a semantic model for
play

A Semantic Model For Action-Based Adaptive Security Sara Sartoli, - PowerPoint PPT Presentation

Nov 09, 2022 •143 likes •449 views

A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech University April 2017 Contents Motivation Introduction Contributions Why Answer Set Programming ? Running Example

  1. A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech University April 2017

  2. Contents ▪ Motivation ▪ Introduction ▪ Contributions ▪ Why Answer Set Programming ? ▪ Running Example ▪ Security Requirements Model ▪ Topological Model: Structure and Evolution ▪ Analysis Stage ▪ Planning Stage ▪ Evaluation ▪ Conclusion and Future work 1

  3. Motivation Example 1 ▪ Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Nancy A Nurse Operating room Hallway Nicole A Nurse V alerie A V endor Procedure treatment unit Admission office 2

  4. Motivation Example 1 ▪ Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Operating room Hallway Nancy V alerie A nurse Nicole A vendor A nurse Procedure treatment unit Admission office 3

  5. Motivation Example 1 ▪ Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Nancy A nurse Operating room Hallway V alerie Nicole A vendor A nurse Procedure treatment unit Admission office 4

  6. Motivation Example 1 ▪ Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Nancy A nurse Operating room Hallway V alerie A vendor Procedure treatment unit Nicole A nurse Admission office A Sequence of Permitted Actions can Cause a Violation 5

  7. Motivation Example 2 ▪ Authorized employees are allowed to use their own device for accessing and storing patients ’ health information. Only authorized personnel are allowed to store patients’ health information on ▪ their device. Pamela’s Health data Nicole Nancy Nurse Nurse 6

  8. Motivation Example 2 ▪ Authorized employees are allowed to use their own device for accessing and storing patients’ health information. Only authorized personnel are allowed to store patients’ health information on ▪ their device. Pamela’s Pamela’s Health data Health data Nicole Nancy Nurse Nurse A Sequence of Permitted Actions can Cause a Violation 7

  9. Introduction Adaptive Security aims at enabling software systems to adjust their protection mechanisms in highly changing operating environments. Topology A representation of physical or digital elements and their structural relationship such as containment and communication relationships. 8

  10. Introduction Challenging Problem and Related Work ▪ Runtime Verification of security requirements and enforcing action-plans to continue satisfying the requirements. ▪ Appropriate Formalisms are needed to represent topology and track its changes at runtime . [Pasquale, L., et al. SEAMS 2014] ▪ Ambient calculus-based dynamic topological model is used to support adaptive security. [Tsigkanos, C., et al. ICSE 2015] Pasquale, Liliana, et al. "Topology aware adaptive security." Proceedings of the 9th International Symposium on Software Engineering for Adaptive and Self- Managing Systems . ACM, 2014. Tsigkanos, Christos, et al. "Ariadne: Topology aware adaptive security for cyber-physical systems." Software Engineering (ICSE), 2015 IEEE/ACM 37th 9 IEEE International Conference on . Vol. 2. IEEE, 2015.

  11. Introduction Reference Model Runtime Verification Requires: ▪ monitoring operating environment ▪ maintaining knowledge about requirements, environment and system ▪ detecting possible violations ▪ determining an action-plan to mitigate possible violations Analysis Planning Monitoring System� model Execution Requirements� model Environment� Model Environment sensors Actuators 10

  12. Contributions ▪ Present a Answer Set Programming (ASP) based semantic model. ▪ Security Requirements ▪ Environment Model, i.e. Topological structure ▪ System Model, i.e. Evolution of topology ▪ Describe analysis activity: generating violation scenarios. ▪ Describe planning activity: recommending action-plans to mitigate possible violations. 11

