Quantitative Evaluation of Enforcement Strategies

Ciancia, Vincenzo; Martinelli, Fabio; Matteucci, Ilaria; Morisset, Charles

doi:10.1007/978-3-319-05302-8_11

Cited by 5 publications

(6 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The workflow we adopt is described in Figure 1. For the first time, we transfer the related know-how from the abstract realm of process calculi, and Crypto-CCS in particular, to a real-world specification language, namely The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013 and under grant no 257930 (Aniketos).…”

Section: Overviewmentioning

confidence: 99%

Automated Synthesis and Ranking of Secure BPMN Orchestrators

Ciancia

Martinelli

Matteucci

et al. 2013

2013 International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

We describe a formal methodology for the automatic synthesis of a secure orchestrator for a set of BPMN processes. The synthesized orchestrator is able to guarantee that all the processes that are started reach their end, and the resulting orchestrator process is secure, that is, it does not allow discloure of certain secret messages.In this work we present an implementation of a forth and back translation from BPMN to crypto-CCS, in such a way to exploit the PaMoChSA tool for synthesizing orchestrators.Furthermore, we study the problem of ranking orchestrators based on quantitative valuations of a process, and on the temporal evolution of such valuations and their security, as a function of the knowledge of the attacker.

show abstract

Section: Overviewmentioning

confidence: 99%

Automated Synthesis and Ranking of Secure BPMN Orchestrators

Ciancia

Martinelli

Matteucci

et al. 2013

2013 International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

show abstract

“…A countermeasure (or controlling strategy) [3] is a runtime execution trace of a controller E that follows the behaviour of a target F step by step acting according to control rules in Tab. 1.…”

Section: Multi-criteria Classification Of Quantitative Countermeasuresmentioning

confidence: 99%

“…Definition 3.2. [3] Given an agent F , and a semiring K, a controller E2 is better than a controller E1 w.r.…”

Section: Multi-criteria Classification Of Quantitative Countermeasuresmentioning

confidence: 99%

A multi-criteria ranking of security countermeasures

Nostro

Matteucci

Ceccarelli

et al. 2016

Proceedings of the 31st Annual ACM Symposium on Applied Computing

Self Cite

View full text Add to dashboard Cite

show abstract

“…Clearly, non-functional requirements, such as QoS, could be used to evaluate quantitative aspects on orchestrators. Non functional aspects, including the degree of security, can be formalised using semirings, as done in [10]. Therein, security is a boolean value, determined by the violation of a policy.…”

Section: Semiring-based Selection Of Orchestratorsmentioning

confidence: 99%

“…Non-functional requirements, such as QoS, could be used to evaluate quantitative aspects on both orchestrators and attackers. Non functional aspects, including the degree of security, can be formalised using semirings, as done in Ciancia, Martinelli, Matteucci, and Morisset (2013).…”

Section: Semiring-based Evaluationmentioning

confidence: 99%

Automated Synthesis and Ranking of Secure BPMN Orchestrators

Ciancia

Martín

Martinelli

et al. 2014

International Journal of Secure Software Engineering

Self Cite

View full text Add to dashboard Cite

The authors describe a formal methodology for the automatic synthesis of a secure orchestrator for a set of BPMN processes. The synthesized orchestrator is able to guarantee that all the processes that are started reach their end, and the resulting orchestrator process is secure, that is, it does not allow the disclosure of certain secret messages. The authors present an implementation of a forth and back translation from BPMN to Crypto-CCS, that permits them to exploit the previously existing PaMoChSA tool to synthesize BPMN orchestrators. Furthermore, they study the problem of ranking orchestrators based on quantitative valuations of a process, the temporal evolution of such valuations, and their security, as a function of the knowledge of the attacker.

show abstract

Quantitative Evaluation of Enforcement Strategies

Cited by 5 publications

References 25 publications

Automated Synthesis and Ranking of Secure BPMN Orchestrators

Automated Synthesis and Ranking of Secure BPMN Orchestrators

A multi-criteria ranking of security countermeasures

Automated Synthesis and Ranking of Secure BPMN Orchestrators

Contact Info

Product

Resources

About