Lazy Security Controllers

Giulio Caravagna, Gabriele Costa, Giovanni Pardini

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Security controllers follow the execution of the target systems to prevent security violations. In fact, by proactively observing the target, they are able to catch security violations before they occur and act consequently, such as by interrupting the execution. In this paper we define a novel category of security controllers called lazy controllers, a conservative extension of standard controllers which routinely suspend the observation of the target for different time spans, in order to reduce the cost of monitoring and increase performance, at the expense of the possibility of missing a violation. We show how a proactive truncation controller can be extended to the lazy setting, and we formally characterize the relation between the length of suspended time spans and the actual violation risk, which constitutes the formal ground of our approach. This allows the actual time of suspension to be determined according to a given maximum bearable risk. Precisely, we formally investigate three classes of systems, namely non-deterministic, probabilistic, and stochastic systems.
Original languageEnglish
Title of host publicationSecurity and Trust Management
Subtitle of host publication8th International Workshop, STM 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers
EditorsAudun Jøsang, Pierangela Samarati, Marinella Petrocchi
PublisherSpringer Berlin Heidelberg
Pages33-48
Number of pages16
ISBN (Electronic)978-3-642-38004-4
ISBN (Print)978-3-642-38003-7
DOIs
Publication statusPublished - 2013

Publication series

NameLecture Notes in Computer Science
PublisherSpringer Berlin Heidelberg
Volume7783
ISSN (Print)0302-9743

Fingerprint

Dive into the research topics of 'Lazy Security Controllers'. Together they form a unique fingerprint.

Cite this