Artificial Intelligence
Action versus State based Logics for Transition Systems
Proceedings of the LITP Spring School on Theoretical Computer Science: Semantics of Systems of Concurrent Processes
Using Aspects to Design a Secure System
ICECCS '02 Proceedings of the Eighth International Conference on Engineering of Complex Computer Systems
A simple and expressive semantic framework for policy composition in access control
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Access-Control Policies via Belnap Logic: Effective and Efficient Composition and Analysis
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
COORDINATION'08 Proceedings of the 10th international conference on Coordination models and languages
| Hi-index | 0.00 |
We address the challenges arising from enforcing security policies in an imperfect world - in a system involving humans, a determined attacker always has a chance of circumventing any security. We motivate our approach by two examples: an on-line auction house; and a airport security system. In our work, security policies are enforced using a probabilistic aspect-oriented approach; policies are combined using a rich set of policy composition operators. We present the examples using a process-based language in which processes and local data are distributed across a number of locations (network addresses). The formal definition of the language gives rise to Markov Decision Processes.