of semantics and finally does not reason about verifiers [4], [15]. Therefore, they are casting doubts about the correctness of Kailar's calculus, which inspired Kessler and Neumann to adopt a new modal logic to mitigate this challenge. They claimed to have handled this concern found in Kailar's novel framework.
To mitigate the identified concerns in Kessler and Neumann's (K&N) and Kailar's framework, the authors in [16] presented a novel modal logic that extends the idea of Kessler and Neumann, which applies the idea of provable authorization on private information. The prover efficiently sends only the required information to the judge during dispute resolution, enabling proving some statements without revealing secret information. This approach has claimed to be very efficient and safe because the prover can prove statements without revealing any private information to the verifier. The authors extend K&N's logic in two phases used to analyze both iKP and SET protocol, respectively. However, they claimed the message format of SET has led to the lack of accountability after all the two analyses were conducted. Nevertheless, a successful proof of money accountability was achieved for the iKP due to its message format.
Finally, the first automated model of accountability in electronic payment protocol centered on Blanchet probabilistic polynomial calculus was proposed by the authors in [17]. Injective or Non-injective correspondence is used to express the accountability of money and goods, respectively, using CryptoVerif automated tool. The authors were able to automatically analyze the accountability of the money and goods of electronic payment protocols. This approach is found to be very efficient and valuable as it is regarded to be the first of its kind in the analysis of accountability with the electronic transaction [18].

III. KAILAR LOGIC
In 1996, Rajashekar Kailar introduced a new Kailar Logic framework to analyze accountability among participants within electronic-commerce transactions or other related protocols requiring accountability analysis. The rationale behind Kailar Logic is to ascertain the accurate establishment of the origin of a message among the participants involved in a protocol exchange. For instance, participants involved in a protocol exchange or electronic transaction treat signed messages as undeniable statements. Therefore, to convince another party through the use of proof of statements in a sequence of operations will consequently make that statement true.
Before the advent of the Kailar Logic, most of the logic was based on a belief approach that has yet to address the needs of modern protocols adequately. The introduction of Kailar Logic provides accountability analysis of protocols and enables the detection and deletion of redundant information within analyzed protocols [4].
Kailar Logic uses the following six (6) logic components as signs and four (4) postulates as explained in the next section.

A. Components of Kailar Logic
This paper considers only a few of Kailar Logic statements and postulates that would be needed to analyze the protocol's accountability. Also, due to restriction of content, these statements and postulates are briefly explained. www.ijacsa.thesai.org 1) Strong Proof: "A CanProve x" and Weak Proof: "A CanProve x to B": Firstly, the Strong Proof: "A CanProve x" is the proofing of x to a third party B by principal A, which denotes that A can persuade the principal B of statement x by executing a series of sequence of operations and not disclosing any secret of y(y≠x) to B. Finally, Weak Proof: "A CanProve x to B", is the process of weakly proving statement x to principal B, which means principal A can persuade the principal B of statement x after performing a sequence of operations that do not disclose any secret about y(y≠x) to B. However, to attain accountability in this work, this paper only use the Strong Proof: "A CanProve x" [4].
2) Signature Verification Component: "K a Authenticates A": This statement denotes that the signature of principal A can be authenticated using the key K a . Therefore, to fulfill the needs of accountability analysis in this paper, any encrypted statement with K a can be associated with principal A. Also, since it was mentioned earlier that this paper would be using asymmetric encryption in this work, K a can safely be denoted as the public key and K a -1 to be the private key to enhance the easy understanding of this statement.
3) Message Interpretation: "x in m": The statement "x in m" implies that x is one or several plaintexts or ciphertext fields or groups found in the message m, which is commonly just referred to as the interpretable fields or groups in many works of literature. However, this interpretation needs to be clearly defined by the protocol designers because it is protocol specific.

4) Declaration Component: "A Says x":
The declaration A Says x implies that the principal A is answerable for the statement x and any other statement implied by the x, making A to be accountable for x. Furthermore, if A says any statement composed of more than one part, A is accountable for all of those statements. For instance, if A declares the cascade of two formulas x and y, then A declares each of them, A Says (x, y) ⇒ A Says x and A Says y.

5) Message Receiving Component: "A Receives m
SignedWith K -1 ": The message receipt denotes that the Principal A receives a message m signed with a private key K -1 . Also, in this definition, the signatures and contents associated with the messages are denoted by m. The following postulate is used for analysis in most of the existing literature. It indicates that x is a combination of fields or an interpretation of a field within the message.

