In the Nick of Time: Proactive Prevention of Obligation Violations

David Basin, Søren Debois, Thomas Hildebrandt

Publikation: Artikel i tidsskrift og konference artikel i tidsskriftKonferenceartikelForskningpeer review


We present a system model, an enforcement mechanism, and a policy language for the proactive enforcement of timed provisions and obligations. Our approach improves upon existing formalisms in two ways: (1) we exploit the target system's existing functionality to avert policy violations proactively, rather than compensate for them reactively, and, (2) instead of requiring the manual specification of remedial actions in the policy, we automatically deduce required actions directly from the policy. As a policy language, we employ timed dynamic condition response (DCR) processes. DCR primitives declaratively express timed provisions and obligations as causal relationships between events, and DCR states explicitly represent pending obligations. As key technical results, we show that enforceability of DCR policies is decidable, we give a sufficient polynomial time verifiable condition for a policy to be enforceable, and we give an algorithm for determining from a DCR state a sequence of actions that discharge impending obligations.
TidsskriftI E E E Computer Security Foundations Symposium. Proceedings
Sider (fra-til)120-134
Antal sider15
StatusUdgivet - 11 aug. 2016
BegivenhedIEEE Computer Security Foundations Symposium - Lisbon, Portugal
Varighed: 27 jun. 20161 jul. 2016
Konferencens nummer: 28


KonferenceIEEE Computer Security Foundations Symposium


Dyk ned i forskningsemnerne om 'In the Nick of Time: Proactive Prevention of Obligation Violations'. Sammen danner de et unikt fingeraftryk.