Security and Trust Management

Volume 8203 of the series Lecture Notes in Computer Science pp 144-159

Probabilistic Cost Enforcement of Security Policies

  • Yannis MalliosAffiliated withCarnegie Mellon University
  • , Lujo BauerAffiliated withCarnegie Mellon University
  • , Dilsun KaynarAffiliated withCarnegie Mellon University
  • , Fabio MartinelliAffiliated withIstituto di Informatica e Telematica, National Research Council
  • , Charles MorissetAffiliated withNewcastle University

* Final gross prices may vary according to local VAT.

Get Access


This paper presents a formal framework for run-time enforcement mechanisms, or monitors, based on probabilistic input/output automata [3,4], which allows for the modeling of complex and interactive systems. We associate with each trace of a monitored system (i.e., a monitor interposed between a system and an environment) a probability and a real number that represents the cost that the actions appearing on the trace incur on the monitored system. This allows us to calculate the probabilistic (expected) cost of the monitor and the monitored system, which we use to classify monitors, not only in the typical sense, e.g., as sound and transparent [17], but also at a more fine-grained level, e.g., as cost-optimal or cost-efficient. We show how a cost-optimal monitor can be built using information about cost and the probabilistic future behavior of the system and the environment, showing how deeper knowledge of a system can lead to construction of more efficient security mechanisms.