Security controllers follow the execution of the target systems to prevent security violations. In fact, by proactively observing the target, they are able to catch security violations before they occur and act consequently, such as by interrupting the execution. In this paper we define a novel category of security controllers called lazy controllers, a conservative extension of standard controllers which routinely suspend the observation of the target for different time spans, in order to reduce the cost of monitoring and increase performance, at the expense of the possibility of missing a violation. We show how a proactive truncation controller can be extended to the lazy setting, and we formally characterize the relation between the length of suspended time spans and the actual violation risk, which constitutes the formal ground of our approach. This allows the actual time of suspension to be determined according to a given maximum bearable risk. Precisely, we formally investigate three classes of systems, namely non-deterministic, probabilistic, and stochastic systems. © Springer-Verlag Berlin Heidelberg 2013.
Caravagna, G., Costa, G., Pardini, G. (2013). Lazy security controllers. In A. Jøsang, P. Samarati, M. Petrocchi (a cura di), Security andTrust Management, 8th InternationalWorkshop, STM 2012, Pisa, Italy, September 13-14, 2012 Revised Selected Papers (pp. 33-48). Springer [10.1007/978-3-642-38004-4_3].
Lazy security controllers
CARAVAGNA, GIULIOPrimo
;
2013
Abstract
Security controllers follow the execution of the target systems to prevent security violations. In fact, by proactively observing the target, they are able to catch security violations before they occur and act consequently, such as by interrupting the execution. In this paper we define a novel category of security controllers called lazy controllers, a conservative extension of standard controllers which routinely suspend the observation of the target for different time spans, in order to reduce the cost of monitoring and increase performance, at the expense of the possibility of missing a violation. We show how a proactive truncation controller can be extended to the lazy setting, and we formally characterize the relation between the length of suspended time spans and the actual violation risk, which constitutes the formal ground of our approach. This allows the actual time of suspension to be determined according to a given maximum bearable risk. Precisely, we formally investigate three classes of systems, namely non-deterministic, probabilistic, and stochastic systems. © Springer-Verlag Berlin Heidelberg 2013.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.