Two conflicting high-level goals govern the enforcement of security policies, abridged in the phrase ``high security at a low cost''. While these drivers seem irreconcilable, formal modelling languages and automated verification techniques can facilitate the task of finding the right balance. We propose a modelling language and a framework in which security checks can be relaxed or strengthened to save resources or increase protection, on the basis of trust relationships among communicating parties. Such relationships are automatically derived through a reputation system, hence adapt dynamically to the observed behaviour of the parties and are not fixed a priori. In order to evaluate the impact of the approach, we encode our modelling language in StoKlaim, which enables verification via the dedicated statistical model checker SAM. The overall approach is applied to a fragment of a Wireless Sensor Network, where there is a clear tension between devices with limited resources and the cost for securing the communication.
Trust-Based Enforcement of Security Policies
Celestini;Alessandro;
2014
Abstract
Two conflicting high-level goals govern the enforcement of security policies, abridged in the phrase ``high security at a low cost''. While these drivers seem irreconcilable, formal modelling languages and automated verification techniques can facilitate the task of finding the right balance. We propose a modelling language and a framework in which security checks can be relaxed or strengthened to save resources or increase protection, on the basis of trust relationships among communicating parties. Such relationships are automatically derived through a reputation system, hence adapt dynamically to the observed behaviour of the parties and are not fixed a priori. In order to evaluate the impact of the approach, we encode our modelling language in StoKlaim, which enables verification via the dedicated statistical model checker SAM. The overall approach is applied to a fragment of a Wireless Sensor Network, where there is a clear tension between devices with limited resources and the cost for securing the communication.| File | Dimensione | Formato | |
|---|---|---|---|
|
978-3-662-45917-1_12.pdf
solo utenti autorizzati
Tipologia:
Versione Editoriale (PDF)
Licenza:
NON PUBBLICO - Accesso privato/ristretto
Dimensione
290.05 kB
Formato
Adobe PDF
|
290.05 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
