×

Gate automata-driven run-time enforcement. (English) Zbl 1238.68073

Summary: Security and trust represent two different perspectives on the problem of guaranteeing the correct interaction among software components.
Gate automata have been proposed as a formalism for the specification of both security and trust policies in the scope of the security-by-contract-with-trust (\(\text{S}\times \text{C}\times \text{T}\)) framework. Indeed, they watch the execution of a target program, possibly modifying its behaviour, and produce a feedback for the trust management system. The level of trust changes the environment settings by dynamically activating/deactivating some of the defined gate automata.
The goal of this paper is to present gate automata and to show a gate automata-driven strategy for the run-time enforcement in the \(\text{S}\times \text{C}\times \text{T}\).

MSC:

68Q45 Formal languages and automata
68N30 Mathematical aspects of software engineering (specification, verification, metrics, requirements, etc.)

Software:

ConSpec
PDFBibTeX XMLCite
Full Text: DOI

References:

[1] G. Costa, N. Dragoni, A. Lazouski, F. Martinelli, F. Massacci, I. Matteucci, Extending security-by-contract with quantitative trust on mobile devices, in: Proceedings of CISIS 2010, 2010, pp. 872-877.; G. Costa, N. Dragoni, A. Lazouski, F. Martinelli, F. Massacci, I. Matteucci, Extending security-by-contract with quantitative trust on mobile devices, in: Proceedings of CISIS 2010, 2010, pp. 872-877.
[2] G. Costa, I. Matteucci, Trust-driven policy enforcement through gate automata, in: Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2011 Fifth International Conference, July 2011, 208-215, doi:10.1109/IMIS.2011.88; G. Costa, I. Matteucci, Trust-driven policy enforcement through gate automata, in: Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2011 Fifth International Conference, July 2011, 208-215, doi:10.1109/IMIS.2011.88
[3] Aktug, I.; Naliuka, K., ConSpec—a formal language for policy specification, Sci. Comput. Programming, 74, 1-2, 2-12 (2008) · Zbl 1160.68397
[4] L. de Alfaro, T.A. Henzinger, Interface automata, in: ACM, (Ed.), Proceedings of the 8th European Software Engineering Conference, 2001.; L. de Alfaro, T.A. Henzinger, Interface automata, in: ACM, (Ed.), Proceedings of the 8th European Software Engineering Conference, 2001.
[5] Costa, G.; Dragoni, N.; Issarny, V.; Lazouski, A.; Martinelli, F.; Massacci, F.; Matteucci, I.; Saadi, R., Security-by-contract-with-trust for mobile devices, JOWUA, 1, 4, 75-91 (2010)
[6] Koshutanski, H.; Martinelli, F.; Mori, P.; Borz, L.; Vaccarelli, A., A fine grained and x.509 based access control system for globus, (OTM Conferences, vol. 2 (2006), Springer), 1336-1350
[7] M. Colombo, F. Martinelli, P. Mori, M. Petrocchi, A. Vaccarelli, Fine grained access control with trust and reputation management for globus, in: OTM Conferences, vol. 2, 2007, pp. 1505-1515.; M. Colombo, F. Martinelli, P. Mori, M. Petrocchi, A. Vaccarelli, Fine grained access control with trust and reputation management for globus, in: OTM Conferences, vol. 2, 2007, pp. 1505-1515.
[8] Koshutanski, H.; Lazouski, A.; Martinelli, F.; Mori, P., Enhancing grid security by fine-grained behavioral control and negotiation-based authorization, Int. J. Inf. Secur, 8, 4, 291-314 (2009)
[9] Schneider, F. B., Enforceable security policies, ACM Trans. Inf. Syst. Secur., 3, 1, 30-50 (2000)
[10] Ligatti, J.; Bauer, L.; Walker, D., Edit automata: enforcement mechanisms for run-time security policies, Int. J. Inf. Secur., 4, 1-2 (2005)
[11] Bartoletti, M., Usage automata, (Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security. Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security, LNCS, vol. 5511 (2009)), 52-69 · Zbl 1252.68162
[12] Martinelli, F.; Matteucci, I., Through modeling to synthesis of security automata, Electron. Notes Theor. Comput. Sci., 179, 31-46 (2007)
[13] Dragoni, N.; Martinelli, F.; Massacci, F.; Mori, P.; Schaefer, C.; Walter, T.; Vetillard, E., Security-by-contract (SxC) for software and services of mobile systems, (At Your Service—Service-Oriented Computing from an EU Perspective (2008), MIT Press)
[14] Martinelli, F.; Mori, P., On usage control for grid systems, Future Gener. Comput. Syst., 26, 7, 1032-1042 (2010), Elsevier Science
[15] Costa, G.; Martinelli, F.; Mori, P.; Schaefer, C.; Walter, T., Runtime monitoring for next generation Java ME platform, Comput. Secur. (2009)
[16] Desmet, L.; Joosen, W.; Massacci, F.; Naliuka, K.; Philippaerts, P.; Piessens, F.; Vanoverberghe, D., The S3MS.NET run time monitor: tool demonstration, Electron. Notes Theor. Comput. Sci., 253, 5, 153-159 (2009)
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.