  13. Why Answer Set Programming ? ▪ A declarative language with roots in non-monotonic reasoning and default reasoning. ▪ Reasoning in uncertain situations. ▪ Suitable for nondeterministic, dynamic environments. ▪ Basic ASP rules Negation as failure a 1 |… | a n :- b 1 , ... , b i , not c 1 , ... , not c j Epistemic disjunction ▪ At least one of a i s is believed if b 1 , ... , b i are believed whereas c 1 , ... , c j are not believed. 12

  14. Running Example 13

  15. Hypothetical Hospital Assumptions ▪ Clinical areas are protected by Patient room Reception area Cafeteria secure doors. ▪ Wi-Fi Internet is provided in the Operating room clinical area. Hallway ▪ Employees are allowed to bring their own device. Procedure treatment unit ▪ Employees can store encrypted data on their own device. Admission office ▪ Employees can transmit data to other authorized employees. Clinical areas Public areas 14

  16. Security Requirements Patient room Reception area Cafeteria SR1. Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Operating room Hallway [OHIO State University Medical Center policy] V alerie: A V endor Procedure treatment unit Admission office SR2. No more than one significant other may Patient room Reception area Cafeteria accompany adult patients, in procedural treatment Operating room unit. [Ronald Reagan UCLA medical center policy] Hallway Procedure treatment unit Admission office Pamela Brandon Maria SR3. Patients’ health information might only be transmitted to authorized personnel who are allowed Pamela ’ s Health data to access the information.[University of Michigan Health system policy] Nicole A nurse 15

  17. Topological Model Environment Model Representing Structure of Topology ▪ Containment hierarchy • Being enclosed: Nicole is in the operating room • Possession: Nicole has a device • Accessibility: Operating room(OR) and patient room(PR) are accessible from reception area(RA) • Storage: Pamela’s health data is stored on Nicole's device RA contains(reception_area,operating_room). PR OR contains(reception_area,opatient_room). contains(operating_room, nicole). contains(nicole, nicole_device). Nicole contains(nicol_device, Pamela_data). Nicole Device Pamela HD 16

  18. Topological Model Environment Model Representing Structure of Topology ▪ Communication graph • Being connected to an access point Nancy connected(nicole_device,wap). Device connected(nancy_device,wap). wap Nicole Device 17

  19. Topological Model System Model Representing Evolution of Topology ▪ Represents the execution path of the cyber physical system • State: a topological structure • Transition: an action exercised by an agent • Transition function – Direct effect of actions – Indirect effect of actions enter_room S T+1 S T – Inertia law holds(contains(Loc2, Agent), T+1) :- occurs(enter-room(Agent, Loc2), T). 18

  20. Topological Model System Model Representing Evolution of Topology ▪ Represents the execution path of the cyber physical system • State: a topological structure • Transition: an action exercised by an agent • Transition function – Direct effect of actions – Indirect effect of actions – Inertia law - holds(contains(Loc1,Agent), T):- holds(contains(Loc1, Agent), T), Loc1!= Loc2. 19

  21. Topological Model System Model Representing Evolution of Topology ▪ Represents the execution path of the cyber physical system • State: a topological structure • Transition: an action exercised by an agent • Transition function – Direct effect of actions – Indirect effect of actions – Inertia law holds(F, T+1) :- holds(F, T), not - holds(F, T+1). - holds(F, T+1) :- - holds(F, T), not holds(F, T+1). 20

  22. Requirements Model Security Requirement 1 SR1. Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Operating room Hallway V alerie: A V endor Procedure treatment unit Admission office Violated(SR1, T):- not holds(accompanied(opr,valerie),T). Holds(accompanied(opr,valerie),T) :- holds(contains(opr,valerie),T), holds(contains(opr, Agent),T). 21

  23. Requirements Model Security Requirement 2 SR2. Only one significant other may accompany adult patients, in procedural treatment unit. Patient room Reception area Cafeteria Operating room Hallway Procedure treatment unit Admission office Pamela Brandon Maria Violated(SR2, T):- #count{Agent:holds(contains(ptu,Agent),T), sign_other(Agent, Patient), adult(patient)} >1. 22

