The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
Verifying Trustworthiness Requirements in Distributed Systems with Formal Log-file Analysis
HICSS '03 Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9 - Volume 9
Workflow Mining: Discovering Process Models from Event Logs
IEEE Transactions on Knowledge and Data Engineering
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Conformance checking of processes based on monitoring real behavior
Information Systems
Trusted Logging for Grid Computing
APTC '08 Proceedings of the 2008 Third Asia-Pacific Trusted Infrastructure Technologies Conference
ICFEM '08 Proceedings of the 10th International Conference on Formal Methods and Software Engineering
Trustable Remote Verification of Web Services
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
An ECLIPSE Plug-In for Formal Verification of BPMN Processes
CTRQ '10 Proceedings of the 2010 Third International Conference on Communication Theory, Reliability, and Quality of Service
Managing application whitelists in trusted distributed systems
Future Generation Computer Systems
Trusted virtual domains: toward secure distributed services
HotDep'05 Proceedings of the First conference on Hot topics in system dependability
The prom framework: a new era in process mining tool support
ICATPN'05 Proceedings of the 26th international conference on Applications and Theory of Petri Nets
Conformance testing: measuring the fit and appropriateness of event logs and process models
BPM'05 Proceedings of the Third international conference on Business Process Management
Provenance-Based model for verifying trust-properties
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Hi-index | 0.00 |
Often in collaborative research environments that are facilitated through virtual infrastructures, there are requirements for sharing virtual appliances and verifying their trustworthiness. Many researchers assume that virtual appliances -- shared between known virtual organisations -- are naturally safe to use. However, even if we assume that neither of the sharing parties are malicious, these virtual appliances could still be mis-configured (in terms of both security and experiment requirements) or have out-of-date software installed. Based on formal methods, we propose a flexible method for specifying such security and software requirements, and verifying the virtual appliance events (captured through logs) against these requirements. The event logs are transformed into a process model that is checked against a pre-defined whitelist -- a repository of formal specifications. Verification results indicate whether or not there is any breach of the requirements and if there is a breach, the exact steps leading to it are made explicit.