Specifying real-time properties with metric temporal logic
Real-Time Systems
Efficient checking of temporal integrity constraints using bounded history encoding
ACM Transactions on Database Systems (TODS)
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Foundations of Databases: The Logical Level
Foundations of Databases: The Logical Level
Temporal Triggers in Active Databases
IEEE Transactions on Knowledge and Data Engineering
Logics and Models of Real Time: A Survey
Proceedings of the Real-Time: Theory in Practice, REX Workshop
Log Auditing through Model-Checking
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Provisions and Obligations in Policy Rule Management
Journal of Network and Systems Management
Efficient monitoring of safety properties
International Journal on Software Tools for Technology Transfer (STTT) - Special section on tools and algorithms for the construction and analysis of systems
A compositional framework for access control policies enforcement
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
LOLA: Runtime Monitoring of Synchronous Systems
TIME '05 Proceedings of the 12th International Symposium on Temporal Representation and Reasoning
Formal model and policy specification of usage control
ACM Transactions on Information and System Security (TISSEC)
Privacy and Contextual Integrity: Framework and Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Communications of the ACM - Privacy and security in highly dynamic systems
Deriving Enforcement Mechanisms from Policies
POLICY '07 Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks
A note on the formalisation of UCON
Proceedings of the 12th ACM symposium on Access control models and technologies
Regulations Expressed As Logical Models (REALM)
Proceedings of the 2005 conference on Legal Knowledge and Information Systems: JURIX 2005: The Eighteenth Annual Conference
Monitoring Algorithms for Metric Temporal Logic Specifications
Electronic Notes in Theoretical Computer Science (ENTCS)
Run-Time Checking of Dynamic Properties
Electronic Notes in Theoretical Computer Science (ENTCS)
AMT: a property-based monitoring tool for analog systems
FORMATS'07 Proceedings of the 5th international conference on Formal modeling and analysis of timed systems
Monitoring of real-time properties
FSTTCS'06 Proceedings of the 26th international conference on Foundations of Software Technology and Theoretical Computer Science
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Experiences in the logical specification of the HIPAA and GLBA privacy laws
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Policy auditing over incomplete logs: theory, implementation and applications
Proceedings of the 18th ACM conference on Computer and communications security
Specifying and analysing run-time security policies for time dependant services
Proceedings of the First International Workshop on Security and Privacy Preserving in e-Societies
Towards HIPAA-compliant healthcare systems
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Policy monitoring in first-order temporal logic
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Understanding and protecting privacy: formal semantics and principled audit mechanisms
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Enforceable security policies revisited
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Algorithms for monitoring real-time properties
RV'11 Proceedings of the Second international conference on Runtime verification
MONPOLY: monitoring usage-control policies
RV'11 Proceedings of the Second international conference on Runtime verification
Proceedings of the 18th ACM symposium on Access control models and technologies
Enforceable Security Policies Revisited
ACM Transactions on Information and System Security (TISSEC)
The need for capability policies
Proceedings of the 15th Workshop on Formal Techniques for Java-like Programs
Hi-index | 0.00 |
We show the practical feasibility of monitoring complex security properties using a runtime monitoring approach for metric first-order temporal logic. In particular, we show how a wide variety of security policies can be naturally formalized in this expressive logic, ranging from traditional policies like Chinese Wall and separation of duty to more specialized usage-control and compliance requirements. We also explain how these formalizations can be directly used for monitoring and experimentally evaluate the performance of the resulting monitors.