A paper written by Basit Shafiq, Arjmand Samuel, Elisa Bertino, and Arif Ghafoor. Called "A Technique for Optimal Adaptation of Time-Dependent Workflows with Security Constraints".
This paper gave a nice representation of security requirements in a mathematical formulas.
They maged to represent: Time, Role, User, Task, Constrains, and the delay. They had it all in what they called "mixed-integer programming"
For example, if we have a task that we need to be only processed during a specific time, and we have a security "Time constraint" where the task should be only performed during specific time for a certain role: (t1, [dmin, dmax], enable τ) as
t1: is the object.
dmin: starting time.
dmax: end time.
τ: is the task.
The Security constraint can be represented as: tsτ = t1, tfτ - tsτ≥dmin iτ, and tfτ - tsτ≤dmax iτ.
this might seem a little difficult to understand, but believe me this security constraint was the easiest to represent.
let take it one by one to explaine the privouce formaula as it easy as you will see.
the formula says: Task performer of the task "τ" will be object "t1" only and only if "task finish time - task start time is larger than the starting time for this task", and "task finish time - task start time is less than the ending time for
this task".
the paper include other intersting security requirments represented in mathematical formal equations.
No comments:
Post a Comment