Advertisement

Logical Inference Framework for Security Management in Geographical Information Systems

  • Igor Kotenko
  • Olga Polubelova
  • Igor Saenko
Chapter
Part of the Lecture Notes in Geoinformation and Cartography book series (LNGC)

Abstract

A promising direction of research to ensure security in large-scale information systems, including distributed geographic information systems (GISs), is the development of software tools that implement logical inference based on knowledge about security information and events is frameworks that use logical languages and inference provide administrators with powerful and flexible means to verify complex security policies, generate efficient countermeasures against computer attacks, and maintain the required security level. This chapter outlines an approach for the development and implementation of a logical inference framework for security information and event management. The chapter considers the common architecture of this framework, as well as the architecture and implementation details of particular logical inference modules based on event calculus, model checking, and an ontological data repository.

Keywords

Information security Security information and event management Logical inference Ontology Data repository Event calculus Model checking 

Notes

Acknowledgments

This research is supported by grant from the Russian Foundation of Basic Research, Program of Fundamental Research of the Department for Nanotechnologies and Informational Technologies of the Russian Academy of Sciences (contract #2.2), State contract #11.519.11.4008, and partly funded by the EU as part of the SecFutur and MASSIF projects.

References

  1. Al-Shaer E, Hamed H, Boutaba R, Hasan M (2005) Conflict classification and analysis of distributed firewall policies. J Sel Areas Commun 23(10):2069–2084CrossRefGoogle Scholar
  2. Amalio N, Spanoudakis G (2008) From monitoring templates to security monitoring and threat detection. SECURWARE ‘08. 2nd International Conference on emerging security information, systems and technologies, pp 185–192 25–31 Aug 2008Google Scholar
  3. ArcGIS Resource Center (2013). Logging and Auditing. http://resources.arcgis.com/content/enterprisegis/10.0/logging_mechanism
  4. Babamir SM, Jalili S (2006) A logical based approach to detection of intrusions against programs. In: Proceedings of the 2nd conference on global E-security, (ICGeS-06). London, pp 72–79Google Scholar
  5. Bandara AK, Lupu EC, Russo A (2003) Using event calculus to formalise policy specification and analysis. Policies for distributed systems and networks. In: Proceedings POLICY 2003. IEEE 4th international workshop on 4–6 June 2003, pp 26–39Google Scholar
  6. Broda K, Clark K, Miller R, Russo A (2009) SAGE: a logical agent-based environment monitoring and control system. In: Proceedings of Aml’09, Zalzburg, Austria, 18–21 Nov, pp 112–117Google Scholar
  7. Clarke EM, Grumberg OS, Lu, JHA Y, Veith H (2001) Progress on the state explosion problem in model checking (vol 2000). Lecture notes in computer science, Springer, HeidelbergGoogle Scholar
  8. Das P, Niyogi R (2011) A temporal logic based approach to multi-agent intrusion detection and prevention. Int J Commun Network Secure 1(1)Google Scholar
  9. Dixon C, Gago M-C F, Fisher M, Van der Hoek W (2004) Using temporal logics of knowledge in the formal verification of security protocols. In: Proceedings of the 11th international symposium on temporal representation and reasoning (TIME’04). IEEE 1530-1311/04, pp 148–151Google Scholar
  10. Endriss U, Mancarella P, Sadri F, Terreni G, Toni F (2004) The CIFF proof procedure: definition and soundness results. Technical report 2004/2, Department of Computing, Imperial College LondonGoogle Scholar
  11. Evans D, Eyers DM, Bacon J (2010) Linking policies to the spatial environment. In: Proceedings of policies for distributed systems and networks (POLICY), pp 73–76Google Scholar
  12. Farrell ADH, Sergot MJ, Salle M, Bartolini C (2004) Performance monitoring of service-level agreements for utility computing using the event calculus. In: Proceeding of workshop on contract languages and architectures (CoALa2004). 8th international IEEE enterprise distributed object computing conference, Monterey, pp 17–24Google Scholar
  13. Gaaloul Kh, Proper HA, Zahoor E, Charoy F, Godart C (2011) A logical framework for reasoning about delegation policies in workflow management. Int J Inf Comput Secur 4(4):365–388Google Scholar
  14. Kotenko I, Tishkov A, Chervatuk O, Sidelnikova E (2007) Security policy verification tool for geographical information systems. Lecture notes in geoinformation and cartography, pp 128–146Google Scholar
  15. Kowalski R, Sergot M (1986) A logic-based calculus of events. New Gener Comput 4(1):67–95CrossRefGoogle Scholar
  16. Manna Z, Pnueli A (1995) Temporal verification of reactive systems: safety. Springer, New YorkCrossRefGoogle Scholar
  17. Miller DR, Harris SH, Harper AA, VanDyke S, Black CH (2011) Security information and event management implementation. McGraw–Hill Companies, New YorkGoogle Scholar
  18. Montali M, Maggi FM, Chesani F, Mello P, Van der Aalst WMP (2011) Monitoring business constraints with the event calculus, 97. DEIS Technical report no. DEIS-LIA-002-11, LIA SeriesGoogle Scholar
  19. Nowicka E, Zawada M (2006) Modeling temporal properties of multi-event attack signatures in interval temporal logic. In: Proceedings of the IEEE/IST workshop on monitoring, attack detection and mitigation (MonAM 2006), Tuebingen, Germany, Sept, pp 89–93Google Scholar
  20. On-The-Fly, Ltl Model Checking with SPIN (2013). http://spinroot.com/spin/whatispin.html
  21. Pnueli A (1977) The temporal logic of programs. In: Proceedings 18th IEEE symposium on foundations of computer science, Washington, DC, USA, pp 46–57Google Scholar
  22. Rouached M, Claude G (2006) Securing web service compositions: formalizing authorization policies using event calculus, vol 4294. Lecture notes in computer science. Springer, Heidelberg, pp 440–446Google Scholar
  23. Sattler U Description logic reasoners (2013). http://www.cs.man.ac.uk/~sattler/reasoners.html
  24. Simko G, Sztipanovits J (2012) Active monitoring using real-time metric linear temporal logic specifications. In: Proceedings of the international conference on health informatics. Vilamoura, Algarve, 1–4 Feb, pp 370–373Google Scholar
  25. Spanoudakis G, Christos K, Androutsopoulos K (2007) Towards security monitoring patterns. In: Proceedings of SAC’07, Seoul, Korea, 11–15 March, pp 1518–1525Google Scholar
  26. The CIFF Proof Procedure for Abductive Logic Programming (2006). http://staff.science.uva.nl/~ulle/ciff/
  27. Tishkov A, Kotenko I, Sidelnikova E (2005) Security checker architecture for policy-based security management, vol 3685. Lecture notes in computer science. Springer, Heidelberg, pp 460–465Google Scholar
  28. Tsang E, Olsen R, Masry SH (2013) The event calculus on high-frequency finance. http://www.bracil.net/finance/papers/TsangOlsenMasri-EventCalculus-CCFEA2010.pdf
  29. Winwood S, Klein G, Chakravarty MMT (2006) On the automated synthesis of proof-carrying temporal reference monitors. Lecture notes in computer science, Springer, Berlin, pp 111–126Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  1. 1.Saint-Petersburg Institute for Informatics and Automation of Russian Academy of Sciences (SPIIRAS)Saint-PetersburgRussia

Personalised recommendations