  24. Requirements Model Security Requirement 3 SR3. Patients’ health information might only be transmitted to authorized personnel who are allowed to access the information. Pamela ’ s Health data Nicole A nurse Violated(SR3, T):- holds(accompanied(Device,Data),T), holds(accompanied(Agent,Device),T), unAuthorized(Agent,Data). 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Construction of a Semantic Model Construction of a Semantic Model for a Typed Assembly Language

Construction of a Semantic Model Construction of a Semantic Model for a Typed Assembly Language

Construction of a Semantic Model Construction of a Semantic Model for a Typed Assembly Language Gang Tan, Andrew Appel, Kedar Swadi and Dinghao Wu Princeton University Jan 11, 2004 Extensible systems Extensible systems code extensions host

228 views • 22 slides
Ralph Hodgson Realizing a semantic solution: Ontologies are like and unlike other IT models

Ralph Hodgson Realizing a semantic solution: Ontologies are like and unlike other IT models

Enterprise Architecture in SOA: Coverage Models and Methodologies Going Semantic Semantic technology May 23 rd , 2005 Enterprise architecture and semantic technology Enterprise architecture maturity model Capabilities of semantic

244 views • 9 slides
An ontology-based model for representing evolution of both data and semantic in GIS Chamseddine

An ontology-based model for representing evolution of both data and semantic in GIS Chamseddine

An ontology-based model for representing evolution of both data and semantic in GIS Chamseddine Zaki Myriam Servieres Guillaume Moreau 2008 GI-DAYS Plan Introduction Related Work: Snapshot Model Three domain Model MADS Ontologies Our

330 views • 20 slides
Semantic Web 2008 Se a t c eb 008 Semantic Web ca. 2008 S ti W b 2008 Semantic Web

Semantic Web 2008 Se a t c eb 008 Semantic Web ca. 2008 S ti W b 2008 Semantic Web

Semantic Web 2008 Se a t c eb 008 Semantic Web ca. 2008 S ti W b 2008 Semantic Web companies starting & growing Siderean, SandPiper, SiberLogic, Ontology Works, Intellidimension, Intellisophic, TopQuadrant, Data Grid, Mondeca,

481 views • 23 slides
Semantic Memory 1 General Knowledge Structure of Semantic Memory

Semantic Memory 1 General Knowledge Structure of Semantic Memory

10/26/16 Semantic Memory 1 General Knowledge Structure of Semantic Memory Background Feature Comparison Model Prototype Approach Exemplar Approach Network Models Schemas

468 views • 24 slides
LSA Spaces for Semantic Differences John C. Martin Dissertation Defense 20 May 2016 Overview

LSA Spaces for Semantic Differences John C. Martin Dissertation Defense 20 May 2016 Overview

Comparison of Hyper-dimensional LSA Spaces for Semantic Differences John C. Martin Dissertation Defense 20 May 2016 Overview Review LSA model of learning What is meaning? Measures Experiments Semantic Measurement Model Q

626 views • 51 slides
What the #%*&! is the Semantic Web? The Semantic Web is a collaborative movement led by

What the #%*&! is the Semantic Web? The Semantic Web is a collaborative movement led by

What the #%*&! is the Semantic Web? The Semantic Web is a collaborative movement led by international standards body the World Wide Web Consortium (W3C).[1] ... By encouraging the inclusion of semantic content in web pages, the

578 views • 44 slides
Semantic Similarity MultiJEDI ERC 259234 Semantic Similarity Semantic Similarity Mostly

Semantic Similarity MultiJEDI ERC 259234 Semantic Similarity Semantic Similarity Mostly

SemEval 2014 Task-3 Cross-Level Semantic Similarity MultiJEDI ERC 259234 Semantic Similarity Semantic Similarity Mostly focused on similar types of lexical items Semantic Similarity What if we have different types of inputs? CLSS:

