IIT Home Page CNR Home Page

There are Two Sides to Every Question - Controller Versus Attacker.

We investigate security enforcement mechanisms that run in parallel with a system; the aim is to check and modify the run-time behaviour of a possible attacker in order to guarantee that the system satisfies some security policies. We focus on a CSP-like quantitative process-algebra to model such processes. Weights on actions are modelled with semirings, which represent a parametric structure where to cast different metrics. The basic tools are represented by a quantitative logic and a model checking function. First, the behaviour of the system is removed from the parallel computation with respect to some security property to be satisfied. Secondly, what remains is refined in two formulas with respect to the given operator executed by a controller. The result describes what a controller has to do to prevent a given attack.

Programming Languages with Applications to Biology and Security 2015, Pisa, 2015

Autori esterni: Francesco Santini (Università di Perugia)
Autori IIT:

Tipo: Articolo in Atti di convegno internazionale
Area di disciplina: Computer Science & Engineering

Attività: Metodi formali per la sicurezza di sistemi ICT