Abstract

We present an approach to the proactive enforcement of provisions and obligations, suitable for building policy enforcement mechanisms that both prevent and cause system actions. Our approach encompasses abstract requirements for proactive policy enforcement, a system model describing how enforcement mechanisms interact with and control target systems, and concrete policy languages and associated enforcement mechanisms. As examples of policy languages, we consider finite automata and timed dynamic condition response (DCR) graphs. We use finite automata to illustrate the basic principles and DCR graphs to show how these principles can be adapted to a practical, real-time policy language. In both cases, we show how to algorithmically determine whether a given policy is enforceable and, when this is the case, construct an associated enforcement mechanism. Our approach improves upon existing formalisms in two ways: (1) we exploit the target system’s existing functionality to avert policy violations proactively, rather than compensate for them reactively; and (2) rather than requiring the manual specification of remedial actions in the policy, we deduce required actions directly from the policy.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Safety, Liveness and Run-Time Refinement for Modular Process-Aware Information Systems with Dynamic Sub Processes
Søren Debois ... Tijs Slaats
-
Søren Debois, et. al.Søren Debois ... Tijs Slaats
01 Jan 2015
Safe Distribution of Declarative Processes
Thomas Hildebrandt ... Raghava Rao Mukkamala
-
Thomas Hildebrandt, et. al.Thomas Hildebrandt ... Raghava Rao Mukkamala
01 Jan 2010
Towards Low-Code Adaptive Case Management Solutions with Dynamic Condition Response Graphs, Subprocesses and Data
Rasmus Iven Stromsted ... Emil Heuck
-
Rasmus Iven Stromsted, et. al.Rasmus Iven Stromsted ... Emil Heuck
01 Oct 2018
Discovering Responsibilities with Dynamic Condition Response Graphs
Viktorija Nekrasaite ... Andrew Tristan Parli
-
Viktorija Nekrasaite, et. al.Viktorija Nekrasaite ... Andrew Tristan Parli
01 Jan 2019
View more papers

More From: Journal of Computer Security

Paper Title
Journal
Date
Author
E-Tenon: An efficient privacy-preserving secure open data sharing scheme for EHR system
Prosanta Gope ... Jianting Ning
Journal of Computer Security | VOL. 32
Prosanta Gope, et. al.Prosanta Gope ... Jianting Ning
26 Aug 2024
DSLR–: A low-overhead data structure layout randomization for defending data-oriented programming
Jin Wei ... Ping Chen
Journal of Computer Security | VOL. 32
Jin Wei, et. al.Jin Wei ... Ping Chen
17 Jun 2024
Analysis of neural network detectors for network attacks
Qingtian Zou ... Lan Zhang
Journal of Computer Security | VOL. 32
Qingtian Zou, et. al.Qingtian Zou ... Lan Zhang
17 Jun 2024
Proactive enforcement of provisions and obligations
David Basin ... Thomas Hildebrandt
Journal of Computer Security | VOL. 32
David Basin, et. al.David Basin ... Thomas Hildebrandt
17 Jun 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.