Visible to the public Formal Specification and Analysis of Security-Critical Norms and Policies - July 2016Conflict Detection Enabled

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s):  Rada Y. Chirkova, Jon Doyle, Munindar P. Singh
Researchers:  Nirav Ajmeri, Jiaming Jiang, Ozgur Kafali, Anup Kalia

HARD PROBLEM(S) ADDRESSED

  • Policy-Governed Secure Collaboration - This project addresses how to specify and analyze norms (standards of correct collaborative behavior) and policies (ways of achieving different collaborative behaviors) to determine important properties, such as their mutual consistency.
  • Scalability and Composability - This project can facilitate the composition of new collaborative systems by combining sets of norms and policies, and verifying whether such combinations satisfy desired properties.

PUBLICATIONS
Report papers written as a results of this research. If accepted by or submitted to a journal, which journal. If presented at a conference, which conference.

ACCOMPLISHMENT HIGHLIGHTS

  • We extended our runtime reasoning approach to support reasoning about authorizations and prohibitions, not only commitments as in our previous work. Doing so facilitates modeling more realistic cybersecurity scenarios.
  • We conducted an empirical evaluation comparing the effectiveness of our approach with that of a previous approach based on legal concepts and an approach that does not involve formal modeling. Our preliminary results demonstrate the benefits of our approach in improved correctness and coverage of requirements over both the previous approaches.