Just thinking out loud: I assume you have people using it from a web application which they logged into?
If thats the case you could add some another parameter to your service, and when its called from the web application (which has authenticated), have the user name passed in under the hood).
Or with any sort of web calls, you'll probably already have a token. So, however you got that token, can you some how get/send the account at that time?
If you're connecting via Desktop then you may have to look into ways to connect to the security store and do a query there.
Its an interesting question, but the answer will probably be driven by your exact workflow.
Also; you and Darrin are right - the Python code you have will simply show you the windows account running the Server instance (arcsoc.exe process). The tool which is executing has no knowledge of the GIS Server security, it simply knows it can run because you've already got past authentication.