971 views • 47 slides
A Latent Variable Model of Synchronous Parsing for Syntactic and Semantic Dependencies James

A Latent Variable Model of Synchronous Parsing for Syntactic and Semantic Dependencies James

A Latent Variable Model of Synchronous Parsing Probability Model Machine Learning Method Evaluation A Latent Variable Model of Synchronous Parsing for Syntactic and Semantic Dependencies James Henderson 1 Paola Merlo 2 Gabriele Musillo 1 2

596 views • 47 slides
Semantic Parsing via Paraphrasing Mateusz Malinowski Based on: J. Berant and P. Liang

Semantic Parsing via Paraphrasing Mateusz Malinowski Based on: J. Berant and P. Liang

Semantic Parsing via Paraphrasing Mateusz Malinowski Based on: J. Berant and P. Liang Semantic Parsing via Paraphrasing ACL 2014 Outline Abstract view on the semantic parser ! What party did Clay establish? paraphrase model What

200 views • 17 slides
Sampo-UI Framework for Semantic Portal User Interfaces Digital Humanities in Action: Sampo Model

Sampo-UI Framework for Semantic Portal User Interfaces Digital Humanities in Action: Sampo Model

Sampo-UI Framework for Semantic Portal User Interfaces Digital Humanities in Action: Sampo Model and Portals for Cultural Heritage, 29.10.2020 Esko Ikkala Semantic Computing Research Group (SeCo), Aalto University, https://seco.cs.aalto.fi

414 views • 30 slides
Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

CS6202: Advanced Topics in Programming Languages and Systems Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model Hoare-style Inference Rules Specification and Annotations Linked List and Segments

1.02k views • 76 slides
Motivation Bootstrapping Semantic Lexicons A semantic lexicon contains semantic category Ex:

Motivation Bootstrapping Semantic Lexicons A semantic lexicon contains semantic category Ex:

Motivation Bootstrapping Semantic Lexicons A semantic lexicon contains semantic category Ex: dog, cat, lion, unannotated texts lizard, snake assignments for words. For example: blogger HUMAN sedan VEHICLE AK-47 WEAPON N best words

344 views • 8 slides
Models Why DOM? XML means more than is written there We want to work with semantic model XML

Models Why DOM? XML means more than is written there We want to work with semantic model XML

Models Why DOM? XML means more than is written there We want to work with semantic model XML PSI is not very convenient plugin.xml: <idea-plugin> <id>com.intellij.intelliWhisper</id> ... <extension-points>

631 views • 17 slides
RDF, RDFS and OWL: Graph Data Models for the Semantic Web Semantic Web: The Idea Semantic

RDF, RDFS and OWL: Graph Data Models for the Semantic Web Semantic Web: The Idea Semantic

RDF, RDFS and OWL: Graph Data Models for the Semantic Web Semantic Web: The Idea Semantic Web does not mean computers are going to understand the meaning of everything on the web does mean that we can create some standards ways of

344 views • 33 slides
Statistical Challenges Towards a Semantic Model for Precision Agriculture and Precision Livestock

Statistical Challenges Towards a Semantic Model for Precision Agriculture and Precision Livestock

www.cybele-project.eu Statistical Challenges Towards a Semantic Model for Precision Agriculture and Precision Livestock Farming Dimitris Zeginis , Evangelos Kalampokis, Konstantinos Tarabanis SemStats 2019 This project has received funding from

169 views • 14 slides
Ubiquitous Computing Applications: Healthcare & Smart Homes Emmanuel Agu Paper 1: Moving out

Ubiquitous Computing Applications: Healthcare & Smart Homes Emmanuel Agu Paper 1: Moving out

Ubiquitous Computing Applications: Healthcare & Smart Homes Emmanuel Agu Paper 1: Moving out of the Lab: Deploying Pervasive Technologies in a Hospital Many ubicomp ideas, research projects Few deployed real world applications

