http://www.cnr.it/ontology/cnr/individuo/prodotto/ID276995
A Quantitative Approach for Inexact Enforcement of Security Policies (Contributo in atti di convegno)
- Type
- Label
- A Quantitative Approach for Inexact Enforcement of Security Policies (Contributo in atti di convegno) (literal)
- Anno
- 2012-01-01T00:00:00+01:00 (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#doi
- 10.1007/978-3-642-33383-5_19 (literal)
- Alternative label
Peter Drábik, Fabio Martinelli, Charles Morisset (2012)
A Quantitative Approach for Inexact Enforcement of Security Policies
in Information Security Conference, Passau, Germany, 19.09.2012
(literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#autori
- Peter Drábik, Fabio Martinelli, Charles Morisset (literal)
- Pagina inizio
- Pagina fine
- Rivista
- Note
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#affiliazioni
- IIT-CNR, Pisa, Italy (literal)
- Titolo
- A Quantitative Approach for Inexact Enforcement of Security Policies (literal)
- Abstract
- A run-time enforcement mechanism is a program in charge of ensuring that all the traces of a system satisfy a given security policy.
Following Schneider's seminal work, there have been several approaches defining what kind of policies can be automatically enforced, and in particular,
non-safety properties cannot be correctly and transparently enforced.
In this paper, we first propose to build an enforcement mechanism using an abstract notion of selector.
We then propose to quantify the inexact enforcement of a non-safety property by an enforcement mechanism, by considering both the traces leading to a non-secure output by this
mechanism and the secure traces not output, thus formalizing an intuitive notion of security/usability tradeoff.
Finally, we refine this notion when probabilistic and quantitative information is known about the traces. We illustrate all the different concepts with a running example, representing an abstract policy dealing with emergency situations. (literal)
- Editore
- Prodotto di
- Autore CNR
- Insieme di parole chiave
Incoming links:
- Prodotto
- Autore CNR di
- Editore di
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#rivistaDi
- Insieme di parole chiave di