The problem of enforcing a security policy has been particularly well studied over the last decade, following Schneider's seminal work on security automata. We first present in this paper this problem through its qualitative aspect, where one tries to specify and to define a "good" runtime monitor. In particular, we recall that under some conditions, a monitor can be automatically synthesized, using partial model checking. We then introduce some of the quantitative challenges of runtime enforcement, which focus on the problem of defining what does it mean for a monitor to be better than another one, and we sketch several directions that could be explored to tackle this issue. © 2012 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Martinelli, F., Matteucci, I., & Morisset, C. (2012). From qualitative to quantitative enforcement of security policy. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7531 LNCS, pp. 22–35). Springer Verlag. https://doi.org/10.1007/978-3-642-33704-8_3
Mendeley helps you to discover research relevant for your work.