592 views • 38 slides
No Disclosures Operating Room and Regional Resource Gregory L. Moneta MD Professor and Chief

No Disclosures Operating Room and Regional Resource Gregory L. Moneta MD Professor and Chief

4/6/2017 Master Title Vascular Surgeons are an Essential Hospital, No Disclosures Operating Room and Regional Resource Gregory L. Moneta MD Professor and Chief Division of Vascular Surgery Oregon Health & Science University Knight

395 views • 20 slides
Ask the experts: What Should Be on an IoT Privacy and Security Label? Pardis Emami-Naei eini

Ask the experts: What Should Be on an IoT Privacy and Security Label? Pardis Emami-Naei eini

Ask the experts: What Should Be on an IoT Privacy and Security Label? Pardis Emami-Naei eini Yuvraj Agarwal Lorrie Faith Cranor Hanan Hibshi 1 You may have one of these 2 Or even these 3 People are concerned about losing their privacy 4

620 views • 33 slides
UP UPDATE: COVID-19 SARS RS-Co CoV-2 March 17, 2020 LOU OUISIANA A AS OF OF 9: 9:30 A

UP UPDATE: COVID-19 SARS RS-Co CoV-2 March 17, 2020 LOU OUISIANA A AS OF OF 9: 9:30 A

UP UPDATE: COVID-19 SARS RS-Co CoV-2 March 17, 2020 LOU OUISIANA A AS OF OF 9: 9:30 A 30 AM EPI SYMPTOMS MITI TIGATI TION S STRA RATE TEGIES Personal Business/Community Social distancing= at least 6 feet Work from

242 views • 9 slides
NON-GAAP FINANCIAL MEASURES Quarter Ended June 30, 2019 1 NON-GAAP FINANCIAL MEASURES We

NON-GAAP FINANCIAL MEASURES Quarter Ended June 30, 2019 1 NON-GAAP FINANCIAL MEASURES We

NON-GAAP FINANCIAL MEASURES Quarter Ended June 30, 2019 1 NON-GAAP FINANCIAL MEASURES We believe that revenues, net income and net income attributable to common stockholders (NICS), as defined by U.S. generally accepted accounting principles

438 views • 22 slides
Service Animals and the ADA Breakout Session #2.2 Mid-Atlantic ADA Update Conference John L.

Service Animals and the ADA Breakout Session #2.2 Mid-Atlantic ADA Update Conference John L.

9/2/2016 Service Animals and the ADA Breakout Session #2.2 Mid-Atlantic ADA Update Conference John L. Wodatch Reasonable Modification Legal Basis: General Rule in ADA regulation: A public entity shall make reasonable modifications in

216 views • 9 slides
JUST THE MATHS SLIDES NUMBER 9.4 MATRICES 4 (Row operations) by A.J.Hobson 9.4.1

JUST THE MATHS SLIDES NUMBER 9.4 MATRICES 4 (Row operations) by A.J.Hobson 9.4.1

JUST THE MATHS SLIDES NUMBER 9.4 MATRICES 4 (Row operations) by A.J.Hobson 9.4.1 Matrix inverses by row operations 9.4.2 Gaussian elimination (the elementary version) UNIT 9.4 - MATRICES 4 ROW OPERATIONS 9.4.1 MATRIX INVERSES BY

403 views • 13 slides
CompoundFS: Compounding I/O Operations in Firmware File Systems Yujie Ren 1 , Jian Zhang 2 and

CompoundFS: Compounding I/O Operations in Firmware File Systems Yujie Ren 1 , Jian Zhang 2 and

CompoundFS: Compounding I/O Operations in Firmware File Systems Yujie Ren 1 , Jian Zhang 2 and Sudarsun Kannan 1 1 Rutgers University; 2 ShanghaiTech University Outline Background Analysis Design Evaluation Conclusion 2

429 views • 24 slides

More recommend