A First-Order Policy Language for History-Based Transaction Monitoring

  • Andreas Bauer
  • Rajeev Goré
  • Alwen Tiu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5684)


Online trading invariably involves dealings between strangers, so it is important for one party to be able to judge objectively the trustworthiness of the other. In such a setting, the decision to trust a user may sensibly be based on that user’s past behaviour. We introduce a specification language based on linear temporal logic for expressing a policy for categorising the behaviour patterns of a user depending on its transaction history. We also present an algorithm for checking whether the transaction history obeys the stated policy. To be useful in a real setting, such a language should allow one to express realistic policies which may involve parameter quantification and quantitative or statistical patterns. We introduce several extensions of linear temporal logic to cater for such needs: a restricted form of universal and existential quantification; arbitrary computable functions and relations in the term language; and a “counting” quantifier for counting how many times a formula holds in the past. We then show that model checking a transaction history against a policy, which we call the history-based transaction monitoring problem, is PSPACE-complete in the size of the policy formula and the length of the history, assuming that the underlying interpreted functions and relations are polynomially computable. The problem becomes decidable in polynomial time when the policies are fixed. We also consider the problem of transaction monitoring in the case where not all the parameters of actions are observable. We formulate two such “partial observability” monitoring problems, and show their decidability under certain restrictions.


Model Check Policy Language Function Symbol Diophantine Equation Linear Temporal Logic 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    The RuleML Initiative. Document located,
  2. 2.
    Bartoletti, M., Degano, P., Ferrari, G.L.: History-based access control with local policies. In: Sassone, V. (ed.) FOSSACS 2005. LNCS, vol. 3441, pp. 316–332. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Bauer, A., Goré, R., Tiu, A.: A decidable policy language for history-based transaction monitoring. Technical report, The Australian National University (2009),
  4. 4.
    Bauer, A., Leucker, M., Schallhart, C.: Monitoring of real-time properties. In: Arun-Kumar, S., Garg, N. (eds.) FSTTCS 2006. LNCS, vol. 4337, pp. 260–272. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  5. 5.
    Boley, H., Dean, M., Grosof, B., Sintek, M., Spencer, B., Tabet, S., Wagner, G.: FOL RuleML: The First-Order Logic Web Language (2005),
  6. 6.
    Brewer, D.F.C., Nash, M.J.: The chinese wall security policy. In: IEEE Symposium on Security and Privacy. IEEE, Los Alamitos (1989)Google Scholar
  7. 7.
    D’Angelo, B., Sankaranarayanan, S., Sánchez, C., Robinson, W., Finkbeiner, B., Sipma, H.B., Mehrotra, S., Manna, Z.: LOLA: Runtime monitoring of synchronous systems. In: TIME. IEEE, Los Alamitos (2005)Google Scholar
  8. 8.
    Edjlali, G., Acharya, A., Chaudhary, V.: History-based access control for mobile code. In: ACM Conference on Computer and Communications Security, pp. 38–48 (1998)Google Scholar
  9. 9.
    Fong, P.W.L.: Access control by tracking shallow execution history. In: IEEE Symposium on Security and Privacy, pp. 43–55. IEEE Computer Society Press, Los Alamitos (2004)Google Scholar
  10. 10.
    Havelund, K., Rosu, G.: Synthesizing Monitors for Safety Properties. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, p. 342. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decision Support Systems 43(2), 618–644 (2007)CrossRefGoogle Scholar
  12. 12.
    Kroening, D., Strichman, O.: Decision Procedures. Springer, Heidelberg (2008)zbMATHGoogle Scholar
  13. 13.
    Krukow, K., Nielsen, M., Sassone, V.: A framework for concrete reputation-systems with applications to history-based access control. In: ACM Conf. Comp. and Commun. Sec. (2005)Google Scholar
  14. 14.
    Krukow, K., Nielsen, M., Sassone, V.: A logical framework for reputation systems and history based access control. Journal of Computer Security (to appear) (2008)Google Scholar
  15. 15.
    Matiyasevich, Y.: Hilbert’s 10th Problem. MIT Press, Cambridge (1993)zbMATHGoogle Scholar
  16. 16.
    Pnueli, A.: The temporal logic of programs. In: Proc. FOCS 1977, pp. 46–57 (1977)Google Scholar
  17. 17.
    Roger, M., Goubault-Larrecq, J.: Log auditing through model-checking. In: CSFW, pp. 220–234. IEEE, Los Alamitos (2001)Google Scholar
  18. 18.
    Sipser, M.: Introduction to the Theory of Computation. Intl. Thomson Publishing (1996)Google Scholar
  19. 19.
    Winskel, G., Nielsen, M.: Models for concurrency. In: Handbook of logic in computer science. semantic modelling, vol. 4. Oxford University Press, Oxford (1995)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Andreas Bauer
    • 1
  • Rajeev Goré
    • 1
  • Alwen Tiu
    • 1
  1. 1.Logic and Computation Group College of Engineering and Computer ScienceThe Australian National UniversityAustralia

Personalised recommendations