a semantic model for
play

A Semantic Model For Action-Based Adaptive Security Sara Sartoli, - PowerPoint PPT Presentation

Nov 09, 2022 •143 likes •449 views

A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech University April 2017 Contents Motivation Introduction Contributions Why Answer Set Programming ? Running Example

  1. A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech University April 2017

  2. Contents ▪ Motivation ▪ Introduction ▪ Contributions ▪ Why Answer Set Programming ? ▪ Running Example ▪ Security Requirements Model ▪ Topological Model: Structure and Evolution ▪ Analysis Stage ▪ Planning Stage ▪ Evaluation ▪ Conclusion and Future work 1

  3. Motivation Example 1 ▪ Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Nancy A Nurse Operating room Hallway Nicole A Nurse V alerie A V endor Procedure treatment unit Admission office 2

  4. Motivation Example 1 ▪ Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Operating room Hallway Nancy V alerie A nurse Nicole A vendor A nurse Procedure treatment unit Admission office 3

  5. Motivation Example 1 ▪ Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Nancy A nurse Operating room Hallway V alerie Nicole A vendor A nurse Procedure treatment unit Admission office 4

  6. Motivation Example 1 ▪ Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Nancy A nurse Operating room Hallway V alerie A vendor Procedure treatment unit Nicole A nurse Admission office A Sequence of Permitted Actions can Cause a Violation 5

  7. Motivation Example 2 ▪ Authorized employees are allowed to use their own device for accessing and storing patients ’ health information. Only authorized personnel are allowed to store patients’ health information on ▪ their device. Pamela’s Health data Nicole Nancy Nurse Nurse 6

  8. Motivation Example 2 ▪ Authorized employees are allowed to use their own device for accessing and storing patients’ health information. Only authorized personnel are allowed to store patients’ health information on ▪ their device. Pamela’s Pamela’s Health data Health data Nicole Nancy Nurse Nurse A Sequence of Permitted Actions can Cause a Violation 7

  9. Introduction Adaptive Security aims at enabling software systems to adjust their protection mechanisms in highly changing operating environments. Topology A representation of physical or digital elements and their structural relationship such as containment and communication relationships. 8

  10. Introduction Challenging Problem and Related Work ▪ Runtime Verification of security requirements and enforcing action-plans to continue satisfying the requirements. ▪ Appropriate Formalisms are needed to represent topology and track its changes at runtime . [Pasquale, L., et al. SEAMS 2014] ▪ Ambient calculus-based dynamic topological model is used to support adaptive security. [Tsigkanos, C., et al. ICSE 2015] Pasquale, Liliana, et al. "Topology aware adaptive security." Proceedings of the 9th International Symposium on Software Engineering for Adaptive and Self- Managing Systems . ACM, 2014. Tsigkanos, Christos, et al. "Ariadne: Topology aware adaptive security for cyber-physical systems." Software Engineering (ICSE), 2015 IEEE/ACM 37th 9 IEEE International Conference on . Vol. 2. IEEE, 2015.

  11. Introduction Reference Model Runtime Verification Requires: ▪ monitoring operating environment ▪ maintaining knowledge about requirements, environment and system ▪ detecting possible violations ▪ determining an action-plan to mitigate possible violations Analysis Planning Monitoring System� model Execution Requirements� model Environment� Model Environment sensors Actuators 10

  12. Contributions ▪ Present a Answer Set Programming (ASP) based semantic model. ▪ Security Requirements ▪ Environment Model, i.e. Topological structure ▪ System Model, i.e. Evolution of topology ▪ Describe analysis activity: generating violation scenarios. ▪ Describe planning activity: recommending action-plans to mitigate possible violations. 11

  13. Why Answer Set Programming ? ▪ A declarative language with roots in non-monotonic reasoning and default reasoning. ▪ Reasoning in uncertain situations. ▪ Suitable for nondeterministic, dynamic environments. ▪ Basic ASP rules Negation as failure a 1 |… | a n :- b 1 , ... , b i , not c 1 , ... , not c j Epistemic disjunction ▪ At least one of a i s is believed if b 1 , ... , b i are believed whereas c 1 , ... , c j are not believed. 12

  14. Running Example 13

  15. Hypothetical Hospital Assumptions ▪ Clinical areas are protected by Patient room Reception area Cafeteria secure doors. ▪ Wi-Fi Internet is provided in the Operating room clinical area. Hallway ▪ Employees are allowed to bring their own device. Procedure treatment unit ▪ Employees can store encrypted data on their own device. Admission office ▪ Employees can transmit data to other authorized employees. Clinical areas Public areas 14

