Policy Compliance in Collaborative Systems

Kanovich, Max I.; Rowe, Paul D.; Scedrov, Andre

doi:10.1109/csf.2009.19

Cited by 12 publications

(24 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This allows us to show that the collaborative planning problems are both decidable. In fact, in other work [25] we lift the well-balanced restriction and show that the problem with system compliance is still decidable, but the version with plan compliance becomes undecidable.…”

Section: Remarksmentioning

confidence: 94%

“…This is an important difference from MSR [12] which has been shown to have correspondences with linear logic [9,46]. We actually use this connection to affine logic rather explicitly in other work [25,44] which helps to illuminate some of the differences from MSR and its connection to linear logic. Finally, it can be desirable to have such a logical foundation because we are often able to gain new insight by thinking in terms of a well established formalism.…”

Section: Foundation In Logicmentioning

confidence: 94%

“…In particular, if we put no restrictions on the form of the actions, then we could grow the global state to an arbitrarily large size. The general case for goal reachability (where there are no confidentiality policies) has the same complexity as the coverability problem for Petri nets [15,25,31,44]. Although this is decidable [35], it overestimates the complexity of the typical case.…”

Section: The Collaborative Planning Problem With Confidentialitymentioning

confidence: 98%

“…In [25,44] we demonstrated formal translations between the coverability problem for Petri nets and the reachability problem for local state transition systems. Under our translation, well-balanced local state transition systems do not seem to correspond exactly to any of the various types of Petri nets described in [23].…”

Section: Related Workmentioning

confidence: 99%

See 3 more Smart Citations

Collaborative Planning with Confidentiality

2010

Self Cite

View full text Add to dashboard Cite

Collaboration among organizations or individuals is common.While these participants are often unwilling to share all their information with each other, some information sharing is unavoidable when achieving a common goal. The need to share information and the desire to keep it confidential are two competing notions which affect the outcome of a collaboration. This paper proposes a formal model of collaboration which addresses confidentiality concerns. We draw on the notion of a plan which originates in the AI literature. We use data confidentiality policies to assess confidentiality in transition systems whose actions have an equal number of predicates in their pre-and post-conditions. Under two natural notions of policy compliance, we show that it is PSPACE-complete to schedule a plan leading from a 390 M. Kanovich et al.given initial state to a desired goal state while simultaneously deciding compliance with respect to the agents' policies.

show abstract

Section: Remarksmentioning

confidence: 94%

Section: Foundation In Logicmentioning

confidence: 94%

Section: The Collaborative Planning Problem With Confidentialitymentioning

confidence: 98%

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Collaborative Planning with Confidentiality

2010

Self Cite

View full text Add to dashboard Cite

show abstract

“…We have witnessed several organizations such as hospitals, financial institutions, and government sectors have been suffering from information leakage and policy violations due to the lack of systematic mechanisms for policy compliance and enforcement [5,11,23]. For example, Health Insurance Portability and Accountability Act (HIPAA), the Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.…”

Section: Introductionmentioning

confidence: 99%

Towards HIPAA-compliant healthcare systems

Ahn

2012

Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium

View full text Add to dashboard Cite

In healthcare domain, there is a gap between healthcare systems and government regulations such as the Health Insurance Portability and Accountability Act (HIPAA). The violations of HIPAA not only may cause the disclosure of patients' sensitive information, but also can bring about tremendous economic loss and reputation damage to healthcare providers. Taking effective measures to address this gap has become a critical requirement for all healthcare entities. However, the complexity of HIPAA regulations makes it difficult to achieve this requirement. In this paper, we propose a framework to bridge such a critical gap between healthcare systems and HIPAA regulations. Our framework supports compliance-oriented analysis to determine whether a healthcare system is complied with HIPAA regulations. We also describe our evaluation results to demonstrate the feasibility and effectiveness of our approach.

show abstract

A Multiset Rewriting Model for Specifying and Verifying Timing Aspects of Security Protocols

Alturki

Kirigin

Kanovich

et al. 2019

Foundations of Security, Protocols, and Equational Reasoning

Self Cite

View full text Add to dashboard Cite

Catherine Meadows has played an important role in the advancement of formal methods for protocol security verification. Her insights on the use of, for example, narrowing and rewriting logic has made possible the automated discovery of new attacks and the shaping of new protocols. Meadows has also investigated other security aspects, such as, distance bounding protocols and denial of service attacks. We have been greatly inspired by her work. This paper describes the use of Multiset Rewriting for the specification and verification of timing aspects of protocols, such as network delays, timeouts, timed intruder models and distance bounding properties. We detail these timed features with a number of examples and describe decidable fragments of related verification problems. 10 Indeed, it was Cathy that suggested us to investigate DB protocols.

show abstract

Policy Compliance in Collaborative Systems

Cited by 12 publications

References 37 publications

Collaborative Planning with Confidentiality

Collaborative Planning with Confidentiality

Towards HIPAA-compliant healthcare systems

A Multiset Rewriting Model for Specifying and Verifying Timing Aspects of Security Protocols

Contact Info

Product

Resources

About