Two conflicting high-level goals govern the enforcement of security policies, abridged in the phrase “high security at a low cost”. While these drivers seem irreconcilable, formal modelling languages and automated verification techniques can facilitate the task of finding the right balance. We propose a modelling language and a framework in which security checks can be relaxed or strengthened to save resources or increase protection, on the basis of trust relationships among communicating parties. Such relationships are automatically derived through a reputation system, hence adapt dynamically to the observed behaviour of the parties and are not fixed a priori. In order to evaluate the impact of the approach, we encode our modelling language in StoKlaim, which enables verification via the dedicated statistical model checker SAM. The overall approach is applied to a fragment of a Wireless Sensor Network, where there is a clear tension between devices with limited resources and the cost for securing the communication.
Trust-Based Enforcement of Security Policies / M. Maffei E. Tuosto; Vigo Roberto; Celestini Alessandro; Tiezzi Francesco; De Nicola Rocco; Nielson Flemming; Nielson Hanne Riis. - STAMPA. - (2014), pp. 176-191. [10.1007/978-3-662-45917-1_12]
Trust-Based Enforcement of Security Policies
Tiezzi Francesco;
2014
Abstract
Two conflicting high-level goals govern the enforcement of security policies, abridged in the phrase “high security at a low cost”. While these drivers seem irreconcilable, formal modelling languages and automated verification techniques can facilitate the task of finding the right balance. We propose a modelling language and a framework in which security checks can be relaxed or strengthened to save resources or increase protection, on the basis of trust relationships among communicating parties. Such relationships are automatically derived through a reputation system, hence adapt dynamically to the observed behaviour of the parties and are not fixed a priori. In order to evaluate the impact of the approach, we encode our modelling language in StoKlaim, which enables verification via the dedicated statistical model checker SAM. The overall approach is applied to a fragment of a Wireless Sensor Network, where there is a clear tension between devices with limited resources and the cost for securing the communication.
I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