  16. Security Requirements Patient room Reception area Cafeteria SR1. Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Operating room Hallway [OHIO State University Medical Center policy] V alerie: A V endor Procedure treatment unit Admission office SR2. No more than one significant other may Patient room Reception area Cafeteria accompany adult patients, in procedural treatment Operating room unit. [Ronald Reagan UCLA medical center policy] Hallway Procedure treatment unit Admission office Pamela Brandon Maria SR3. Patients’ health information might only be transmitted to authorized personnel who are allowed Pamela ’ s Health data to access the information.[University of Michigan Health system policy] Nicole A nurse 15

  17. Topological Model Environment Model Representing Structure of Topology ▪ Containment hierarchy • Being enclosed: Nicole is in the operating room • Possession: Nicole has a device • Accessibility: Operating room(OR) and patient room(PR) are accessible from reception area(RA) • Storage: Pamela’s health data is stored on Nicole's device RA contains(reception_area,operating_room). PR OR contains(reception_area,opatient_room). contains(operating_room, nicole). contains(nicole, nicole_device). Nicole contains(nicol_device, Pamela_data). Nicole Device Pamela HD 16

  18. Topological Model Environment Model Representing Structure of Topology ▪ Communication graph • Being connected to an access point Nancy connected(nicole_device,wap). Device connected(nancy_device,wap). wap Nicole Device 17

  19. Topological Model System Model Representing Evolution of Topology ▪ Represents the execution path of the cyber physical system • State: a topological structure • Transition: an action exercised by an agent • Transition function – Direct effect of actions – Indirect effect of actions enter_room S T+1 S T – Inertia law holds(contains(Loc2, Agent), T+1) :- occurs(enter-room(Agent, Loc2), T). 18

  20. Topological Model System Model Representing Evolution of Topology ▪ Represents the execution path of the cyber physical system • State: a topological structure • Transition: an action exercised by an agent • Transition function – Direct effect of actions – Indirect effect of actions – Inertia law - holds(contains(Loc1,Agent), T):- holds(contains(Loc1, Agent), T), Loc1!= Loc2. 19

  21. Topological Model System Model Representing Evolution of Topology ▪ Represents the execution path of the cyber physical system • State: a topological structure • Transition: an action exercised by an agent • Transition function – Direct effect of actions – Indirect effect of actions – Inertia law holds(F, T+1) :- holds(F, T), not - holds(F, T+1). - holds(F, T+1) :- - holds(F, T), not holds(F, T+1). 20

  22. Requirements Model Security Requirement 1 SR1. Unless accompanied by a nurse, vendors are not allowed to be present in the operating room. Patient room Reception area Cafeteria Operating room Hallway V alerie: A V endor Procedure treatment unit Admission office Violated(SR1, T):- not holds(accompanied(opr,valerie),T). Holds(accompanied(opr,valerie),T) :- holds(contains(opr,valerie),T), holds(contains(opr, Agent),T). 21

  23. Requirements Model Security Requirement 2 SR2. Only one significant other may accompany adult patients, in procedural treatment unit. Patient room Reception area Cafeteria Operating room Hallway Procedure treatment unit Admission office Pamela Brandon Maria Violated(SR2, T):- #count{Agent:holds(contains(ptu,Agent),T), sign_other(Agent, Patient), adult(patient)} >1. 22

  24. Requirements Model Security Requirement 3 SR3. Patients’ health information might only be transmitted to authorized personnel who are allowed to access the information. Pamela ’ s Health data Nicole A nurse Violated(SR3, T):- holds(accompanied(Device,Data),T), holds(accompanied(Agent,Device),T), unAuthorized(Agent,Data). 23

Recommend

Construction of a Semantic Model Construction of a Semantic Model for a Typed Assembly Language

Construction of a Semantic Model Construction of a Semantic Model for a Typed Assembly Language

Construction of a Semantic Model Construction of a Semantic Model for a Typed Assembly Language Gang Tan, Andrew Appel, Kedar Swadi and Dinghao Wu Princeton University Jan 11, 2004 Extensible systems Extensible systems code extensions host

228 views • 22 slides
Ralph Hodgson Realizing a semantic solution: Ontologies are like and unlike other IT models

Ralph Hodgson Realizing a semantic solution: Ontologies are like and unlike other IT models

Enterprise Architecture in SOA: Coverage Models and Methodologies Going Semantic Semantic technology May 23 rd , 2005 Enterprise architecture and semantic technology Enterprise architecture maturity model Capabilities of semantic

244 views • 9 slides
An ontology-based model for representing evolution of both data and semantic in GIS Chamseddine

An ontology-based model for representing evolution of both data and semantic in GIS Chamseddine

An ontology-based model for representing evolution of both data and semantic in GIS Chamseddine Zaki Myriam Servieres Guillaume Moreau 2008 GI-DAYS Plan Introduction Related Work: Snapshot Model Three domain Model MADS Ontologies Our

