[FOM] Workshop on Logical Foundations of an Adaptive Security Infrastructure

Martin Davis martin at eipye.com
Mon Jan 12 00:16:02 EST 2004

Workshop on Logical Foundations of an Adaptive Security Infrastructure
(WOLFASI), a sub-workshop of the Logic in Computer Science (LICS)
Foundations of Computer Security (FCS'04) Workshop.
LICS '04, July 12-13, Turku, Finland

LICS Conference: http://www.dcs.ed.ac.uk/home/als/lics/lics04/
FCS Workshop: http://www.cs.chalmers.se/~andrei/FCS04/
WOLFASI Subworkshop: http://www.aero.org/wolfasi

It was felt that the field of adaptive security is sufficiently
well-defined, sufficiently important, and sufficiently of current
interest to warrant a special session of its own in the framework of
FCS. The Workshop on Logical Foundations of an Adaptive Security
Infrastructure deals with the logical underpinnings of the following
A distributed computer system operates in a semi-autonomous mode,
serving as a communications network, with nodes that perform control
functions pertaining to the network and to local hardware devices.
During a period of critical operation, the system detects an intrusion
attempt in some nodes, along with a power glitch at other nodes, and
an intelligence report about an increase in a certain type of
threat. This information is analyzed and various responses are
executed: dealing with the perceived intrusion, rerouting network
traffic around suspect nodes, adjusting the power allocation,
adjusting the crptographic strength of certain message authentication
functions, etc. This set of executed responses is chosen to best
achieve the desired result, within the confines of the security
policy, as currently re-evaluated, at the appropriate time, and with
currently available resources.
This scenario is more general than those that can currently be
handled, but less general than the most general scenario of "adaptive
security" that can be imagined. Currently many sophisticated
capabilities of intrusion detection, data mining, self-reconfiguring
systems, policy management etc. are being developed, but there is no
agreed upon unifying logical view of the general aspects of such a
system. For example, it is not known how to prove (or even specify)
capabilities or deduce rigorously the appropriate responses to
security-relevant inputs.
We have included the term "infrastructure" in the title to indicate
that we are interested in approaches to formalizations of a complete
solution, not just individual pieces. Issues arising from considering
how a whole infrastructure for adaptive security could be specified,
designed, and verified will hopefully yield more directed research
areas and questions for the various ASI components (see below.)
Also the word "foundations" is meant to indicate a focus on the "big
picture", issues that are fundamental to the broad general
capabilities that an ASI would perhaps need.
The conceptual components of a general Adaptive Security
Infrastructure (ASI) are Detector, Analyzer, and Responder:
the Detector senses, collects, and distributes information
about the security environment;
the Analyzer processes Detector data, along with other information
(e.g. security policy, threat levels, or node trust levels) and
occasionally proposes actions to bring about a new state;
the Responder executes the actions as directed by the Analyzer. These
actions could include adjusting preventive mechansisms, adjusting
detector settings, adjusting internal system parameters, etc.
The purpose of this workshop is to try to formalize such a system
using methods of logic in order to answer questions such as:
1. How should the semantics of a dynamic security policy be specified,
one that can deal with potential future security questions and
facilitate proof that a candidate response is in fact consistent with
current policy?
2. How should we take into account the global-local (or
distributed-centralized or hierarchical) nature of all components of
an ASI?
3. How should we specify the "security-relevant resources" available so that
at any time the analyzer can choose an appropriate response (for
example, viewed as an algorithm written in the system's atomic
resources, with their current capabilities?)
4. How should we unify the temporal-spatial reasoning aspects?
5. What are the decidability or complexity issues in such a system?
6. What is the role of "approximate security"? Most verification
tasks are so hard that only approximate security seems feasible.
7. What is the role of computational Game theory? Many security
protocols can be viewed as a game played by many participants, in
which properties of equilibria are essential. How should such
properties be specified and verified?

Submission deadline: April 2, 2004
Notification of acceptance: May 19, 2004
Final papers: June 7, 2004
Workshop: July 12-13, 2004
Send submissions to marcus at aero.org.
Use the same submission guidelines as those for FCS04.

Leo Marcus, Chair WOLFASI
The Aerospace Corporation
Andrei Sabelfeld, Chair FCS04
Chalmers University of Technology and Göteborg University
John Baldwin, UI Chicago
Elisa Bertino, Milan
David Chess, IBM
Grit Denker, SRI
David Evans, U. of Virginia
Wei Fan, IBM
Elena Ferrari, Insubria
Christopher Geib, Honeywell
Joe Halpern, Cornell
Sushil Jajodia, George Mason
Alan Jeffrey, De Paul
Angelos Keromytis, Columbia
Wenke Lee, Georgia Tech
Janos Makowsky, Technion
Tal Malkin, Columbia
Fabio Massacci, Trento
John McLean, Naval Research Laboratory
Stephan Merz, LORIA
Jonathan Millen, SRI
Carlo Montangero, Pisa
Alan Mycroft, Cambridge
Dusko Pavlovic, Kestrel
Paolo Perlasca, Milan
S. Raj Rajagopalan, Telecordia
Peter Reiher, UCLA
Michel de Rougemont, LRI
Vitaly Shmatikov, SRI
Alexander Shnitko, Novosibirsk
Luca Vigano`, ETH
Ron Watro, BBN
Duminda Wijesekera, George Mason

                           Martin Davis
                    Visiting Scholar UC Berkeley
                      Professor Emeritus, NYU
                          martin at eipye.com
                          (Add 1 and get 0)

More information about the FOM mailing list