6) Trust Component: "A IsTrustedOn x" and "
A IsTrustedOn x by B" : Finally, the global and no-global trust denotes that if principal A is trusted on statement x, then A has the power to endorse x and equally liable for making statement x. However, to be specific, when A is globally trusted on x ("A IsTrustedOn x"), then it means A IsTrustedOn x by all principal, in contrary, when A is Nonglobally trust on x ("A IsTrustedOn x by B"), then it means that the principal A is accountable to prove to principal B that A is responsible for statement x, which means that A is trusted on statement x [4].

B. Postulates of Kailar Logic
This segment introduces the properties of accountability by using some of the notations explained below. Although Kailar Logic has lots of postulates, some of which are general properties and others are specific to electronic messages that are digitally signed. However, this paper will only introduce the necessary postulates to analyze accountability among participants with an electronic transaction. Therefore, below are some of the utilized postulates, and the following form will be used to express the postulates presented in this paper.
The above postulate signifies that if the statement P and Q hold concurrently, then it means the resulting statement R equally holds, and P and Q signify the basis of the rule.

1) Conjunction:
This postulate denotes that if the principal A can prove that both statement x and y hold, consequently A can prove that the conjunction x∧y is true. It is instrumental in analyzing the accountability among principals because to examine the proving scope of each principal, this postulate can compose their statements to conclude. Similarly, the individual statements signed and sent across the network can be used to hold principals accountable for the composite statements they have made.
∧ 2) Inference: In [4], principal A can prove y holds if A can prove x and at the same time x denotes y, which also means since x implies y and A can prove x, then A can prove that y is real. Statements such as (x⇒y), which is used to express the interpretation of signed messages, should always be explicitly defined by the protocol designers, and usually used in the analysis to derive inferred results from statements that are ascertained.
⇒ 3) Signature Rules: When A receives a message m signed with key K -1 , and at the same time the message m contains statement x, and principal A can prove that during the message signature, the key K authenticates the principal B. Therefore, B Says x can indeed be proved by the principal A. This postulate plays a significant role in helping to prove that principals are accountable for the messages signed by them.
A Receives (m SignedWith K -1 ); x in m; 4) Trust Rules: As mentioned earlier, the paper will focus on the postulates that have importance toward the www.ijacsa.thesai.org accountability analysis. Therefore, other trust postulates will not be primarily included in this paper but will be used as a prerequisite to get to the results of the trust postulate used in this paper. Consequently, newbies to this framework will need to go and read the missing trust postulates. This trust postulate denotes that if the principal B, who is an authority on x, and at the same time Says x, can be proved by principal A, then A can prove that the statement x holds. The outcome below can be attained by applying Conjunction, Inference on T 1 , which is not presented in this work, and finally applying T 2 on the resulting statement. Note that the author decided to exclude both T 1 and T 2 in this work.
A CanProve (B Says x);

IV. SUMMARY OF THE SYMBOLS AND THEORIES
This paper, as mentioned earlier, will follow the general communication protocol, which has a group of principals exchanging messages among each other, commonly denoted by uppercase letters, for instance (X, Y…). Similarly, the message interpretations are the statements by each message and are commonly denoted by lowercase letters (x, y …), and these terms will enhance the primary objectives of proving the origin of the message based on the capacity of the involved principals. For instance, a proof of statement x can be regarded as a set of operations that convinces another principal of statement x. However, the steps of the proof are mainly dependent on the specifications of the designed protocol. Therefore, this paper will not stress on the steps of proof but instead the analysis of accountability within the Delegation-Based Sequenced Packet Exchange (SPX) [19]. Furthermore, this paper uses the Greek Capital Letter Psi (Ψ) to represents the set of rights that a principal can execute. Equally, the paper introduces a new term called CanExecute, which symbolizes the ability a principal has to execute certain delegated or given rights. For instance, "X CanExecute Ψ.": It means principal X has all the rights to execute the assigned rights to Ψ. Similarly, "X CanExecute Ψ with K.": This means that principal X can only execute the rights assigned to Ψ with the key K, and in both examples, principal X will be held responsible for those executed rights. As mentioned earlier, rights could mean objects or actions to be executed.

