Istituto di Informatica e Telematica     
Martinelli F., Matteucci I., Santini F. There are Two Sides to Every Question - Controller Versus Attacker. In: Programming Languages with Applications to Biology and Security 2015 (Pisa, Italia, 19-06 2015). Proceedings, pp. 304 - 318. Chiara Bodei, Gian Luigi Ferrari, Corrado Priami (eds.). (Lecture Notes in Computer Science, vol. 9465). Springer International Publishing Switzerland, 2015.
We investigate security enforcement mechanisms that run in parallel with a system; the aim is to check and modify the run-time behaviour of a possible attacker in order to guarantee that the system satisfies some security policies. We focus on a CSP-like quantitative process-algebra to model such processes. Weights on actions are modelled with semirings, which represent a parametric structure where to cast different metrics. The basic tools are represented by a quantitative logic and a model checking function. First, the behaviour of the system is removed from the parallel computation with respect to some security property to be satisfied. Secondly, what remains is refined in two formulas with respect to the given operator executed by a controller. The result describes what a controller has to do to prevent a given attack.
DOI: 10.1007/978-3-319-25527-9 20
Subject web services composition
C.2.0 Security and protection

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional