Abstract
We address the challenges arising from enforcing security policies in an imperfect world – in a system involving humans, a determined attacker always has a chance of circumventing any security. We motivate our approach by two examples: an on-line auction house; and a airport security system. In our work, security policies are enforced using a probabilistic aspect-oriented approach; policies are combined using a rich set of policy composition operators. We present the examples using a process-based language in which processes and local data are distributed across a number of locations (network addresses). The formal definition of the language gives rise to Markov Decision Processes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Arieli, O., Avron, A.: The value of the four values. Artif. Intell. 102(1), 97–141 (1998)
Bettini, L., Bono, V., De Nicola, R., Ferrari, G., Gorla, D., Loreti, M., Moggi, E., Pugliese, R., Tuosto, E., Venneri, B.: The Klaim Project: Theory and Practice. In: Priami, C. (ed.) GC 2003. LNCS, vol. 2874, pp. 88–150. Springer, Heidelberg (2003)
Bruns, G., Dantas, D.S., Huth, M.: A simple and expressive semantic framework for policy composition in access control. In: Proceedings of the ACM workshop on Formal methods in security engineering, pp. 12–21. ACM Press, New York (2007)
Bruns, G., Huth, M.: Access-control policies via Belnap logic: Effective and efficient composition and analysis. In: Proceedings of the 21st IEEE Computer Security Foundations Symposium, pp. 163–176. IEEE, Los Alamitos (2008)
De Nicola, R., Katoen, J.-P., Latella, D., Massink, M.: StoKlaim: A Stochastic Extension of Klaim. Technical Report 2006-TR-01, Università degli Studi di Firenze (2006)
De Nicola, R., Vaandrager, F.W.: Action versus state based logics for transition systems. In: Guessarian, I. (ed.) LITP 1990. LNCS, vol. 469, pp. 407–419. Springer, Heidelberg (1990)
Georg, G., Ray, I., France, R.: Using aspects to design a secure system. In: 8th International Conference on Engineering of Complex Computer Systems, pp. 117–126. IEEE Computer Society, Los Alamitos (2002)
Hankin, C., Nielson, F., Riis Nielson, H.: Advice from Belnap policies. In: Proceedings of the 22nd IEEE Computer Security Foundations Symposium, pp. 234–247. IEEE, Los Alamitos (2009)
Hankin, C., Nielson, F., Riis Nielson, H., Yang, F.: Advice for coordination. In: Lea, D., Zavattaro, G. (eds.) COORDINATION 2008. LNCS, vol. 5052, pp. 153–168. Springer, Heidelberg (2008)
Di Pierro, A., Hankin, C., Wiklicky, H.: Probabilistic Klaim. In: De Nicola, R., Ferrari, G.-L., Meredith, G. (eds.) COORDINATION 2004. LNCS, vol. 2949, pp. 119–134. Springer, Heidelberg (2004)
De Win, B., Joosen, W., Piessens, F.: Developing secure applications through aspect-oriented programming. In: Aspect-Oriented Software Development, pp. 633–650. Addison-Wesley, Reading (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hankin, C., Nielson, F., Nielson, H.R. (2010). Probabilistic Aspects: Checking Security in an Imperfect World. In: Wirsing, M., Hofmann, M., Rauschmayer, A. (eds) Trustworthly Global Computing. TGC 2010. Lecture Notes in Computer Science, vol 6084. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15640-3_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-15640-3_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15639-7
Online ISBN: 978-3-642-15640-3
eBook Packages: Computer ScienceComputer Science (R0)