Implementing real-time transactional security property using timed edit automata

Implementing Real-Time Transactional SecurityProperty using Timed Edit Automata

N.Rajamanickam and R.Nadarajan

PSG College of TechnologyCoimbatore, India

[email protected]

Agenda

Security Policy

Properties

Edit Automata

Timed Edit Automata

Market Policy

Conclusion

Security Policy

If a computer system is regarded as a state transition system, thena security policy is a statement that partitions the states of thesystem in to

I set of authorized states

I set of unauthorized states

Security Policy

A secure system is a system that starts in one of authorized state,and cannot enter an unauthorized state

Security Policy

I General purpose security policies

I Application dependent and special purpose security policies

Properties enforced by Timed Edit Automata

I Security Properties

I Transactional Properties

I Real-Time Properties

Security Property

A security property is a security policy, which could be enforceableby any enforcement mechanism

Transactional Properties

I Automicity

I Consisitency

I Isolation

I Durability

Real-Time Properties

I Bounded response

I Minimal separation

Edit Automata

Edit automaton E is a four tuple (Q,A, q0, δ) where

Q - countably infinite set of states

A - set of actions

q0 - start state

δ : Q × A→ Q × (A ∪ {.}) is deterministic totaltransition function

Execution

A finite execution α is a finite sequence of timed actions(action,time pairs)

α = a1 : t1; a2 : t2; a3 : t3; . . . ; ai : ti ; . . . ; an : tn

An infinite execution σ is an infinite sequence of timed actions

σ = a1 : t1; a2 : t2; a3 : t3; . . .

Timed Edit Automata

Timed edit automaton is a six tuple (Q,A, q0,C , δ, I ) where

Q - countably infinite set of control locations

A - set of actions

q0 - start control location

C - set of real valued clocks

δ : A∪{null}×Q×B(C )×U → A∪{null}×Q×2C×Uis deterministic transition function

I : Q → B(C ) assigns clock constraints to controllocations

Transitions

I TE-Delay is for the transition between two actions, if thetimed edit automaton is in the same control location

I TE-Suppress-Insert suppresses the current action ai andinserts the new action b

I TE-Insert is a discrete transition without taking any inputaction

I TE-Suppress suppresses the current input action ai and insertsno input action

I TE-Null is a discrete transition without taking any inputaction and without emitting any output action

Operational SemanticsDiscrete Transitions

σ = ai : ti ;σ′ δ(ai , q, g , u) = (b, q′, r , u′) u ∈ g u ∈ I (q) u′ ∈ I (q′)

(σ, q, u)b−→ TE (σ′, q′, u′)

(TE-Suppress-Insert)

δ(null , q, g , u) = (c , q′, r , u′) u ∈ g u′ ∈ I (q′)

(σ, q, u)c−→ TE (σ, q′, u′)

(TE-Insert)

Operational SemanticsDiscrete Transitions

σ = ai : ti ;σ′ δ(ai , q, g , u) = (null , q′, r , u′) u ∈ g u ∈ I (q) u′ ∈ I (q′)

(σ, q, u)null−−→ TE (σ′, q′, u′)

(TE-Suppress)

δ(null , q, g , u) = (null , q′, r , u′) u ∈ g u′ ∈ I (q′)

(σ, q, u)null−−→ TE (σ, q′, u′)

(TE-Null)

Operational Semantics

Delay Transitions

u ∈ I (q) u + d ∈ I (q)

(σ, q, u) −→d

TE (σ, q, u + d)(TE-Delay)

Timed Market Policy

Conclusion

I Real-time transactional security property is a combination ofsecurity property, real time property and transactional property

I Timed market policy can be implemented by using timed editautomaton

References I

R. Alur and D. Dill.

A theory of timed automata.Theoritical Computer Science, 1994.

N. A.Lynch, R. Segala, and F. Vaandrager.

Hybrid i/o automata.Information and Computation, pages 105–157, 2003.

J. Bengtsson and W. Yi.

Timed automata: Semantics, algorithms and tools.In Lectures on Concurrency and Petri nets. Springer, 2004.

M. Bishop.

Computer Security: Art and Science.Addison-Wesly, 2002.

M. Bishop and S. S. Venkatramanayya.

Introduction to computer Security.Pearson Education, 2006.

F. B.Schneider.

Enforceable security policies.ACM Transactions on Information and System Security, 2000.

S. Davidson, I. Lee, and V. Wolfie.

Timed atomic commitment.IEEE Transactions on Computers, 1989.

R. Gupta, J. Haritsa, K. Ramamritham, and S.Seshadri.

Commit processing in distributed real-time database systems.1996.

References II

J. R. Haritsa, K. Ramamritham, and R. Gupta.

The prompt real-time commit protocol.IEEE Transactions on Parallel and Distributed Systems, 1999.

D. K.Kaynar, N. A.Lynch, R. Segala, and F. Vaandrager.

Timed i/o automata: A mathematical framework for modeling and analyzing real-time systems.2003.

D. K.Kaynar, N. A.Lynch, R. Segala, and F. Vaandrager.

The theory of timed i/o automata.2004.

J. Ligatti, L. Bauer, and D. Walker.

More enforceable security policies.In Foundations of Computer Security Workshop, 2002.


Edit automata: enforcement mechanism for run-time security policies.International Journal of Information Security, 2005.


Run-time enforcement of nonsafety policies.ACM Transactions on Information and Systems Security, 2009.

Quries and Suggestions

Thank You