In Security, monitors and enforcement mechanisms run in parallel with programs to check, and modify their run-time behaviour, respectively, in order to guarantee the satisfaction of a security policy. For the same policy, several enforcement strategies are possible. We provide a framework for quantitative monitoring and enforcement. Enforcement strategies are analysed according to user-dened parameters. This is done by extending the notion controller processes, that mimics the well-known edit automata, with weights on transitions, valued in a C-semiring. C-semirings permit one to be exible and general in the quantitative criteria. Furthermore, we provide some examples of orders on controllers that are evaluated under incomparable criteria.
Quantitative Evaluation of Enforcement Strategies
Vincenzo Ciancia;Fabio Martinelli;Ilaria Matteucci;
2013
Abstract
In Security, monitors and enforcement mechanisms run in parallel with programs to check, and modify their run-time behaviour, respectively, in order to guarantee the satisfaction of a security policy. For the same policy, several enforcement strategies are possible. We provide a framework for quantitative monitoring and enforcement. Enforcement strategies are analysed according to user-dened parameters. This is done by extending the notion controller processes, that mimics the well-known edit automata, with weights on transitions, valued in a C-semiring. C-semirings permit one to be exible and general in the quantitative criteria. Furthermore, we provide some examples of orders on controllers that are evaluated under incomparable criteria.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
