Semiring-based Specification Approaches for Quantitative Security

Fabio Martinelli
(IIT-CNR)
Ilaria Matteucci
(IIT-CNR)
Francesco Santini
(IIT-CNR)

Our goal is to provide different semiring-based formal tools for the specification of security requirements: we quantitatively enhance the open-system approach, according to which a system is partially specified. Therefore, we suppose the existence of an unknown and possibly malicious agent that interacts in parallel with the system. Two specification frameworks are designed along two different (but still related) lines. First, by comparing the behaviour of a system with the expected one, or by checking if such system satisfies some security requirements: we investigate a novel approximate behavioural-equivalence for comparing processes behaviour, thus extending the Generalised Non Deducibility on Composition (GNDC) approach with scores. As a second result, we equip a modal logic with semiring values with the purpose to have a weight related to the satisfaction of a formula that specifies some requested property. Finally, we generalise the classical partial model-checking function, and we name it as quantitative partial model-checking in such a way to point out the necessary and sufficient conditions that a system has to satisfy in order to be considered as secure, with respect to a fixed security/functionality threshold-value.

In Nathalie Bertrand and Mirco Tribastone: Proceedings Thirteenth Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015), London, UK, 11th-12th April 2015, Electronic Proceedings in Theoretical Computer Science 194, pp. 95–109.
Published: 28th September 2015.

ArXived at: http://dx.doi.org/10.4204/EPTCS.194.7 bibtex PDF
References in reconstructed bibtex, XML and HTML format (approximated).
Comments and questions to: eptcs@eptcs.org
For website issues: webmaster@eptcs.org