Monitoring Compliance Policies over Incomplete and Disagreeing Logs

Basin, David; Klaedtke, Felix; Marinovic, Srdjan; Zălinescu, Eugen

doi:10.1007/978-3-642-35632-2_17

Cited by 25 publications

(33 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The interval selects a sub-part of the trace in which the immediate subformula is interpreted. For example, [2,6] ϕ means that at some point between 2 and 6 time units in the past, ϕ holds. For past temporal operators, we allow the higher limit (hi) of I to be ∞.…”

Section: Policy Specification Logicmentioning

confidence: 99%

“…Summary structures (future formulas) précis no online yes no reduce [4] yes offline no no Chomicki [8,9] no online yes no Krukow et al [10] Bauer et al [11] yes online yes no Basin et al [5,7] no online yes yes Basin et al [6] yes online yes yes Bauer et al [19] no online (automata)* (automata)* Table 1: Comparison of design choices in précis and prior work using first-order temporal logic for privacy compliance. *Automata-based approaches have no explicit notion of summary structures.…”

Section: Implementation and Evaluationmentioning

confidence: 99%

“…Alternatively, an online program may monitor privacy-relevant events, check them against the prevailing privacy policy and report violations on the fly. Both approaches have been considered in literature: An algorithm for offline compliance checking has been proposed by a subset of the authors [4], whereas online monitoring has been the subject of extensive work by other researchers [5][6][7][8][9][10][11].…”

Section: Introductionmentioning

confidence: 99%

“…Unlike the safe-range check or the standard mode check, our new temporal mode check captures this information correctly and our monitoring algorithm, précis, implements this strategy. No existing work on online monitoring can handle this formula because r cannot be summarized [5][6][7][8][9][10][11]. The work on offline checking can handle this formula [4], it does not build summary structures and is needlessly inefficient on q.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Chowdhury

Jia

Garg³

et al. 2014

Computer Aided Verification

View full text Add to dashboard Cite

Fragments of first-order temporal logic are useful for representing many practical privacy and security policies. Past work has proposed two strategies for checking event trace (audit log) compliance with policies: online monitoring and offline audit. Although online monitoring is space-and timeefficient, existing techniques insist that satisfying instances of all subformulas of the policy be amenable to caching, which limits expressiveness when some subformulas have infinite support. In contrast, offline audit is brute force and can handle more policies but is not as efficient. This paper proposes a new online monitoring algorithm that caches satisfying instances when it can, and falls back to the brute force search when it cannot. Our key technical insight is a new flowand time-sensitive static check of variable groundedness, called the temporal mode check, which determines subformulas for which such caching is feasible and those for which it is not and, hence, guides our algorithm. We prove the correctness of our algorithm and evaluate its performance over synthetic traces and realistic policies.

show abstract

Section: Policy Specification Logicmentioning

confidence: 99%

Section: Implementation and Evaluationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Chowdhury

Jia

Garg³

et al. 2014

Computer Aided Verification

View full text Add to dashboard Cite

show abstract

“…Another approach, adopted by Basin et al [3], is to handle the uncertainty brought about by incomplete traces using a three-valued logic, whereby the property's evaluation function is modified to also reason about indeterminate results.…”

Section: Related Workmentioning

confidence: 99%

Distributed Finite-State Runtime Monitoring with Aggregated Events

Falzon¹,

Bodden²,

Purandare

2013

Runtime Verification

View full text Add to dashboard Cite

Abstract. Security information and event management (SIEM) systems usually consist of a centralized monitoring server that processes events sent from a large number of hosts through a potentially slow network. In this work, we discuss how monitoring efficiency can be increased by switching to a model of aggregated traces, where monitored hosts buffer events into lossy but compact batches. In our trace model, such batches retain the number and types of events processed, but not their order. We present an algorithm for automatically constructing, out of a regular finitestate property definition, a monitor that can process such aggregated traces. We discuss the resultant monitor's complexity and prove that it determines the set of possible next states without producing false negatives and with a precision that is optimal given the reduced information the trace carries.

show abstract