Abstract
We present an approach to monitoring system policies. As a specification language, we use an expressive fragment of a temporal logic, which can be effectively monitored. We report on case studies in security and compliance monitoring and use these to show the adequacy of our specification language for naturally expressing complex, realistic policies and the practical feasibility of monitoring these policies using our monitoring algorithm.
This work was partially supported by the Nokia Research Center, Switzerland.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bank Secrecy Act of 1970. 31 USC 5311-5332 and 31 CFR 103 (1970)
USA Patriot Act of 2001. Public Law 107-56, HR 3162 RDS (2001)
Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley Longman Publishing Co., Inc., Boston (1995)
Alur, R., Henzinger, T.A.: Logics and models of real time: A survey. In: Huizing, C., de Bakker, J.W., Rozenberg, G., de Roever, W.-P. (eds.) REX 1991. LNCS, vol. 600, pp. 74–106. Springer, Heidelberg (1992)
Arasu, A., Babu, S., Widom, J.: The CQL continuous query language: semantic foundations and query execution. VLDB Journal 15(2), 121–142 (2006)
Barringer, H., Goldberg, A., Havelund, K., Sen, K.: Rule-based runtime verification. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 44–57. Springer, Heidelberg (2004)
Barringer, H., Rydeheard, D.E., Havelund, K.: Rule systems for run-time monitoring: From Eagle to RuleR. J. Logic Comput. (to appear)
Barth, A., Datta, A., Mitchell, J.C., Nissenbaum, H.: Privacy and contextual integrity: Framework and applications. In: Proc. of the 2006 IEEE Symposium on Security and Privacy, pp. 184–198. IEEE Computer Society, Los Alamitos (2006)
Basin, D., Klaedtke, F., Müller, S.: Monitoring security policies with metric first-order temporal logic. In: 15th ACM Symposium on Access Control Models and Technologies (SACMAT) (accepted for publication)
Basin, D., Klaedtke, F., Müller, S., Pfitzmann, B.: Runtime monitoring of metric first-order temporal properties. In: Proc. of the 28th International Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS), Dagstuhl Seminar Proc., pp. 49–60 (2008)
Bauer, A., Leucker, M., Schallhart, C.: Monitoring of real-time properties. In: Arun-Kumar, S., Garg, N. (eds.) FSTTCS 2006. LNCS, vol. 4337, pp. 260–272. Springer, Heidelberg (2006)
Blumensath, A., Grädel, E.: Finite presentations of infinite structures: Automata and interpretations. Theory Comput. Syst. 37(6), 641–674 (2004)
Chomicki, J.: Efficient checking of temporal integrity constraints using bounded history encoding. ACM Trans. Database Syst. 20(2), 149–186 (1995)
Chomicki, J., Lobo, J.: Monitors for history-based policies. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 57–72. Springer, Heidelberg (2001)
Chomicki, J., Niwiński, D.: On the feasibility of checking temporal integrity constraints. J. Comput. Syst. Sci. 51(3), 523–535 (1995)
Clarke, E.M., Emerson, E.A.: Design and synthesis of synchronization skeletons using branching-time temporal logic. In: Kozen, D. (ed.) Logic of Programs 1981. LNCS, vol. 131, pp. 52–71. Springer, Heidelberg (1982)
d’Amorim, M., Roşu, G.: Efficient monitoring of ω-languages. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 364–378. Springer, Heidelberg (2005)
D’Angelo, B., Sankaranarayanan, S., Sánchez, C., Robinson, W., Finkbeiner, B., Sipma, H.B., Mehrotra, S., Manna, Z.: LOLA: Runtime monitoring of synchronous systems. In: Proc. of the 12th International Symposium on Temporal Representation and Reasoning (TIME), pp. 166–174. IEEE Computer Society, Los Alamitos (2005)
Dinesh, N., Joshi, A., Lee, I., Sokolsky, O.: Checking traces for regulatory conformance. In: Leucker, M. (ed.) RV 2008. LNCS, vol. 5289, pp. 86–103. Springer, Heidelberg (2008)
Dougherty, D.J., Fisler, K., Krishnamurthi, S.: Obligations and their interaction with programs. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 375–389. Springer, Heidelberg (2007)
Drusinsky, D.: On-line monitoring of metric temporal logic with time-series constraints using alternating finite automata. Journal of Universal Computer Science 12(5), 482–498 (2006)
Fagin, R.: Horn clauses and database dependencies. J. ACM 29(4), 952–985 (1982)
Giannakopoulou, D., Havelund, K.: Automata-based verification of temporal properties on running programs. In: Proc. of the 16th IEEE International Conference on Automated Software Engineering (ASE), pp. 412–416. IEEE Computer Society, Los Alamitos (2001)
Giblin, C., Liu, A.Y., Müller, S., Pfitzmann, B., Zhou, X.: Regulations expressed as logical models (REALM). In: Proc. of the 18th Annual Conference on Legal Knowledge and Information Systems (JURIX). Frontiers Artificial Intelligence Appl., vol. 134, pp. 37–48. IOS Press, Amsterdam (2005)
