Skip to main content
SpringerLink
Log in

Introducing Probabilities in Controller Strategies

  • Conference paper
  • First Online:
Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance (DPM 2014, QASA 2014, SETOP 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8872))

  • 1602 Accesses

Abstract

In this paper we propose a basic framework to merge security controllers with probabilistic concepts. This framework provides a first step towards quantitative security achieved by probabilistic controllers. It extends the framework for specification, analysis, and automatic generation of security controllers provided inĀ [21, 23] by considering probabilistic aspects of the behaviour of both the target process and the controller. Controllers may actively try to influence the choice of action of the target system or only passively react to actions the target system tried to perform. In a non-probabilistic setting both active and passive controllers can be expressed by the same model. In a probabilistic setting, however, these two types of controllers can differ. We respectively use the notions of generative and reactive processes to capture this distinction and discuss the different behaviours obtaining in the different settings.

This work has been partially supported by the Italian TENACE PRIN Project (#20103P34XC), ARTEMIS J.U.Ā SESAMO (#295354) and EU FP7 Marie Curie project MEALS (#295261).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aldini, A., Gorrieri, R.: Security analysis of a probabilistic non-repudiation protocol. In: Hermanns, H., Segala, R. (eds.) PROBMIV 2002, PAPM-PROBMIV 2002, and PAPM 2002. LNCS, vol. 2399, pp. 17ā€“36. Springer, Heidelberg (2002)

    ChapterĀ  Google ScholarĀ 

  2. Andova, S.: Process algebra with probabilistic choice. In: Katoen, J.-P. (ed.) AMAST-ARTS 1999, ARTS 1999, and AMAST-WS 1999. LNCS, vol. 1601, pp. 111ā€“129. Springer, Heidelberg (1999)

    ChapterĀ  Google ScholarĀ 

  3. Baier, C., Hermanns, H.: Weak bisimulation for fully probabilistic processes. In: Grumberg, O. (ed.) Computer Aided Verification. LNCS, pp. 119ā€“130. Springer, Heidelberg (1997)

    ChapterĀ  Google ScholarĀ 

  4. Bartoletti, M., Degano, P., Ferrari, G.L.: Policy framings for access control. In: Proceedings of the 2005 Workshop on Issues in the Theory of Security, pp. 5ā€“11. ACM (2005)

    Google ScholarĀ 

  5. Basin, D., JugĆ©, V., Klaedtke, F., Zălinescu, E.: Enforceable security policies revisited. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 309ā€“328. Springer, Heidelberg (2012)

    ChapterĀ  Google ScholarĀ 

  6. Bauer, L., Ligatti, J., Walker, D.: More enforceable security policies. In: Cervesato, I. (ed.) Foundations of Computer Security: proceedings of the FLoC 2002 workshop on Foundations of Computer Security, pp. 95ā€“104. DIKU Technical Report (2002)

    Google ScholarĀ 

  7. Bauer, L., Ligatti, J., Walker, D.: Edit automata: enforcement mechanisms for run-time security policies. Int. J. Inf. Secur. 4(1ā€“2), 2ā€“16 (2005)

    Google ScholarĀ 

  8. Bielova, N., Massacci, F.: Predictability of enforcement. In: Erlingsson, ƚ., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 73ā€“86. Springer, Heidelberg (2011)

    ChapterĀ  Google ScholarĀ 

  9. Buchholz, P., Kemper, P.: Quantifying the dynamic behavior of process algebras. In: de Alfaro, L., Gilmore, S. (eds.) Proceedings of the Joint International Workshop on Process Algebra and Probabilistic Methods, Performance Modeling and Verification. LNCS, vol. 2165, pp. 184ā€“199. Springer, Heidelberg (2001)

    ChapterĀ  Google ScholarĀ 

  10. Caravagna, G., Costa, G., Pardini, G.: Lazy security controllers. In: JĆøsang, A., Samarati, P., Petrocchi, M. (eds.) STM 2012. LNCS, vol. 7783, pp. 33ā€“48. Springer, Heidelberg (2013)

    ChapterĀ  Google ScholarĀ 

  11. Ciancia, V., Martinelli, F., Ilaria, M., Morisset, C.: Quantitative evaluation of enforcement strategies: position paper. In: Danger, J.-L., Debbabi, M., Marion, J.-Y., Garcia-Alfaro, J., Heywood, N.Z. (eds.) FPS 2013. LNCS, vol. 8352, pp. 178ā€“186. Springer, Heidelberg (2014)

    ChapterĀ  Google ScholarĀ 

  12. DrĆ”bik, P., Martinelli, F., Morisset, C.: Cost-aware runtime enforcement of security policies. In: JĆøsang, A., Samarati, P., Petrocchi, M. (eds.) STM 2012. LNCS, vol. 7783, pp. 1ā€“16. Springer, Heidelberg (2013)

    ChapterĀ  Google ScholarĀ 

  13. Easwaran, A., Kannan, S., Lee, I.: Optimal control of software ensuring safety and functionality. Technical report MS-CIS-05-20, University of Pennsylvania (2005)

    Google ScholarĀ 

  14. Glabbeek, R.V., Smolka, S., Steffen, B.: Reactive, generative and stratified models of probabilistic processes. Inform. Comput. 121, 130ā€“141 (1990)

    Google ScholarĀ 

  15. den Hartog, J.I., de Vink, E.P.: Mixing up nondeterminism and probability: a preliminary report. Electr. Notes Theor. Comput. Sci. 22, 88ā€“110 (1999)

    ArticleĀ  Google ScholarĀ 

  16. Hoare, C.: Communicating Sequential Processes, vol. 178. Prentice-hall, Englewood Cliffs (1985)

    MATHĀ  Google ScholarĀ 

  17. Kwiatkowska, M., Norman, G., Parker, D.: PRISM 4.0: verification of probabilistic real-time systems. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 585ā€“591. Springer, Heidelberg (2011)

    ChapterĀ  Google ScholarĀ 

  18. Ligatti, J., Bauer, L., Walker, D.W.: Enforcing non-safety security policies with program monitors. In: di Vimercati, S.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 355ā€“373. Springer, Heidelberg (2005)

    ChapterĀ  Google ScholarĀ 

  19. Lowe, G.: Representing nondeterminism and probabilistic behaviour in reactive processes. Technical report PRG-TR-11-93, Oxforf University Computing Laboratory (1993)

    Google ScholarĀ 

  20. Mallios, Y., Bauer, L., Kaynar, D., Martinelli, F., Morisset, C.: Probabilistic cost enforcement of security policies. In: Accorsi, R., Ranise, S. (eds.) STM 2013. LNCS, vol. 8203, pp. 144ā€“159. Springer, Heidelberg (2013)

    ChapterĀ  Google ScholarĀ 

  21. Martinelli, F.: Analysis of security protocols as open systems. Theor. Comput. Sci. 290(1), 1057ā€“1106 (2003)

    ArticleĀ  MATHĀ  MathSciNetĀ  Google ScholarĀ 

  22. Martinelli, F., Matteucci, I.: Through modeling to synthesis of security automata. Electr. Notes Theor. Comput. Sci. 179, 31ā€“46 (2007)

    ArticleĀ  Google ScholarĀ 

  23. Martinelli, F., Matteucci, I.: A framework for automatic generation of security controller. Softw. Test. Verif. Reliab. 22(8), 563ā€“582 (2012)

    Google ScholarĀ 

  24. Martinelli, F., Morisset, C.: Quantitative access control with partially-observable markov decision processes. In: Proceedings of CODASPY 2012, pp. 169ā€“180. ACM (2012)

    Google ScholarĀ 

  25. Molloy, I., Dickens, L., Morisset, C., Cheng, P.C., Lobo, J., Russo, A.: Risk-based security decisions under uncertainty. In: Proceedings of CODASPY 2012, pp. 157ā€“168. ACM (2012)

    Google ScholarĀ 

  26. Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3(1), 30ā€“50 (2000)

    ArticleĀ  Google ScholarĀ 

  27. Segala, R.: Modeling and verification of randomized distributed real-time systems. Ph.D. thesis, Massachusetts Institute of Technology (1995)

    Google ScholarĀ 

Download references

Author information

Authors and Affiliations

  1. Technische Universiteit Eindhoven, Eindhoven, The Netherlands

    Jerry denĀ Hartog

  2. National Research Council, Istituto di Informatica e Telematica (IIT), Pisa, Italy

    Ilaria Matteucci

Authors
  1. Jerry denĀ Hartog
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  2. Ilaria Matteucci
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

Corresponding author

Correspondence to Jerry denĀ Hartog .

Editor information

Editors and Affiliations

  1. TƩlƩcom SudParis, Evry, France

    Joaquin Garcia-Alfaro

  2. Universitat AutĆ²noma de Barcelona, Bellaterra, Spain

    Jordi Herrera-JoancomartĆ­

  3. Imperial College London, London, United Kingdom

    Emil Lupu

  4. UniversitƤt Passau, Passau, Germany

    Joachim Posegga

  5. University of Urbino, Urbino, Italy

    Alessandro Aldini

  6. Pisa Research Area, National Research Council - CNR, Pisa, Italy

    Fabio Martinelli

  7. Technische UniversitƤt Darmstadt, Darmstadt, Germany

    Neeraj Suri

Rights and permissions

Reprints and permissions

Copyright information

Ā© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

denĀ Hartog, J., Matteucci, I. (2015). Introducing Probabilities in Controller Strategies. In: Garcia-Alfaro, J., et al. Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance. DPM QASA SETOP 2014 2014 2014. Lecture Notes in Computer Science(), vol 8872. Springer, Cham. https://doi.org/10.1007/978-3-319-17016-9_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-17016-9_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-17015-2

  • Online ISBN: 978-3-319-17016-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation