Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Data Privacy Management

International Workshop on Quantitative Aspects in Security Assurance

International Workshop on Autonomous and Spontaneous Security

DPM 2014, QASA 2014, SETOP 2014: Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance pp 233–249Cite as

Introducing Probabilities in Controller Strategies

  • Conference paper
  • First Online:

  • 1592 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8872))

Abstract

In this paper we propose a basic framework to merge security controllers with probabilistic concepts. This framework provides a first step towards quantitative security achieved by probabilistic controllers. It extends the framework for specification, analysis, and automatic generation of security controllers provided in [21, 23] by considering probabilistic aspects of the behaviour of both the target process and the controller. Controllers may actively try to influence the choice of action of the target system or only passively react to actions the target system tried to perform. In a non-probabilistic setting both active and passive controllers can be expressed by the same model. In a probabilistic setting, however, these two types of controllers can differ. We respectively use the notions of generative and reactive processes to capture this distinction and discuss the different behaviours obtaining in the different settings.

This work has been partially supported by the Italian TENACE PRIN Project (#20103P34XC), ARTEMIS J.U. SESAMO (#295354) and EU FP7 Marie Curie project MEALS (#295261).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Aldini, A., Gorrieri, R.: Security analysis of a probabilistic non-repudiation protocol. In: Hermanns, H., Segala, R. (eds.) PROBMIV 2002, PAPM-PROBMIV 2002, and PAPM 2002. LNCS, vol. 2399, pp. 17–36. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  2. Andova, S.: Process algebra with probabilistic choice. In: Katoen, J.-P. (ed.) AMAST-ARTS 1999, ARTS 1999, and AMAST-WS 1999. LNCS, vol. 1601, pp. 111–129. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  3. Baier, C., Hermanns, H.: Weak bisimulation for fully probabilistic processes. In: Grumberg, O. (ed.) Computer Aided Verification. LNCS, pp. 119–130. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  4. Bartoletti, M., Degano, P., Ferrari, G.L.: Policy framings for access control. In: Proceedings of the 2005 Workshop on Issues in the Theory of Security, pp. 5–11. ACM (2005)

    Google Scholar 

  5. Basin, D., Jugé, V., Klaedtke, F., Zălinescu, E.: Enforceable security policies revisited. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 309–328. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  6. Bauer, L., Ligatti, J., Walker, D.: More enforceable security policies. In: Cervesato, I. (ed.) Foundations of Computer Security: proceedings of the FLoC 2002 workshop on Foundations of Computer Security, pp. 95–104. DIKU Technical Report (2002)

    Google Scholar 

  7. Bauer, L., Ligatti, J., Walker, D.: Edit automata: enforcement mechanisms for run-time security policies. Int. J. Inf. Secur. 4(1–2), 2–16 (2005)

    Google Scholar 

  8. Bielova, N., Massacci, F.: Predictability of enforcement. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 73–86. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  9. Buchholz, P., Kemper, P.: Quantifying the dynamic behavior of process algebras. In: de Alfaro, L., Gilmore, S. (eds.) Proceedings of the Joint International Workshop on Process Algebra and Probabilistic Methods, Performance Modeling and Verification. LNCS, vol. 2165, pp. 184–199. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Caravagna, G., Costa, G., Pardini, G.: Lazy security controllers. In: Jøsang, A., Samarati, P., Petrocchi, M. (eds.) STM 2012. LNCS, vol. 7783, pp. 33–48. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  11. Ciancia, V., Martinelli, F., Ilaria, M., Morisset, C.: Quantitative evaluation of enforcement strategies: position paper. In: Danger, J.-L., Debbabi, M., Marion, J.-Y., Garcia-Alfaro, J., Heywood, N.Z. (eds.) FPS 2013. LNCS, vol. 8352, pp. 178–186. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  12. Drábik, P., Martinelli, F., Morisset, C.: Cost-aware runtime enforcement of security policies. In: Jøsang, A., Samarati, P., Petrocchi, M. (eds.) STM 2012. LNCS, vol. 7783, pp. 1–16. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  13. Easwaran, A., Kannan, S., Lee, I.: Optimal control of software ensuring safety and functionality. Technical report MS-CIS-05-20, University of Pennsylvania (2005)

