Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/en/node/13064' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/en/node/13064' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Lazy Security Controllers | IIT - CNR - Istituto di Informatica e Telematica
IIT Home Page CNR Home Page

Lazy Security Controllers

A security controller follows the execution of a target to identify and prevent security violations. Effective controllers proactively observe a full execution of a target and, in case of a security violation, either interrupt or modify its original behaviour. Beyond the theoretical  aspects, the assumption that a controller can observe the entire execution of its target might be restrictive in several practical cases. In this paper we define lazy controllers, a category of security controllers which can schedule observation points over the target execution. Finding an optimal scheduling strategy is non-trivial in general. Indeed, a lazy controller could miss security-sensitive observations. Also, we propose synthesis strategies applicable to (i) non-deterministic targets with
non-instantaneous actions, (ii) probabilistic targets modelled as Discrete Time Markov Chains and (iii) stochastic targets modelled as Continuous Time Markov Chains. In each case we give an analytical characterization of the probability that the lazy controller misses the detection of a violation.


2011

IIT authors:

Giulio Caravagna

Foto di Giulio Caravagna

Gabriele Costa

Foto di Gabriele Costa

Giovanni Pardini

Foto di Giovanni Pardini

Type: TR Technical reports
Field of reference: Information Technology and Communication Systems
IIT TR-28/2011

Activity: Metodi formali per la sicurezza di sistemi ICT