A. Synopsis of the Newly Introduced "X CanExecute Ψ"
Postulates As discussed above regarding the "X CanExecute Ψ" postulate, this section will not only help the readers to understand the full capabilities of this postulate, but it will also highlight its significances in the analysis stage. A principal providing can execute a right or set of rights he or she has permission to execute from another principal, who could be a Trusted Authority in this analysis, such as administrator of computer systems and networks, as mentioned in the introduction. Expressly, a principal can only delegate the rights he or she can execute to another principal. For instance, principal X can only delegate a set of rights Ψ to principal Y only if it has the right to execute the rights listed in Ψ. To conclude, the above-delegated rights Ψ executed by to Y should hold principal X answerable for delegating these rights to principal Y, and there must be authentication in place when principal Y executes the delegated rights Ψ. Therefore, this paper introduces two new postulates to support our analysis, and they are denoted as [Ẍ], and [Ỹ], respectively.

1) [Ẍ]:
The postulate above, "[Ẍ]", denotes that the listed set of rights in Ψ can be executed by principal X, while in the second statement, he or she also delegates to principal Y to execute the same rights. Finally, the postulate's last statement denotes that in executing the delegated rights listed in Ψ, principal Y will be authenticated with the key K Del . However, to illustrate the magnitude of power a principal has when delegated to execute given sets of rights, we can omit the authentication key K, which means once a principal "X CanExecute Ψ with K", then principal "X CanExecute Ψ " without the key K, which the author defined in [Ỹ]. X CanExecute Ψ X Says (delegation of Ψ o Y); 2) [Ỹ]: Likewise, the above postulate "[Ỹ]" will be employed during the accountability analysis. This postulate will enable the efficient proof of principals' answerability for the given or delegated sets of rights to execute. For instance, if "Y CanExecute Ψ with K Del " where Y is the delegate, then our analysis should be able to justify "delegate CanProve (delegate CanExecute Ψ with K Del ), in which K Del represents the delegation key of the protocol. Likewise, the delegator's proof of not being responsible for the delegate's actions is equally significant. For example, if "X Says (delegations of Ψ to Y)" where X is the delegator, and Y is the delegate, then principal X should be able to prove that Y is answerable for the actions executed on the delegated set of rights listed in Ψ, which can be denoted as delegator (X) CanProve (K Del Authenticates delegate(Y))

B. The Deletion-based Sequenced Packet Exchange (SPX)
In this section, a Delegation-Based Sequenced Packet Exchange (SPX) is used to study how delegates can hold or prove that the delegators are answerable for their actions during an electronic transaction and vice visa. The authors of [19] highlighted that in SPX, the principals exchange authentication tokens to authenticate each other, which authorizes the secure exchange of session keys. Furthermore, this paper focuses on the analysis of accountability and the delegation capability SPX provides but not the detailed explanation of the SPX protocol. Therefore, readers can refer to [19] for more information. Regardless, this paper provides a brief synopsis of the content of the SPX authentication exchange: (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 12, No. 8, 2021 547 | P a g e www.ijacsa.thesai.org Client CanProve (Ks Authenticates Server) [G1] Server CanProve (Kc, Authenticates Client) [G2] Delegate CanProve (KDel, Authenticates Delegator) [G3] The description of the protocol is as follows: This section explains a classical Delegation-Based SPX protocol presented in Fig. 1, using the above notation (1-6). Firstly, C denotes the Claimant, S denotes the verifier, while CDC is the Certificate Distribution Center. The first message (message_1) signifies C is sending the identity of the verifier to CDC, then CDC responds with a certificate belonging to S issued by the Trusted Authority1 (TA 1 ) in the second message (message_2), which is encrypted with the private key of CDC. Next, C sends its delegation public key in the following message (message_3), a secret DES key Kdes, encrypted with S's public key, and the private delegation key encrypted with this secret key. To verify the signature on the delegation key C, S gathers the above information, sends the certificate of C to CDC, and gets a key certificate issued by Trusted Authority2 (TA 2 ) from CDC (message_4 and message_5). Finally, the public key of C in the received certificate was employed by S to authenticate the signature of C on the delegation key. S will respond in the last message ((message_6) with an "Accept" only if he or she is convinced with C's delegation key; else, respond "Reject." Note that TA 1 , TA 2 , and CDC can make certain statements based on the role of Trusted Authorities.
The primary objective of the protocol is for principal S to securely obtain a delegation key from principal C, which means principal C is authorizing principal S to serve as a delegate by allocating a set of rights that belongs to C with S for a given period, defined as T. However, it is equally important to note that this protocol is not designed to delegate accountability among principals since the transferred rights to principal S still belong to principal C. Consequently, it is infeasible to analyze accountability within principals, thereby necessitating the proposal of a new framework in this paper.
It is important to note that from now onwards, this work will be using Cyrillic Capital Letter Omega Ѡ to represent the messages in the diagram like Ѡ 1 , Ѡ 2 , …, Ѡ N.

