A security enforcement mechanism runs in parallel with a system to check and modify its run-time behaviour, so that it satisfies some security policy. For each policy, several enforcement strategies are possible, usually reflecting trade-offs one has to make to satisfy the policy. To evaluate them, multiple dimensions, such as security, cost of implementation, or cost of attack, must be taken into account. We propose a formal framework for the quantification of enforcement strategies, extending the notion of controller processes (mimicking the well-known edit automata) with weights on transitions, valued in a semiring. © 2014 Springer International Publishing Switzerland.
CITATION STYLE
Ciancia, V., Martinelli, F., Ilaria, M., & Morisset, C. (2014). Quantitative evaluation of enforcement strategies position paper. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8352 LNCS, pp. 178–186). Springer Verlag. https://doi.org/10.1007/978-3-319-05302-8_11
Mendeley helps you to discover research relevant for your work.