Logo image
Back
Temporal Mode-Checking for Runtime Monitoring of Privacy Policies
Book chapter   Open access

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Omar Chowdhury, Limin Jia, Deepak Garg and Anupam Datta
Computer Aided Verification, pp.131-149
Lecture Notes in Computer Science, Springer International Publishing
2014
DOI: 10.1007/978-3-319-08867-9_9
url
https://doi.org/10.1007/978-3-319-08867-9_9View
Published (Version of record) Open Access

Abstract

Fragments of first-order temporal logic are useful for representing many practical privacy and security policies. Past work has proposed two strategies for checking event trace (audit log) compliance with policies: online monitoring and offline audit. Although online monitoring is space- and time-efficient, existing techniques insist that satisfying instances of all subformulas of the policy be amenable to caching, which limits expressiveness when some subformulas have infinite support. In contrast, offline audit is brute force and can handle more policies but is not as efficient. This paper proposes a new online monitoring algorithm that caches satisfying instances when it can, and falls back to the brute force search when it cannot. Our key technical insight is a new flow- and time-sensitive static check of variable groundedness, called the temporal mode check, which determines subformulas for which such caching is feasible and those for which it is not and, hence, guides our algorithm. We prove the correctness of our algorithm and evaluate its performance over synthetic traces and realistic policies.
 privacy policy runtime monitoring metric first-order temporal logic Mode checking

Details

Metrics

29 Record Views
Logo image