Abstract
A promising direction of research to ensure security in large-scale information systems, including distributed geographic information systems (GISs), is the development of software tools that implement logical inference based on knowledge about security information and events is frameworks that use logical languages and inference provide administrators with powerful and flexible means to verify complex security policies, generate efficient countermeasures against computer attacks, and maintain the required security level. This chapter outlines an approach for the development and implementation of a logical inference framework for security information and event management. The chapter considers the common architecture of this framework, as well as the architecture and implementation details of particular logical inference modules based on event calculus, model checking, and an ontological data repository.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Al-Shaer E, Hamed H, Boutaba R, Hasan M (2005) Conflict classification and analysis of distributed firewall policies. J Sel Areas Commun 23(10):2069–2084
Amalio N, Spanoudakis G (2008) From monitoring templates to security monitoring and threat detection. SECURWARE ‘08. 2nd International Conference on emerging security information, systems and technologies, pp 185–192 25–31 Aug 2008
ArcGIS Resource Center (2013). Logging and Auditing. http://resources.arcgis.com/content/enterprisegis/10.0/logging_mechanism
Babamir SM, Jalili S (2006) A logical based approach to detection of intrusions against programs. In: Proceedings of the 2nd conference on global E-security, (ICGeS-06). London, pp 72–79
Bandara AK, Lupu EC, Russo A (2003) Using event calculus to formalise policy specification and analysis. Policies for distributed systems and networks. In: Proceedings POLICY 2003. IEEE 4th international workshop on 4–6 June 2003, pp 26–39
Broda K, Clark K, Miller R, Russo A (2009) SAGE: a logical agent-based environment monitoring and control system. In: Proceedings of Aml’09, Zalzburg, Austria, 18–21 Nov, pp 112–117
Clarke EM, Grumberg OS, Lu, JHA Y, Veith H (2001) Progress on the state explosion problem in model checking (vol 2000). Lecture notes in computer science, Springer, Heidelberg
Das P, Niyogi R (2011) A temporal logic based approach to multi-agent intrusion detection and prevention. Int J Commun Network Secure 1(1)
Dixon C, Gago M-C F, Fisher M, Van der Hoek W (2004) Using temporal logics of knowledge in the formal verification of security protocols. In: Proceedings of the 11th international symposium on temporal representation and reasoning (TIME’04). IEEE 1530-1311/04, pp 148–151
Endriss U, Mancarella P, Sadri F, Terreni G, Toni F (2004) The CIFF proof procedure: definition and soundness results. Technical report 2004/2, Department of Computing, Imperial College London
Enterprise GIS Security (2013). http://resources.arcgis.com/content/enterprisegis/10.0/security
Evans D, Eyers DM, Bacon J (2010) Linking policies to the spatial environment. In: Proceedings of policies for distributed systems and networks (POLICY), pp 73–76
Farrell ADH, Sergot MJ, Salle M, Bartolini C (2004) Performance monitoring of service-level agreements for utility computing using the event calculus. In: Proceeding of workshop on contract languages and architectures (CoALa2004). 8th international IEEE enterprise distributed object computing conference, Monterey, pp 17–24
Gaaloul Kh, Proper HA, Zahoor E, Charoy F, Godart C (2011) A logical framework for reasoning about delegation policies in workflow management. Int J Inf Comput Secur 4(4):365–388
Kotenko I, Tishkov A, Chervatuk O, Sidelnikova E (2007) Security policy verification tool for geographical information systems. Lecture notes in geoinformation and cartography, pp 128–146
Kowalski R, Sergot M (1986) A logic-based calculus of events. New Gener Comput 4(1):67–95
Manna Z, Pnueli A (1995) Temporal verification of reactive systems: safety. Springer, New York
Miller DR, Harris SH, Harper AA, VanDyke S, Black CH (2011) Security information and event management implementation. McGraw–Hill Companies, New York
Montali M, Maggi FM, Chesani F, Mello P, Van der Aalst WMP (2011) Monitoring business constraints with the event calculus, 97. DEIS Technical report no. DEIS-LIA-002-11, LIA Series
Nowicka E, Zawada M (2006) Modeling temporal properties of multi-event attack signatures in interval temporal logic. In: Proceedings of the IEEE/IST workshop on monitoring, attack detection and mitigation (MonAM 2006), Tuebingen, Germany, Sept, pp 89–93
On-The-Fly, Ltl Model Checking with SPIN (2013). http://spinroot.com/spin/whatispin.html
Pnueli A (1977) The temporal logic of programs. In: Proceedings 18th IEEE symposium on foundations of computer science, Washington, DC, USA, pp 46–57
Rouached M, Claude G (2006) Securing web service compositions: formalizing authorization policies using event calculus, vol 4294. Lecture notes in computer science. Springer, Heidelberg, pp 440–446
Sattler U Description logic reasoners (2013). http://www.cs.man.ac.uk/~sattler/reasoners.html
Simko G, Sztipanovits J (2012) Active monitoring using real-time metric linear temporal logic specifications. In: Proceedings of the international conference on health informatics. Vilamoura, Algarve, 1–4 Feb, pp 370–373
Spanoudakis G, Christos K, Androutsopoulos K (2007) Towards security monitoring patterns. In: Proceedings of SAC’07, Seoul, Korea, 11–15 March, pp 1518–1525
The CIFF Proof Procedure for Abductive Logic Programming (2006). http://staff.science.uva.nl/~ulle/ciff/
Tishkov A, Kotenko I, Sidelnikova E (2005) Security checker architecture for policy-based security management, vol 3685. Lecture notes in computer science. Springer, Heidelberg, pp 460–465
Tsang E, Olsen R, Masry SH (2013) The event calculus on high-frequency finance. http://www.bracil.net/finance/papers/TsangOlsenMasri-EventCalculus-CCFEA2010.pdf
Winwood S, Klein G, Chakravarty MMT (2006) On the automated synthesis of proof-carrying temporal reference monitors. Lecture notes in computer science, Springer, Berlin, pp 111–126
Acknowledgments
This research is supported by grant from the Russian Foundation of Basic Research, Program of Fundamental Research of the Department for Nanotechnologies and Informational Technologies of the Russian Academy of Sciences (contract #2.2), State contract #11.519.11.4008, and partly funded by the EU as part of the SecFutur and MASSIF projects.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Kotenko, I., Polubelova, O., Saenko, I. (2014). Logical Inference Framework for Security Management in Geographical Information Systems. In: Popovich, V., Claramunt, C., Schrenk, M., Korolenko, K. (eds) Information Fusion and Geographic Information Systems (IF AND GIS 2013). Lecture Notes in Geoinformation and Cartography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31833-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-31833-7_13
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31832-0
Online ISBN: 978-3-642-31833-7
eBook Packages: Earth and Environmental ScienceEarth and Environmental Science (R0)