330 views • 20 slides
Semantic Web 2008 Se a t c eb 008 Semantic Web ca. 2008 S ti W b 2008 Semantic Web

Semantic Web 2008 Se a t c eb 008 Semantic Web ca. 2008 S ti W b 2008 Semantic Web

Semantic Web 2008 Se a t c eb 008 Semantic Web ca. 2008 S ti W b 2008 Semantic Web companies starting & growing Siderean, SandPiper, SiberLogic, Ontology Works, Intellidimension, Intellisophic, TopQuadrant, Data Grid, Mondeca,

481 views • 23 slides
Semantic Memory 1 General Knowledge Structure of Semantic Memory

Semantic Memory 1 General Knowledge Structure of Semantic Memory

10/26/16 Semantic Memory 1 General Knowledge Structure of Semantic Memory Background Feature Comparison Model Prototype Approach Exemplar Approach Network Models Schemas

468 views • 24 slides
LSA Spaces for Semantic Differences John C. Martin Dissertation Defense 20 May 2016 Overview

LSA Spaces for Semantic Differences John C. Martin Dissertation Defense 20 May 2016 Overview

Comparison of Hyper-dimensional LSA Spaces for Semantic Differences John C. Martin Dissertation Defense 20 May 2016 Overview Review LSA model of learning What is meaning? Measures Experiments Semantic Measurement Model Q

626 views • 51 slides
What the #%*&! is the Semantic Web? The Semantic Web is a collaborative movement led by

What the #%*&! is the Semantic Web? The Semantic Web is a collaborative movement led by

What the #%*&! is the Semantic Web? The Semantic Web is a collaborative movement led by international standards body the World Wide Web Consortium (W3C).[1] ... By encouraging the inclusion of semantic content in web pages, the

578 views • 44 slides
Semantic Similarity MultiJEDI ERC 259234 Semantic Similarity Semantic Similarity Mostly

Semantic Similarity MultiJEDI ERC 259234 Semantic Similarity Semantic Similarity Mostly

SemEval 2014 Task-3 Cross-Level Semantic Similarity MultiJEDI ERC 259234 Semantic Similarity Semantic Similarity Mostly focused on similar types of lexical items Semantic Similarity What if we have different types of inputs? CLSS:

971 views • 47 slides
A Latent Variable Model of Synchronous Parsing for Syntactic and Semantic Dependencies James

A Latent Variable Model of Synchronous Parsing for Syntactic and Semantic Dependencies James

A Latent Variable Model of Synchronous Parsing Probability Model Machine Learning Method Evaluation A Latent Variable Model of Synchronous Parsing for Syntactic and Semantic Dependencies James Henderson 1 Paola Merlo 2 Gabriele Musillo 1 2

596 views • 47 slides
Semantic Parsing via Paraphrasing Mateusz Malinowski Based on: J. Berant and P. Liang

Semantic Parsing via Paraphrasing Mateusz Malinowski Based on: J. Berant and P. Liang

Semantic Parsing via Paraphrasing Mateusz Malinowski Based on: J. Berant and P. Liang Semantic Parsing via Paraphrasing ACL 2014 Outline Abstract view on the semantic parser ! What party did Clay establish? paraphrase model What

200 views • 17 slides
Sampo-UI Framework for Semantic Portal User Interfaces Digital Humanities in Action: Sampo Model

Sampo-UI Framework for Semantic Portal User Interfaces Digital Humanities in Action: Sampo Model

Sampo-UI Framework for Semantic Portal User Interfaces Digital Humanities in Action: Sampo Model and Portals for Cultural Heritage, 29.10.2020 Esko Ikkala Semantic Computing Research Group (SeCo), Aalto University, https://seco.cs.aalto.fi

414 views • 30 slides
Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

CS6202: Advanced Topics in Programming Languages and Systems Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model Hoare-style Inference Rules Specification and Annotations Linked List and Segments

1.02k views • 76 slides
Motivation Bootstrapping Semantic Lexicons A semantic lexicon contains semantic category Ex:

Motivation Bootstrapping Semantic Lexicons A semantic lexicon contains semantic category Ex:

Motivation Bootstrapping Semantic Lexicons A semantic lexicon contains semantic category Ex: dog, cat, lion, unannotated texts lizard, snake assignments for words. For example: blogger HUMAN sedan VEHICLE AK-47 WEAPON N best words

344 views • 8 slides
Models Why DOM? XML means more than is written there We want to work with semantic model XML

Models Why DOM? XML means more than is written there We want to work with semantic model XML

Models Why DOM? XML means more than is written there We want to work with semantic model XML PSI is not very convenient plugin.xml: <idea-plugin> <id>com.intellij.intelliWhisper</id> ... <extension-points>

