FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2523677811> ?p ?o ?g. }

• W2523677811 abstract "Measuring security is widely accepted to be an important aspect of creating, deploying and maintaining secure applications. However, no comprehensive framework to measure security exists. Moreover, there is currently no systematic way to elicit ’correct’ metrics that monitor such an application. We propose to use a model checker to formally elicit a minimal but sufficient set of metrics to monitor the correctness of the security functionality implemented in an application. In previous work [1] we have described our model framework1. We have argued that it is possible to systematically (and potentially automatically) insert reusable metrics in an application using security patterns. Since these metrics are attached to security patterns, which are in turn instantiated in the application to realise a certain security requirement, measurement results can be aggregated to provide an indication of the degree of fulfillment of these requirement. A remaining question in this approach is how metrics can be systematically elicited for each security pattern. One way to tackle this problem is by using formal modeling techniques. By constructing a formal model of a pattern, it is possible to exhaustively isolate all ”pre-conditions” which must hold for the pattern to operate correctly, i.e., so that the pattern can realize its ”post-conditions”. These post-conditions correspond to the security guarantees that a correctly operating security pattern provides. If the post-conditions imply the security requirements, then the pre-conditions form a sufficient set of monitoring targets, for which metrics can be created. Moreover, by using model checkers, this set of pre-conditions can be minimized in order to obtain a minimal but sufficient set of monitoring targets. To illustrate with a simple example, consider the SECURE LOGGER pattern [2]. This pattern describes how log entries can be cryptographically pre-processed, so that their integrity and confidentiality is ensured, even when stored on untrusted storage media. One of the guarantees (or postconditions) that this pattern provides, is that deletion of an entry will be detected. In order to do this, the description of the SECURE LOGGER suggests to add sequence numbers to each log entry. One way to implement this, is by adding a counter to the secure log, and assign the value of this counter to the next log entry after incrementing it. Of course, the underlying assumption is that this counter should be tamper-proof—if someone is able to modify the value of this counter, then the last entry can be stealthily deleted. One pre-condition on which the SECURE LOGGER builds to ensure its postconditions, i.e., detect deletion of log entries, is to ensure that the counter is not tampered with. A trivial metric to monitor this, is to count the number of log requests, and compare this number to the value of the counter. This is depicted in Figure 1." @default.
• W2523677811 created "2016-09-30" @default.
• W2523677811 creator A5041274593 @default.
• W2523677811 creator A5046846416 @default.
• W2523677811 creator A5054031138 @default.
• W2523677811 creator A5088021486 @default.
• W2523677811 date "2008-07-29" @default.
• W2523677811 modified "2023-09-25" @default.
• W2523677811 title "Using model checkers to elicit security metrics" @default.
• W2523677811 cites W2113739228 @default.
• W2523677811 cites W652748195 @default.
• W2523677811 hasPublicationYear "2008" @default.
• W2523677811 type Work @default.
• W2523677811 sameAs 2523677811 @default.
• W2523677811 citedByCount "0" @default.
• W2523677811 crossrefType "journal-article" @default.
• W2523677811 hasAuthorship W2523677811A5041274593 @default.
• W2523677811 hasAuthorship W2523677811A5046846416 @default.
• W2523677811 hasAuthorship W2523677811A5054031138 @default.
• W2523677811 hasAuthorship W2523677811A5088021486 @default.
• W2523677811 hasConcept C103377522 @default.
• W2523677811 hasConcept C110251889 @default.
• W2523677811 hasConcept C111919701 @default.
• W2523677811 hasConcept C121822524 @default.
• W2523677811 hasConcept C124101348 @default.
• W2523677811 hasConcept C177264268 @default.
• W2523677811 hasConcept C184842701 @default.
• W2523677811 hasConcept C195518309 @default.
• W2523677811 hasConcept C199360897 @default.
• W2523677811 hasConcept C29983905 @default.
• W2523677811 hasConcept C38652104 @default.
• W2523677811 hasConcept C41008148 @default.
• W2523677811 hasConcept C527648132 @default.
• W2523677811 hasConcept C55439883 @default.
• W2523677811 hasConcept C62913178 @default.
• W2523677811 hasConcept C79974875 @default.
• W2523677811 hasConcept C80444323 @default.
• W2523677811 hasConceptScore W2523677811C103377522 @default.
• W2523677811 hasConceptScore W2523677811C110251889 @default.
• W2523677811 hasConceptScore W2523677811C111919701 @default.
• W2523677811 hasConceptScore W2523677811C121822524 @default.
• W2523677811 hasConceptScore W2523677811C124101348 @default.
• W2523677811 hasConceptScore W2523677811C177264268 @default.
• W2523677811 hasConceptScore W2523677811C184842701 @default.
• W2523677811 hasConceptScore W2523677811C195518309 @default.
• W2523677811 hasConceptScore W2523677811C199360897 @default.
• W2523677811 hasConceptScore W2523677811C29983905 @default.
• W2523677811 hasConceptScore W2523677811C38652104 @default.
• W2523677811 hasConceptScore W2523677811C41008148 @default.
• W2523677811 hasConceptScore W2523677811C527648132 @default.
• W2523677811 hasConceptScore W2523677811C55439883 @default.
• W2523677811 hasConceptScore W2523677811C62913178 @default.
• W2523677811 hasConceptScore W2523677811C79974875 @default.
• W2523677811 hasConceptScore W2523677811C80444323 @default.
• W2523677811 hasLocation W25236778111 @default.
• W2523677811 hasOpenAccess W2523677811 @default.
• W2523677811 hasPrimaryLocation W25236778111 @default.
• W2523677811 hasRelatedWork W1562531996 @default.
• W2523677811 hasRelatedWork W1587499874 @default.
• W2523677811 hasRelatedWork W1808392 @default.
• W2523677811 hasRelatedWork W1819824216 @default.
• W2523677811 hasRelatedWork W198455751 @default.
• W2523677811 hasRelatedWork W2133318222 @default.
• W2523677811 hasRelatedWork W2402246924 @default.
• W2523677811 hasRelatedWork W2403427978 @default.
• W2523677811 hasRelatedWork W2771504904 @default.
• W2523677811 hasRelatedWork W2907620046 @default.
• W2523677811 hasRelatedWork W3093051285 @default.
• W2523677811 hasRelatedWork W3106010819 @default.
• W2523677811 hasRelatedWork W563872716 @default.
• W2523677811 hasRelatedWork W1891660644 @default.
• W2523677811 hasRelatedWork W193626754 @default.
• W2523677811 hasRelatedWork W2183589065 @default.
• W2523677811 hasRelatedWork W2278831842 @default.
• W2523677811 hasRelatedWork W2575030855 @default.
• W2523677811 hasRelatedWork W2818720992 @default.
• W2523677811 hasRelatedWork W2923081599 @default.
• W2523677811 isParatext "false" @default.
• W2523677811 isRetracted "false" @default.
• W2523677811 magId "2523677811" @default.
• W2523677811 workType "article" @default.