Abstract
Two conflicting high-level goals govern the enforcement of security policies, abridged in the phrase “high security at a low cost”. While these drivers seem irreconcilable, formal modelling languages and automated verification techniques can facilitate the task of finding the right balance. We propose a modelling language and a framework in which security checks can be relaxed or strengthened to save resources or increase protection, on the basis of trust relationships among communicating parties. Such relationships are automatically derived through a reputation system, hence adapt dynamically to the observed behaviour of the parties and are not fixed a priori. In order to evaluate the impact of the approach, we encode our modelling language in StoKlaim, which enables verification via the dedicated statistical model checker SAM. The overall approach is applied to a fragment of a Wireless Sensor Network, where there is a clear tension between devices with limited resources and the cost for securing the communication.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Hankin, C., Nielson, F., Nielson, H.R.: Probabilistic Aspects: Checking Security in an Imperfect World. In: Wirsing, M., Hofmann, M., Rauschmayer, A. (eds.) TGC 2010. LNCS, vol. 6084, pp. 348–363. Springer, Heidelberg (2010)
Jøsang, A., Ismailb, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decision Support Systems 43(2), 618–644 (2007)
Despotovic, Z., Aberer, K.: P2P reputation management: Probabilistic estimation vs. social networks. Computer Networks 50(4), 485–500 (2006)
De Nicola, R., Loreti, M.: A modal logic for mobil agents. ACM Trans. Comput. Log. 5(1), 79–128 (2004)
De Nicola, R., Katoen, J.P., Latella, D., Loreti, M., Massink, M.: Model checking mobile stochastic logic. Theoretical Computer Science 382(1), 42–70 (2007)
Loreti, M.: Stochastic Analyser for Mobility (2010). http://rap.dsi.unifi.it/SAM/
Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C., Loingtier, J.-M., Irwin, J.: Aspect-Oriented Programming. In: Akşit, M., Matsuoka, S. (eds.) ECOOP 1997. LNCS, vol. 1241, pp. 220–242. Springer, Heidelberg (1997)
Georg, G., Ray, I., France, R.B.: Using Aspects to Design a Secure System. In: IEEE 8th International Conference on Engineering of Complex Computer Systems (ICECCS 2002) (2002)
Win, B.D., Joosen, W., Piessens, F.: Developing Secure Applications through Aspect-Oriented Programming. In: Aspect-Oriented Software Development, pp. 633–650 (2004)
Hankin, C., Nielson, F., Riis Nielson, H., Yang, F.: Advice for Coordination. In: Lea, D., Zavattaro, G. (eds.) COORDINATION 2008. LNCS, vol. 5052, pp. 153–168. Springer, Heidelberg (2008)
Bettini, L., Kannan, R., De Nicola, R., Ferrari, G.-L., Gorla, D., Loreti, M., Moggi, E., Pugliese, R., Tuosto, E., Venneri, B.: The Klaim Project: Theory and Practice. In: Priami, C. (ed.) GC 2003. LNCS, vol. 2874, pp. 88–150. Springer, Heidelberg (2003)
Celestini, A., De Nicola, R., Tiezzi, F.: Specifying and Analysing Reputation Systems with a Coordination Language. In: 28th Annual ACM Symposium on Applied Computing (SAC 2013), pp. 1363–1368. ACM (2013)
Legay, A., Delahaye, B.: Statistical Model Checking : An Overview. ArXiv (2010)
Calzolai, F., Loreti, M.: Simulation and Analysis of Distributed Systems in Klaim. In: Clarke, D., Agha, G. (eds.) COORDINATION 2010. LNCS, vol. 6116, pp. 122–136. Springer, Heidelberg (2010)
Gambetta, D.: Can We Trust Trust? Basil Blackwell (1988)
Alzaid, H., Alfaraj, M., Ries, S., Jøsang, A., Albabtain, M., Abuhaimed, A.: Reputation-based trust systems for wireless sensor networks: A comprehensive review. In: Fernández-Gago, C., Martinelli, F., Pearson, S., Agudo, I. (eds.) Trust Management VII. IFIP AICT, vol. 401, pp. 66–82. Springer, Heidelberg (2013)
OASIS: eXtensible Access Control Markup Language (XACML) Version 3.0 (2013). http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html
De Nicola, R., Ferrari, G.L., Pugliese, R.: KLAIM: A Kernel Language for Agents Interaction and Mobility. IEEE Trans. Software Eng. 24(5), 315–330 (1998)
Linda: User’s Guide and Reference Manual. Scientific Computing Associates (1995)
Nielson, H.R., Nielson, F., Vigo, R.: A Calculus for Quality. In: Păsăreanu, C.S., Salaün, G. (eds.) FACS 2012. LNCS, vol. 7684, pp. 188–204. Springer, Heidelberg (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vigo, R., Celestini, A., Tiezzi, F., De Nicola, R., Nielson, F., Nielson, H.R. (2014). Trust-Based Enforcement of Security Policies. In: Maffei, M., Tuosto, E. (eds) Trustworthy Global Computing. TGC 2014. Lecture Notes in Computer Science(), vol 8902. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45917-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-662-45917-1_12
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45916-4
Online ISBN: 978-3-662-45917-1
eBook Packages: Computer ScienceComputer Science (R0)