Service automata

Authors:
Richard Gay;Heiko Mantel;Barbara Sprick
Affiliations:
Modeling and Analysis of Information Systems, Department of Computer Science, TU Darmstadt, Germany;Modeling and Analysis of Information Systems, Department of Computer Science, TU Darmstadt, Germany;Modeling and Analysis of Information Systems, Department of Computer Science, TU Darmstadt, Germany
Venue:
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Year:
2011

Citing 15
Cited 0

Communicating sequential processes

Communicating sequential processes
The Imposition of Protocols Over Open Distributed Systems

IEEE Transactions on Software Engineering
SASI enforcement of security policies: a retrospective

Proceedings of the 1999 workshop on New security paradigms
Enforceable security policies

ACM Transactions on Information and System Security (TISSEC)
Efficient Decentralized Monitoring of Safety in Distributed Systems

Proceedings of the 26th International Conference on Software Engineering
Coordination between Distributed PDPs

POLICY '06 Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks
Distributed usage control

Communications of the ACM - Privacy and security in highly dynamic systems
Specifying and analyzing security automata using CSP-OZ

ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Synthesis of Local Controller Programs for Enforcing Global Security Properties

ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Security Enforcement Model for Distributed Usage Control

SUTC '08 Proceedings of the 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008)
Controlling Usage in Business Process Workflows through Fine-Grained Security Policies

TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
A Framework for Hierarchical and Recursive Monitoring of Service Based Systems

ICIW '09 Proceedings of the 2009 Fourth International Conference on Internet and Web Applications and Services
Dynamic enforcement of abstract separation of duty constraints

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Policy monitoring in first-order temporal logic

CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
A policy language for distributed usage control

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a novel framework for reliably enforcing security in distributed systems. Service automata monitor the execution of a distributed program and enforce countermeasures before a violation of a security policy can occur. A key novelty of our proposal is that security is enforced in a decentralized though coordinated fashion. This provides the basis for reliably enforcing global security requirements without introducing unnecessary latencies or communication overhead. The novel contributions of this article include the concept of service automata and a generic formalization of service automata in CSP. We also illustrate how the generic model can be tailored to given security requirements by instantiating its parameters in a stepwise and modular manner.