Theoretical Computer Science
ACM Transactions on Information and System Security (TISSEC)
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Nomad: A Security Model with Non Atomic Actions and Deadlines
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Through Modeling to Synthesis of Security Automata
Electronic Notes in Theoretical Computer Science (ENTCS)
Security policy compliance with violation management
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Usage Control Enforcement: Present and Future
IEEE Security and Privacy
Monitoring security policies with metric first-order temporal logic
Proceedings of the 15th ACM symposium on Access control models and technologies
A policy language for distributed usage control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.00 |
We deal with the issue of specifying security policies that can be enforced by monitoring services execution. Currently, the vast majority of works focus on access control, are based on logics, and offer ways to express high level properties of real-time systems. However, the expressivenes power of such logics does not allow us to express recent usage control requirements (like accounting), and the undecidability of such logics hardens the task of analysing and querying such security policies. Our work offers rather an operational approach, by the use of timed automata to specify and analyse security policies that can be enforced through mechanisms that work by monitoring the system execution. We show how to specify such complex policies as combinations of simpler modular policies. Then for a given set of policies, we suggest methods to analyse and establish whether this set of policies is consistent or not.