C. Reformulating the Deletion-Based Sequenced Packet Exchange (SPX)
This section, reformulated the protocol description given above based on the notations adopted by Kailar's logic in [20]. It targets the statements or goals mentioned earlier, such as (KS, Authenticates S), (K Del Authenticates C during T) and (KC Authenticates C) in the protocol description, which express the semantics of Ѡ 2 , Ѡ 3 , and Ѡ 5 , respectively, and this has a great significance to the subsequent analysis of the protocol. The following denotes the protocol message interpretation based on Kailar's notation and the protocol's relevant messages. However, irrespective of the chronological ordering of the above messages, it should be noted that the Ѡ 5 "S Receives (((Kc, Authenticates C) SignedWith K TA2 -1 ) SignedWith K CDC -1 )" which derives the key K C for authenticating the signature of Ѡ 3 has to come first during the analysis stage as a result of Ѡ 3 needing the key K C for signature authentication.

V. ANALYSIS OF THE SPX PROTOCOL
The analysis will start with SPX without delegation, and the objective of this section is to justify if the SPX protocol without delegation will be able to still prove accountability among principals by using the delegation key (K Del ) as mentioned earlier based on Kailar's framework, denoted as "S CanProve (K Del Authenticates C)." In this case, both the delegate and the delegator's objective is to prove what they are answerable for and the answerability of the other principal. Nevertheless, because the same key (K Del ) is used to authenticate both the delegator and the delegate, there will not be any accountability. For instance, the Goal "S CanProve (K Del Authenticates C)" where S is the delegator and C is the delegate, will hold the principal S accountable for C's actions even though she has delegated all the rights to C because the key K Del authenticates S, therefore losing accountability in this process. As a result, this paper concludes that SPX, without support for delegation, cannot guarantee accountability among the principals involved. The following section provides the analysis of the improved Delegation-Based SPX protocol.

A. Summary of the Proposed Delegation-Based Accountability Protocol
After comprehensive research on protocols proposed for delegation tokens such as in [21]- [23], this paper proposed an optimized protocol, which has the functionality of allowing principals to delegate certain individual rights to other principals, which also means the delegation of a principal's accountability to another principal who is responsible in the event something went wrong during a transaction. In this approach, the author makes some assumptions such as; www.ijacsa.thesai.org 1) The ability of principals to have access to digital signature services and generate public key pairs.
2) The inclusion of authentication keys within the public keys attain by principals for the verification of digital signatures.
3) Excluding principal authentication, this is assumed to be handled at the start of the protocol. Therefore, below are some of the explanations for the terms and concepts introduced for the proposed protocol.
 Firstly, Ṟ is the grantor, while Ṝ is the Grantee.
 The sets of delegated rights to be executed are represented by Ψ as mentioned earlier.
 The period of the delegation token T is represented by TS.
 The delegation key pairs (K Del , K Del -1 ), is the use by the Grantee to execute the list of rights in Ψ.
 Finally, Ḿ, Ḿ′, and Ḿ′′ will be described within the proposed protocol listed below.
The proposed delegation-based accountability protocol is listed as follows, and its represented by ƛ 1, ƛ 2, …, ƛ N . In the first message ([ƛ 1 ]), the Ḿ signifies that "Ṟ wishes to delegate to Ṝ accountability for Ψ." Similarly, Ḿ′ equally signifies that "Ṝ accepts Ψ and she will exercise Ψ using K Del " in the second message ([ƛ 2 ]), and finally, Ḿ′′ signifies [Ψ, TS, K Ṟ , and K Del ] in the final message ([ƛ 3 ]), where TS signifies the delegation token's time span. Moreover, to mitigate phishing attacks, in ƛ 3 , the essential K Ṟ -1 is used to represent the grantor instead of using the name "Ṟ" this is because even an attacker succeeded in masquerading as Ṟ, he cannot delegate the grantor's accountability because he did not know K Ṟ -1 . Similarly, Ṝ is only allowed to execute the set of rights in Ψ by the approval of the grantor (Ṟ).
In conclusion, there are quite a few assumptions made based on the referenced papers on delegations' tokens which might not be included in this paper. Therefore, the reader can refer to these articles for a better understanding of some of the conditions imposed based on delegation tokens [21], [23].