631 views • 17 slides
RDF, RDFS and OWL: Graph Data Models for the Semantic Web Semantic Web: The Idea Semantic

RDF, RDFS and OWL: Graph Data Models for the Semantic Web Semantic Web: The Idea Semantic

RDF, RDFS and OWL: Graph Data Models for the Semantic Web Semantic Web: The Idea Semantic Web does not mean computers are going to understand the meaning of everything on the web does mean that we can create some standards ways of

344 views • 33 slides
Statistical Challenges Towards a Semantic Model for Precision Agriculture and Precision Livestock

Statistical Challenges Towards a Semantic Model for Precision Agriculture and Precision Livestock

www.cybele-project.eu Statistical Challenges Towards a Semantic Model for Precision Agriculture and Precision Livestock Farming Dimitris Zeginis , Evangelos Kalampokis, Konstantinos Tarabanis SemStats 2019 This project has received funding from

169 views • 14 slides
Domain-guided construction of semantic representations for model-based interpretation PARC |

Domain-guided construction of semantic representations for model-based interpretation PARC |

Domain-guided construction of semantic representations for model-based interpretation PARC | 1 Quadri Project Team Funding: National Institute of Health (NIH) PARC Danny Bobrow Cleo Condoravdi (now at Stanford University)

894 views • 58 slides
Information Model for Non-hierarchical Information Management Christian Mrtenson & Pontus

Information Model for Non-hierarchical Information Management Christian Mrtenson & Pontus

OIC 2008 Information Model for Non-hierarchical Information Management Christian Mrtenson & Pontus Svenson Swedish Defence Research Agency (FOI) Outline Semantic technologies for information fusion The Semantic MilWiki Transformation

418 views • 15 slides
PWG Semantic Model (PWG SM) Work items of interest 1 04/01/06 Zehler Logistics Date/Time:

PWG Semantic Model (PWG SM) Work items of interest 1 04/01/06 Zehler Logistics Date/Time:

PWG Semantic Model (PWG SM) Work items of interest 1 04/01/06 Zehler Logistics Date/Time: Agenda: April 6 2006 9:00 - 9:15: 9am 1pm eastern Convene Dial-In 9:15 - 9:30: Tele-Con Number:

507 views • 22 slides
Model Comparison For Semantic Grouping Francisco Vargas & Kamen Brestnichki Problem

Model Comparison For Semantic Grouping Francisco Vargas & Kamen Brestnichki Problem

Model Comparison For Semantic Grouping Francisco Vargas & Kamen Brestnichki Problem statement Given two sentences, how similar would you say they are from 0 to 5 ? Examples: The activity of learning or being trained vs The gradual

321 views • 7 slides
Semantic maps - a multi-hierarchical model 64.425 Integrated Seminar: Intelligent Robotics Paul

Semantic maps - a multi-hierarchical model 64.425 Integrated Seminar: Intelligent Robotics Paul

MIN-Fakult at Fachbereich Informatik Universit at Hamburg Semantic maps Semantic maps - a multi-hierarchical model 64.425 Integrated Seminar: Intelligent Robotics Paul Anton Universit at Hamburg Fakult at f ur Mathematik,

587 views • 40 slides
Increasing the Semantic Transparency of the KAOS Goal Model Concrete Syntax Mafalda Santos,

Increasing the Semantic Transparency of the KAOS Goal Model Concrete Syntax Mafalda Santos,

Increasing the Semantic Transparency of the KAOS Goal Model Concrete Syntax Mafalda Santos, Catarina Gralha , Miguel Goulo, Joo Araujo Universidade Nova de Lisboa, Portugal OCTOBER, 2018 RE SUCCESS DEPENDS ON THE QUALITY OF THE

481 views • 32 slides
Semantic Conceptual Model for Managing Clinical Protocols Nick Portokallidis, George Drosatos,

Semantic Conceptual Model for Managing Clinical Protocols Nick Portokallidis, George Drosatos,

Semantic Conceptual Model for Managing Clinical Protocols Nick Portokallidis, George Drosatos, Eleni Kaldoudi School of Medicine, Democritus University of Thrace 6 th Panhellenic Conference on Biomedical Technology Athens, Greece, 6-8 May 2015

374 views • 9 slides
DeViSE: A Deep Visual-Semantic Embedding Model Presenters: Ji Gao, Fandi Lin Motivation Visual

DeViSE: A Deep Visual-Semantic Embedding Model Presenters: Ji Gao, Fandi Lin Motivation Visual

DeViSE: A Deep Visual-Semantic Embedding Model Presenters: Ji Gao, Fandi Lin Motivation Visual recognition systems experience problems with large amount of categories. Insufficient labeled training data Blurred distinction between

328 views • 16 slides

More recommend