[UCI-Calit2] Computer Sciences Seminar: Monitoring Policy Compliance 2/8/13

[Anna Lynn Spitzer]

Computer Sciences Seminar Series 

Title:                  Monitoring Policy Compliance

Speaker:            Prof. David Basin, ETH Zurich

Time:                 11 a.m.-noon

Date:                  Friday, Feb. 8, 2013

Location:           Donald Bren Hall, Room 6011

Abstract:	 In security and compliance, it is often necessary to ensure that agents and systems comply with complex policies.   This includes data protection policies, access control policies, and general usage-control policies stipulating how data can and must not be used.  For example, in banking, one may have financial reporting requirements stipulating that every transaction of a customer who has been involved in a suspicious transaction within the last 30 days, must be reported as suspicious within two days.

We present an approach to the automated monitoring of such policies either online during system execution, or offline during audit. Policies are formulated in an expressive formal language (namely metric first-order temporal logic), and monitors are automatically generated from specifications.  We report on our experience using this approach in different case studies in security and compliance monitoring.

Bio:                    Basin is a professor of computer science at ETH Zurich. He received his Ph.D. in computer science from Cornell University in 1989 and his habilitation in computer science from the University of Saarbrucken in 1996. From 1997-2002 he held the chair in software engineering at the University of Freiburg in Germany. His research areas are information security and software engineering. He is the founding director of the ZISC, the Zurich Information Security Center, which he led from 2003-2011. He is editor-in-chief of Springer-Verlag's book series in information security and cryptography and serves on the editorial boards of numerous journals including IEEE Transactions on Dependable and Secure Computing and Acta Informatica. He serves on various management and scientific advisory boards and has consulted extensively for IT companies and government organizations.

More Information:         Eli Bozorgzadeh, 824-8860, eli at ics.uci.edu          

This talk is sponsored jointly with NetSys.