Presentation is loading. Please wait.

Presentation is loading. Please wait.

C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity Joint work with Stefano Bistarelli C Consiglio Nazionale delle.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity Joint work with Stefano Bistarelli C Consiglio Nazionale delle."— Presentation transcript:

1 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity Joint work with Stefano Bistarelli C Consiglio Nazionale delle Ricerche Iit Istituto di Informatica e Telematica - Pisa Università degli Studi “G. D’Annunzio” Dipartimento di Scienze - Pescara Simon Foley University College Cork, Ireland

2 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 2 The Idea A System/Application behaviour can be defined as a set of rules –Each rule is a constraint –A system/application behaviour is a Constraint Satisfaction Problem (CSP) –Properties of the CSP give Security properties of the System Confidentiality [Bella-Bistarelli@PADL2001] Authentication [Bella-Bistarelli@CISPW2002] Today example: –Integrity (ext. [Bistarelli-Foley@Policy2003])

3 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 3 (Integrity) Policy How do we know whether a security (integrity) policy is correctly configured? A policy configuration may allow an unexpected compromise via circuitous authorization route. Goal: Analyze policy configurations. –… let’s start with an example …

4 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 4 Is this system Secure? Enterprise receives shipments and generates associated payments Does this system have integrity?

5 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 5 Is this system Secure? One dishonest clerk Two colluding and dishonest clerks Unreliable system/software …

6 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 6 What is Integrity? Conventional Models [Biba,Clark-Wilson, Yellow Book,RBAC]: –Modelled in terms of the system, –Define “best practice” for integrity, and –define integrity in terms of specific mechanisms to use, but do not propose a denotational definition for integrity Define how to (possibly) achieve integrity, but not what it is!

7 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 7 … Integrity?? … Define the situations when –modification of information is authorised –and enforced by the security mechanism of the system. “dependability w.r.t. absence of improper alterations”

8 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 8 What is integrity? To properly define integrity it is Necessary to model System and Infrastructure [foley98] –Even if the system is functionally correct the infrastructure is likely to fail: SW,HW, users!

9 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 9 System Requirements First consider the requirement! –Only later consider how to implement it! Enterprise receives shipments and generates associated payments

10 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 10 The idea: A constraint based approach Model the components of the system and infrastructure relevant to integrity –In an abstract and declarative way –Constraints to model relationships between system and infrastructure –Soft constraints to perform a quantitative/qualitative analysis of the policy (probability/optimization reasoning)

11 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 11 System Requirements Enterprise receives shipments and generates associated payments Integrity requirement analysis Black Box Probity ´ pay · ship constraint variables pay and ship are invariants on the number of payments and the number of shipments made to date

12 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 12 Implementation and Refinement. Honest Clerks Clerk ´ inv · ship Appl ´ pay · inv Imp1 ´ Appl ­ Clerk

13 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 13 Implementation and Refinement. Dishonest Clerks Clerk ´ inv · ship Ç ship · inv Appl ´ pay · inv Imp2 ´ Appl ­ Clerk System is not resilient to the faults

14 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 14 Implementation and Refinement. Separation of Duties Clerk1 ´ con · ship Clerk2 ´ inv · ship Appl ´ pay · min(inv,con) Imp3 ´ Appl ­ Clerk1 ­ Clerk2

15 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 15 Integrity and Robustness System is resilient to some faults

16 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 16 Integrity and Robustness But not to all faults!!!

17 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 17 External Consistency and Dependability Integrity is really just (local) refinement –Any implementations need to provide a consistent “view” at the interface to the supplier. –Then check if implementation is resilient to failures within the infrastructure. –Check if interaction between supplier and system implementation are consistent with the original requirement.

18 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 18 Soft Constraints To perform a qualitative/quantitative analysis of the system. If an implementation satisfying the requirements cannot be found, look for the “best” one (w.r.t. a measure). Example: –Suppose payments are made as multiples of 100 and outstanding bills made at the end of the month: Probity(pay,ship) ´ pay · ship [constraint] Probity(a,b) = b-a [measure] Minimize the measure b-a

19 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 19 Soft Constraints Probabilistic reasoning: –Add a probability to the events –Minimize/maximize probability to have specific actions Example –Probability to the shipnote event –Possible implementation

20 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 20 Conclusions Constraints are suitable to represent in a declarative way system properties (Integrity) Softness can be added to perform a better quantitative/qualitative analysis The model makes no distinction if the policy (integrity or other!) is violated deliberately or indeliberately The danger of each violation is represented as a level

21 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 21

22 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity Joint research with Stefano Bistarelli C Consiglio Nazionale delle Ricerche Iit Istituto di Informatica e Telematica - Pisa Università degli Studi “G. D’Annunzio” Dipartimento di Scienze - Pescara Simon Foley University College Cork, Ireland

23 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 23 Strict rules: Crisp Constraints P={ x3x3 x4x4 x1x1 x2x2 V, {red,blue,yellow} {blue,yellow} {red,blue} {yellow} D, C={pairwise-different} C, PC, con, def, a} x1x1 x2x2 x3x3 x4x4 combination projection

