Local policies for resource usage analysis

Bartoletti, Massimo; Degano, Pierpaolo; Ferrari, Gian Luigi; Zunino, Roberto

doi:10.1145/1552309.1552313

Cited by 40 publications

(50 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Security policies are expressed as formulae of CSL S predicates over CTMCs. We plan to integrate our quantitative security policies in the language-based security framework of [12,11,10,9]. In this approach programs are typed as functions with a side effect that abstractly describes the possible run-time executions of the program.…”

Section: Discussionmentioning

confidence: 99%

“…A language-based framework for managing security issues in a distributed contexts has been proposed in [12,11,10,9].…”

Section: Stochastic History Expressionsmentioning

confidence: 99%

“…A language based approach supporting the static analysis of security has been developed in [12,11,10,9]. Its main ingredients are: local policies, call-by-contract invocation, type-effect systems, model checking and secure orchestration.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

On Quantitative Security Policies

Degano

Ferrari

Mezzetti

2011

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. We introduce a formal framework to specify and enforce quantitative security policies. The framework consists of: (i) a stochastic process calculus to express the measurable space of computations in terms of Continuous Time Markov Chains; (ii) a stochastic modal logic (a variant of CSL) to represent the bound constraints on execution speed; (iii) two enforcement mechanisms of our quantitative security policies: potential or actual. The potential enforcement computes the probability of policy violations, thus providing a sort of static evaluation of the policy. This supports the user to accept/discard a component when the probability of the security violation is below/above a suitable chosen threshold. The actual enforcement computes the deviation of the execution speed from the acceptable rate. This supports the run-time systems by driving the execution monitor to abort unsafe executions.

show abstract

Section: Discussionmentioning

confidence: 99%

“…A language-based framework for managing security issues in a distributed contexts has been proposed in [12,11,10,9].…”

Section: Stochastic History Expressionsmentioning

confidence: 99%

See 1 more Smart Citation

On Quantitative Security Policies

Degano

Ferrari

Mezzetti

2011

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…In particular, policies composition techniques must be included in any proposed framework. Local policies [3] represent a viable direction for allowing several actors to define their own security policies, apply them to a local scope and compose global security rules efficiently. Also, since our proposal is based on mobile devices technology, specific security solutions for mobile OSes must be considered.…”

Section: Related Workmentioning

confidence: 99%

Trustworthy Opportunistic Access to the Internet of Services

Armando¹,

Castiglione²,

Costa³

et al. 2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Nowadays web services pervade the network experience of the users. Indeed, most of our activities over the internet consist in accessing remote services and interact with them. Clearly, this can happen only when two elements are available: (i) a compatible device and (ii) a suitable network connection. The recent improvement of the computational capabilities of mobile devices, e.g., tablets and smartphones, seriously mitigated the first aspect. Instead, the inappropriateness, or even the absence, of connectivity is still a major issue.Although mobile, third generation (3G) networks can provide basic connectivity, complex interactions with web services often require different levels of Quality of Service (QoS). Also, 3G connectivity is only available in certain areas, e.g., user's country, and purchasing temporary connection abroad can be very costly. These costs weigh down on the original service price, seriously impacting the web service business model.In this paper we describe the problems arising when considering the orchestration of service-oriented opportunistic networks and we present the assumptions that we want to consider in our context. We claim that our model is realistic mainly for two reasons: (i) we consider state-ofthe-art technology and technical trends and (ii) we refer to a concrete problem for service providers.

show abstract

“…Usage automata are a variant of nondeterministic finite state automata, parameterized over system resources. More details and the formal definition are in [6,7].…”

Section: Introductionmentioning

confidence: 99%

Modular plans for secure service composition

Costa

Degano

Martinelli

2012

JCS

Self Cite

View full text Add to dashboard Cite

Abstract. Service Oriented Computing (SOC) is a programming paradigm aiming at characterising Service Networks. Services are entities waiting for clients requests and they often result from the composition of many services. We address here the problem of statically guaranteeing security of open services, i.e. services with unknown components. Security constraints are expressed by local policies that service components must obey. We present here a type and effect system that safely over-approximates, in the form of history expressions, the possible run-time behaviour of open services, collecting partial information on the behaviours of their components. From a history expression, we then extract a plan that drives executions that never rise security violations. Finally, we show how partial plans satisfying security requirements can be put together to obtain a safe orchestration plan.

show abstract

Local policies for resource usage analysis

Cited by 40 publications

References 46 publications

On Quantitative Security Policies

On Quantitative Security Policies

Trustworthy Opportunistic Access to the Internet of Services

Modular plans for secure service composition

Contact Info

Product

Resources

About