B. Initial State Assumptions
The needed initial assumptions are listed below for our accountability analysis. Note that Ṟ and Ṝ represent the Grantor and the Grantee, respectively, as indicated above, whereas the Greek Capital Letter Xi (Ξ) is used to represent the assumptions such as Ξ 1 , Ξ 2 , …, Ξ N .
[Ξ ]: Ṟ CanProve (KṞ Authenticates Ṟ); This paper denotes that assumptions Ξ 1 , Ξ 2 , and Ξ 3 , to be associated with asymmetric keys, which means that the association of principals to statements can be proved with the help of public-key certificates. Moreover, Ξ 4 assumes that Grantee CanProve Grantor is able to execute the set of rights listed in Ψ. However, even though Ṟ been the grantor is delegating the grantee been Ṝ, the grantee has to be convinced the delegated rights belong to Ṟ.
Similarly, Ξ 5 is assumed to be trusted during the announcement of its delegation key because he is accountable for the message signed with this key. Lastly, this paper's objective, as mentioned earlier, is not on the authentication of principals but on the delegation. Therefore, the author makes Ξ 6 and Ξ 7 based on the assumption that before the delegation protocol starts, the primary goals of a public key distribution protocol were reached as implemented in the certificate distribution center of the SPX protocol [19].

C. Objectives and Improved Delegation-Based Accountability Protocol
The following denotes the improved protocol message interpretation based on Kailar's notation and the protocol's relevant messages. Similarly, below are the main Objectives and explanations, which will be used together with the inference rules of Kailar logic, the assumptions made, and the protocol messages during the accountability analysis to attain the goals listed below. Thus, this works represents the goals as Greek Capital Letter Pi (Π) such as Π 1 , Π 2 , … Π N , and the first goal of our accountability analysis is: Finally, to ensure accountability between the Grantor and the Grantee, the analysis in this paper wants to prove that the Grantor can prove the delegation key "K Del " is used to authenticate the Grantee because Ṟ cannot be accountable for "Ṝ′ CanExecute Ψ using K Del ." Therefore, the second goal of this paper's analysis will be as follows; www.ijacsa.thesai.org

D. Analysis of the Improved Delegation-Based Accountability Protocol
The author starts the delegation accountability analysis by applying the sign postulate on Ѡ 3 and A7 to obtain the following results, which will help us in the next step of the analysis, it is important to note that the sign postulates are represented by λ 1, λ 2, …, λ N.
[λ1]: Ṝ CanProve (Ṟ Says (delegation of Ψ o Ṝ)) Therefore, in attaining the above results, we will use the Conjunction (Conj) postulate on assumptions Ξ 3 , Ξ 4 , and the λ 1 attained above, the final results after the above process are; [Π1]: Ṝ CanProve (Ṝ CanExecute Ψ w KDel) Note that at this stage of the analysis, we have proven our first goal as stated above, which means that the grantee can prove he or she is accountable for executing the actions or rights listed in Ψ using the key K Del . Furthermore, now we can use the sign postulate and apply it to Ѡ 2 and Ξ 6 to show the results below, which will help us achieve our final goal. Therefore, applying λ 2 on Ѡ 2 and Ξ 6 , we have the following; [λ3]: Ṟ CanProve (Ṝ Says (KDel Authenticates Ṝ)) In conclusion, our Π 2 is deduced by Trust postulates using λ 3 and Ξ 5 as the basis. Consequently, we conclude that our analysis shows that the improved protocol achieves its objectives, such as empowering the Grantor Ṟ and the Grantee Ṝ to hold each other accountable for their actions made after the protocol. For instance, the Grantor (Ṟ) can prove that the delegation key K Del authenticates Ṝ.

VI. CONCLUSION
The increasing security and privacy threat on the internet has made accountability a significant necessity in almost all electronic commerce transactions.
Identifying protocol messages that need to provide accountability assurances during the design of electronic commerce protocols or other internet transaction-related protocols should be regarded with great significance and mainly to avoid disputes among participants in a given transaction. This paper raises the importance of accountability, especially in electronic transactions. Additionally, we introduce in detail a framework to analyze accountability of delegation-based SPX protocol. Delegation allows transfers of a set of rights to another principal to execute, such as from a delegator to a delegate. The result of our study proved that the critical issues of accountability associated with the transferred rights are disregarded or ignored by many. Finally, the paper recommends consideration of accountability during the design of protocols, especially for electronic commerce, in order to prevent possible dispute among participants during a transaction. For future work, the Author intends to explore Kailar's framework to analyze more protocols.