Hallé, S., Villemaire, R.: Runtime monitoring of message-based workflows with data. In: Proc. of the 12th International IEEE Enterprise Distributed Object Computing Conference (EDOC), pp. 63–72. IEEE Computer Society, Los Alamitos (2008)
Hallé, S., Villemaire, R.: Browser-based enforcement of interface contracts in web applications with BeepBeep. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 648–653. Springer, Heidelberg (2009)
Havelund, K., Roşu, G.: Efficient monitoring of safety properties. Int. J. Softw. Tools Technol. Trans. 6(2), 158–173 (2004)
Hilty, M., Basin, D., Pretschner, A.: On obligations. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 98–117. Springer, Heidelberg (2005)
Hilty, M., Pretschner, A., Basin, D., Schaefer, C., Walter, T.: A policy language for distributed usage control. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 531–546. Springer, Heidelberg (2007)
Håkansson, J., Jonsson, B., Lundqvist, O.: Generating online test oracles from temporal logic specifications. Int. J. Softw. Tools Technol. Trans. 4(4), 456–471 (2003)
Janicke, H., Cau, A., Zedan, H.: A note on the formalisation of UCON. In: Proc. of the 12th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 163–168. ACM Press, New York (2007)
Khoussainov, B., Nerode, A.: Automatic presentations of structures. In: Leivant, D. (ed.) LCC 1994. LNCS, vol. 960, pp. 367–392. Springer, Heidelberg (1995)
Koymans, R.: Specifying real-time properties with metric temporal logic. Real-Time Syst. 2(4), 255–299 (1990)
Kristoffersen, K.J., Pedersen, C., Andersen, H.R.: Runtime verification of timed LTL using disjunctive normalized equation systems. Elec. Notes Theo. Comput. Sci. 89(2), 1–16 (2003)
Law, A.M.: Simulation, Modeling & Analysis, 4th edn. McGraw-Hill, New York (2007)
Lichtenstein, O., Pnueli, A., Zuck, L.D.: The glory of the past. In: Parikh, R. (ed.) Logic of Programs 1985. LNCS, vol. 193, pp. 196–218. Springer, Heidelberg (1985)
Ligatti, J., Bauer, L., Walker, D.: Edit automata: enforcement mechanisms for run-time security policies. Int. J. Inf. Secur. 4(1-2), 2–16 (2005)
Lipeck, U.W., Saake, G.: Monitoring dynamic integrity constraints based on temporal logic. Information Systems 12(3), 255–269 (1987)
Maler, O., Nickovic, D., Pnueli, A.: From MITL to timed automata. In: Asarin, E., Bouyer, P. (eds.) FORMATS 2006. LNCS, vol. 4202, pp. 274–289. Springer, Heidelberg (2006)
Nickovic, D., Maler, O.: AMT: A property-based monitoring tool for analog systems. In: Raskin, J.-F., Thiagarajan, P.S. (eds.) FORMATS 2007. LNCS, vol. 4763, pp. 304–319. Springer, Heidelberg (2007)
Olivain, J., Goubault-Larrecq, J.: The Orchids intrusion detection tool. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 286–290. Springer, Heidelberg (2005)
Pnueli, A.: The temporal logic of programs. In: Proc. of the 18th IEEE Symposium on Foundations of Computer Science (FOCS), pp. 46–57. IEEE Computer Society, Los Alamitos (1977)
Roger, M., Goubault-Larrecq, J.: Log auditing through model-checking. In: Proc. of the 14th IEEE Computer Security Foundations Workshop (CSFW), pp. 220–234. IEEE Computer Society, Los Alamitos (2001)
Roşu, G., Havelund, K.: Rewriting-based techniques for runtime verification. Automat. Softw. Eng. 12(2), 151–197 (2005)
Schneider, F.B.: Enforceable security policies. ACM Trans. Inform. Syst. Secur. 3(1), 30–50 (2000)
Sistla, A.P., Wolfson, O.: Temporal triggers in active databases. IEEE Trans. Knowl. Data Eng. 7(3), 471–486 (1995)
Sokolsky, O., Sammapun, U., Lee, I., Kim, J.: Run-time checking of dynamic properties. Elec. Notes Theo. Comput. Sci. 144(4), 91–108 (2006)
Stolz, V.: Temporal assertions with parameterized propositions. J. Logic Comput. (to appear)
Thati, P., Roşu, G.: Monitoring algorithms for metric temporal logic specifications. Elec. Notes Theo. Comput. Sci. 113, 145–162 (2005)
Vardi, M.Y.: From philosophical to industrial logics. In: Ramanujam, R., Sarukkai, S. (eds.) ICLA 2009. LNCS (LNAI), vol. 5378, pp. 89–115. Springer, Heidelberg (2009)
Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal model and policy specification of usage control. ACM Trans. Inform. Syst. Secur. 8(4), 351–387 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Basin, D., Klaedtke, F., Müller, S. (2010). Policy Monitoring in First-Order Temporal Logic. In: Touili, T., Cook, B., Jackson, P. (eds) Computer Aided Verification. CAV 2010. Lecture Notes in Computer Science, vol 6174. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14295-6_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-14295-6_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14294-9
Online ISBN: 978-3-642-14295-6
eBook Packages: Computer ScienceComputer Science (R0)