    Google Scholar 

  14. Glabbeek, R.V., Smolka, S., Steffen, B.: Reactive, generative and stratified models of probabilistic processes. Inform. Comput. 121, 130–141 (1990)

    Google Scholar 

  15. den Hartog, J.I., de Vink, E.P.: Mixing up nondeterminism and probability: a preliminary report. Electr. Notes Theor. Comput. Sci. 22, 88–110 (1999)

    Article  Google Scholar 

  16. Hoare, C.: Communicating Sequential Processes, vol. 178. Prentice-hall, Englewood Cliffs (1985)

    MATH  Google Scholar 

  17. Kwiatkowska, M., Norman, G., Parker, D.: PRISM 4.0: verification of probabilistic real-time systems. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 585–591. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  18. Ligatti, J., Bauer, L., Walker, D.W.: Enforcing non-safety security policies with program monitors. In: di Vimercati, S.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 355–373. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  19. Lowe, G.: Representing nondeterminism and probabilistic behaviour in reactive processes. Technical report PRG-TR-11-93, Oxforf University Computing Laboratory (1993)

    Google Scholar 

  20. Mallios, Y., Bauer, L., Kaynar, D., Martinelli, F., Morisset, C.: Probabilistic cost enforcement of security policies. In: Accorsi, R., Ranise, S. (eds.) STM 2013. LNCS, vol. 8203, pp. 144–159. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  21. Martinelli, F.: Analysis of security protocols as open systems. Theor. Comput. Sci. 290(1), 1057–1106 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  22. Martinelli, F., Matteucci, I.: Through modeling to synthesis of security automata. Electr. Notes Theor. Comput. Sci. 179, 31–46 (2007)

    Article  Google Scholar 

  23. Martinelli, F., Matteucci, I.: A framework for automatic generation of security controller. Softw. Test. Verif. Reliab. 22(8), 563–582 (2012)

    Google Scholar 

  24. Martinelli, F., Morisset, C.: Quantitative access control with partially-observable markov decision processes. In: Proceedings of CODASPY 2012, pp. 169–180. ACM (2012)

    Google Scholar 

  25. Molloy, I., Dickens, L., Morisset, C., Cheng, P.C., Lobo, J., Russo, A.: Risk-based security decisions under uncertainty. In: Proceedings of CODASPY 2012, pp. 157–168. ACM (2012)

    Google Scholar 

  26. Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3(1), 30–50 (2000)

    Article  Google Scholar 

  27. Segala, R.: Modeling and verification of randomized distributed real-time systems. Ph.D. thesis, Massachusetts Institute of Technology (1995)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Technische Universiteit Eindhoven, Eindhoven, The Netherlands

    Jerry den Hartog

  2. National Research Council, Istituto di Informatica e Telematica (IIT), Pisa, Italy

    Ilaria Matteucci

Authors
  1. Jerry den Hartog
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ilaria Matteucci
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jerry den Hartog .

Editor information

Editors and Affiliations

  1. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

  2. Universitat Autònoma de Barcelona, Bellaterra, Spain

    Jordi Herrera-Joancomartí

  3. Imperial College London, London, United Kingdom

    Emil Lupu

  4. Universität Passau, Passau, Germany

    Joachim Posegga

  5. University of Urbino, Urbino, Italy

    Alessandro Aldini

  6. Pisa Research Area, National Research Council - CNR, Pisa, Italy

    Fabio Martinelli

  7. Technische Universität Darmstadt, Darmstadt, Germany

    Neeraj Suri

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

den Hartog, J., Matteucci, I. (2015). Introducing Probabilities in Controller Strategies. In: Garcia-Alfaro, J., et al. Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance. DPM QASA SETOP 2014 2014 2014. Lecture Notes in Computer Science(), vol 8872. Springer, Cham. https://doi.org/10.1007/978-3-319-17016-9_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-17016-9_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-17015-2

  • Online ISBN: 978-3-319-17016-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation