The Community for Technology Leaders
Green Image
Issue No. 10 - Oct. (2013 vol. 39)
ISSN: 0098-5589
pp: 1403-1426
David Basin , Inst. of Inf. Security, ETH Zurich, Zurich, Switzerland
Matus Harvan , Inst. of Inf. Security, ETH Zurich, Zurich, Switzerland
Felix Klaedtke , Inst. of Inf. Security, ETH Zurich, Zurich, Switzerland
Eugen Zalinescu , Inst. of Inf. Security, ETH Zurich, Zurich, Switzerland
ABSTRACT
IT systems manage increasing amounts of sensitive data and there is a growing concern that they comply with policies that regulate data usage. In this paper, we use temporal logic to express policies and runtime monitoring to check system compliance. While well-established methods for monitoring linearly ordered system behavior exist, a major challenge is monitoring distributed and concurrent systems where actions are locally observed in the different system parts. These observations can only be partially ordered, while policy compliance may depend on the actions' actual order of appearance. Technically speaking, it is in general intractable to check compliance of partially ordered traces. We identify fragments of our policy specification language for which compliance can be checked efficiently, namely, by monitoring a single representative trace in which the observed actions are totally ordered. Through a case study we show that the fragments are capable of expressing nontrivial policies and that monitoring representative traces is feasible on real-world data.
INDEX TERMS
Monitoring, Cost accounting, Periodic structures, Semantics, Distributed databases, Standards, Finite element analysis,regulation, Monitors, temporal logic, verification, distributed systems
CITATION
David Basin, Matus Harvan, Felix Klaedtke, Eugen Zalinescu, "Monitoring Data Usage in Distributed Systems", IEEE Transactions on Software Engineering, vol. 39, no. , pp. 1403-1426, Oct. 2013, doi:10.1109/TSE.2013.18
265 ms
(Ver )