We introduce a formal framework to specify and enforce quantitative security policies. The framework consists of: (i) a stochastic process calculus to express the measurable space of computations in terms of Continuous Time Markov Chains; (ii) a stochastic modal logic (a variant of CSL) to represent the bound constraints on execution speed; (iii) two enforcement mechanisms of our quantitative security policies: potential and actual. The potential enforcement computes the probability of policy violations, thus providing a sort of static evaluation of when the policy is obeyed. This supports the user to accept/discard a component when the probability of the security violation is below/above a suitable chosen threshold. The actual enforcement computes at run-time the deviation of the execution speed from the acceptable rate. This specifies the execution monitor and drives it to abort unsafe executions. © 2011 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Degano, P., Ferrari, G. L., & Mezzetti, G. (2011). On quantitative security policies. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6873 LNCS, pp. 23–39). https://doi.org/10.1007/978-3-642-23178-0_3
Mendeley helps you to discover research relevant for your work.