24 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 24 Flexible rules: Soft Constraints x3x3 x4x4 x1x1 x2x2 {red,blue,yellow} {blue,yellow} {red,blue} {yellow} C={pairwise-different} 5$ 3$ 2$ 15$ 13$15$13$15$ x1x1 x2x2 x3x3 x4x4 Combination (+) Projection (min) 15$13$ C-semiring :

25 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 25 Flexible rules: Soft Constraints x3x3 x4x4 x1x1 x2x2 {red,blue,yellow} {blue,yellow} {red,blue} {yellow} C={pairwise-different} 5$ 3$ 2$ 15$ 13$15$13$15$ x1x1 x2x2 x3x3 x4x4 Combination (+) Projection (min) 15$13$ Probabilistic Fuzzy Classical Weighted C-semiring :

26 C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity, Stefano Bistarelli 26 Semiring-based CSPs: a glimpse of theory C-semiring : combination: c=c 1  c 2 =, projection: c  I =, Sol( )=(  C)  a a  b (b is better than a) iff a+b=b

Download ppt "C Iit A constraint framework for the qualitative analysis of dependability goals: Integrity Joint work with Stefano Bistarelli C Consiglio Nazionale delle."

Similar presentations

Object Oriented Analysis And Design-IT0207 iiI Semester

Object Oriented Analysis And Design-IT0207 iiI Semester
An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.
CommUnity, Tiles and Connectors joint work with Roberto Bruni José Luiz Fiadeiro Antónia Lopes Ugo Montanari Ivan Lanese Dipartimento di Informatica Università.

CommUnity, Tiles and Connectors joint work with Roberto Bruni José Luiz Fiadeiro Antónia Lopes Ugo Montanari Ivan Lanese Dipartimento di Informatica Università.
Operating System Security

Operating System Security
Internal Control–Integrated Framework

Internal Control–Integrated Framework
ARSPA04Sadri, Toni1 A Logic-Based Approach to Reasoning with Beliefs about Trust ARSPA 2004 Fariba Sadri 1 and Francesca Toni 1,2 1: Department of Computing,

ARSPA04Sadri, Toni1 A Logic-Based Approach to Reasoning with Beliefs about Trust ARSPA 2004 Fariba Sadri 1 and Francesca Toni 1,2 1: Department of Computing,
Idaho National Engineering and Environmental Laboratory What is a Framework? Web Service? Why do you need them? Wayne Simpson November.

Idaho National Engineering and Environmental Laboratory What is a Framework? Web Service? Why do you need them? Wayne Simpson November.
Semiring-based Soft Constraints Francesco Santini ERCIM Contraintes, INRIA – Rocquencourt, France Dipartimento di Matematica e Informatica,

Semiring-based Soft Constraints Francesco Santini ERCIM Contraintes, INRIA – Rocquencourt, France Dipartimento di Matematica e Informatica,
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development.
Believing the Integrity of a System Simon Foley Department of Computer Science University College Cork Ireland ARSPA 2004 Workshop on Automated Reasoning.

Believing the Integrity of a System Simon Foley Department of Computer Science University College Cork Ireland ARSPA 2004 Workshop on Automated Reasoning.
6/1/2015Ch.31 Defining Enterprise Architecture Bina Ramamurthy.

6/1/2015Ch.31 Defining Enterprise Architecture Bina Ramamurthy.
The Architecture Design Process

The Architecture Design Process
A Logic-Based Approach to Model Supervisory Control Systems Pierangelo Dell’Acqua Anna Lombardi Dept. of Science and Technology - ITN Linköping University,

A Logic-Based Approach to Model Supervisory Control Systems Pierangelo Dell’Acqua Anna Lombardi Dept. of Science and Technology - ITN Linköping University,
Overview of the Multos construction process Chad R. Meiners.

Overview of the Multos construction process Chad R. Meiners.
An algebra of Connectors for modeling CommUnity with Tiles joint work with Roberto Bruni Ugo Montanari Dipartimento di Informatica Università di Pisa Ivan.

An algebra of Connectors for modeling CommUnity with Tiles joint work with Roberto Bruni Ugo Montanari Dipartimento di Informatica Università di Pisa Ivan.
An Investigation of the Multimorphisms of Tractable and Intractable Classes of Valued Constraints Mathematics of Constraint Satisfaction: Algebra, Logic.

An Investigation of the Multimorphisms of Tractable and Intractable Classes of Valued Constraints Mathematics of Constraint Satisfaction: Algebra, Logic.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.

1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.
Privacy By Design Sample Use Case Privacy Controls Insurance Application- Vehicle Data.

Privacy By Design Sample Use Case Privacy Controls Insurance Application- Vehicle Data.
Process-oriented System Automation Executable Process Modeling & Process Automation.

Process-oriented System Automation Executable Process Modeling & Process Automation.

Similar presentations

Ads by Google