Lazy Security Controllers

Security controllers follow the execution of the target systems to prevent security violations. In fact, by proactively observing the target, they are able to catch security violations before they occur and act consequently, such as by interrupting the execution. In this paper we define a novel category of security controllers called lazy controllers, a conservative extension of standard controllers which routinely suspend the observation of the target for different time spans, in order to reduce the cost of monitoring and increase performance, at the expense of the possibility of missing a violation.

[1]  Dejan Nickovic,et al.  From MITL to Timed Automata , 2006, FORMATS.

[2]  Ian Stark,et al.  Free-Algebra Models for the pi-Calculus , 2005, FoSSaCS.

[3]  Scott F. Smith,et al.  Static enforcement of security with types , 2000, ICFP '00.

[4]  Fred B. Schneider,et al.  Enforceable security policies , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[5]  Giulio Caravagna,et al.  Lazy Monitoring for Distributed Computing Environments , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[6]  Yliès Falcone,et al.  What can you verify and enforce at runtime? , 2012, International Journal on Software Tools for Technology Transfer.

[7]  Fabio Massacci,et al.  Security-by-Contract: Toward a Semantics for Digital Signatures on Mobile Code , 2007, EuroPKI.

[8]  Gian Luigi Ferrari,et al.  Types and Effects for Resource Usage Analysis , 2007, FoSSaCS.

[9]  J. R. Büchi On a Decision Method in Restricted Second Order Arithmetic , 1990 .

[10]  J. R. Büchi Symposium on Decision Problems: On a Decision Method in Restricted Second Order Arithmetic , 1966 .

[11]  Stefan Axelsson,et al.  An Approach to UNIX Security Logging , 1998 .

[12]  Fabio Martinelli,et al.  Synthesis of Local Controller Programs for Enforcing Global Security Properties , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[13]  Sheldon M. Ross Introduction to Probability Models. , 1995 .

[14]  Sheldon M. Ross,et al.  Introduction to Probability Models, Eighth Edition , 1972 .

[15]  Simson L. Garfinkel,et al.  Practical UNIX and Internet Security , 1996 .

[16]  Simson L. Garfinkel,et al.  Practical UNIX and internet security (2. ed.) , 1996 .

[17]  Gordon D. Plotkin,et al.  A structural approach to operational semantics , 2004, J. Log. Algebraic Methods Program..

[18]  Cristina L. Abad,et al.  Log correlation for intrusion detection: a proof of concept , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[19]  Yliès Falcone,et al.  You Should Better Enforce Than Verify , 2010, RV.

[20]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[21]  Erland Jonsson,et al.  An Approach to UNIX Security Logging 1 , 1998 .

[22]  Orna Kupferman,et al.  Model Checking of Safety Properties , 1999, CAV.

[23]  Fabio Martinelli,et al.  Through Modeling to Synthesis of Security Automata , 2007, STM.

[24]  Lujo Bauer,et al.  Edit automata: enforcement mechanisms for run-time security policies , 2005, International Journal of Information Security.

[25]  Gordon D. Plotkin,et al.  The origins of structural operational semantics , 2004, J. Log. Algebraic Methods Program..

[26]  Peter Thiemann,et al.  Enforcing Safety Properties Using Type Specialization , 2001, ESOP.