Quantitative evaluation of enforcement strategies

In Security, monitors and enforcement mechanisms run in parallel with programs to check, and modify their run-time behaviour, respectively, in order to guarantee the satisfaction of a security policy. For the same pol- icy, several enforcement strategies are possible. We provide a framework for quantitative monitoring and enforcement. Enforcement strategies are analysed according to user-dened parameters. This is done by extending the notion controller processes, that mimics the well-known edit automata, with weights on transitions, valued in a C-semiring. C-semirings permit one to be exible and general in the quantitative criteria. Furthermore, we provide some examples of orders on controllers that are evaluated under incomparable criteria

A Study of the PDGF Signaling Pathway with PRISM

In this paper, we apply the probabilistic model checker PRISM to the analysis of a biological system -- the Platelet-Derived Growth Factor (PDGF) signaling pathway, demonstrating in detail how this pathway can be analyzed in PRISM. We show that quantitative verification can yield a better understanding of the PDGF signaling pathway.Comment: In Proceedings CompMod 2011, arXiv:1109.104

Probabilistic Cost Enforcement of Security Policies

Abstract. This paper presents a formal framework for run-time enforcement mechanisms, or monitors, based on probabilistic input/output automata [3, 4], which allows for the modeling of complex and interactive systems. We associate with each trace of a monitored system (i.e., a monitor interposed between a system and an environment) a probability and a real number that represents the cost that the actions appearing on the trace incur on the monitored system. This allows us to calculate the probabilistic (expected) cost of the monitor and the monitored system, which we use to classify monitors, not only in the typical sense, e.g., as sound and transparent [17], but also at a more fine-grained level, e.g., as cost-optimal or cost-efficient. We show how a cost-optimal monitor can be built using information about cost and the probabilistic future behavior of the system and the environment, showing how deeper knowledge of a system can lead to construction of more efficient security mechanisms.