IIT Home Page CNR Home Page

Quantitative evaluation of enforcement strategies

In Security, monitors and enforcement mechanisms run in parallel with programs to check, and modify their run-time behaviour, respectively, in order to guarantee the satisfaction of a security policy. For the same policy, several enforcement strategies are possible. We provide a framework for quantitative monitoring and enforcement. Enforcement strategies are analysed according to user-de ned parameters. This is done by extending the notion controller processes, that mimics the well-known edit  automata, with weights on transitions, valued in a C-semiring. C-semirings permit one to be  exible and general in the quantitative criteria. Furthermore, we provide some examples of orders on controllers that are evaluated under incomparable criteria.


2013

IIT authors:

Vincenzo Ciancia

Foto di Vincenzo Ciancia

Charles Morisset

Foto di Charles Morisset

Type: TR Technical reports
Field of reference: Information Technology and Communication Systems
IIT TR-04/2013

File: TR-04-2013.pdf

Activity: Sicurezza di dispositivi mobili