Probabilistic-Cost Enforcement of Security Policies in Distributed Systems
Computer and network security has become of paramount importance in our everyday lives. Cyber attacks can lead to a wide range of undesirable situations ranging from breaches of personal information and confidential data to loss of human lives. One way to protect computer and network systems is through the use of technical (i.e., software and hardware) security mechanisms, such as firewalls and Intrusion Detection Systems (IDSs). Previous work has introduced formal frameworks that can be used
... that can be used to model such technical security mechanisms. Such formal frameworks help us: (1) understand the fundamental limitations of security mechanisms, (2) verify the correctness of the design of security mechanisms, and (3) efficiently design secure systems. While these frameworks provided an important first step for the modeling of security mechanisms and the analysis of their enforcement capabilities, they were able to model only individual security mechanisms and they could not be used to compare the cost of different monitoring designs. In this thesis we present formal frameworks for modeling and reasoning about a larger class of security mechanisms and enforcement scenarios than previous research. We demonstrate how our frameworks can be used to model different types and architectures of security mechanisms, both for centralized and distributed systems (e.g., IDSs and distributed IDSs). We use our frameworks to identify and prove new lower and upper bounds of the enforceable security policies by security mechanisms. These results extend the list of bounds of enforceable security policies identified by previous research and broaden our understanding of fundamental limitations of the enforcement capabilities of security mechanisms. Finally, we demonstrate how to compare the expected cost of different designs of security mechanisms.