Secret Protection in Discrete-Event Systems With Generalized Confidentiality Requirements

IF 7 1区计算机科学 Q1 AUTOMATION & CONTROL SYSTEMS IEEE Transactions on Automatic Control Pub Date : 2024-10-15 DOI:10.1109/TAC.2024.3481030

Ziyue Ma;Kai Cai

{"title":"Secret Protection in Discrete-Event Systems With Generalized Confidentiality Requirements","authors":"Ziyue Ma;Kai Cai","doi":"10.1109/TAC.2024.3481030","DOIUrl":null,"url":null,"abstract":"In this article, we propose a general framework to design optimal secret protection policies in discrete-event systems. The system is modeled by an automaton in which several states are <italic>secret</i> and assigned with different confidentiality requirement. Events in the system can be protected to verify the identity of the user, and a user who successfully executes/passes a protected event gains some authorization. Our purpose is to design an event-protecting policy such that any user, either legal or unauthorized, who visits a secret state must have an authorization that satisfies the requirement of confidentiality of the state. We consider the criteria of optimality on protecting policies as to protecting policies with a minimum degree of disturbance to legal users' normal operations. To this aim, we use Moore machines to model the dynamics of the clearance level of users when using the system. Then, we develop an auxiliary data structure called the <italic>generalized secret automaton</i>, based on which we propose a method to design a protecting policy using the classical supervisory control theory. The minimally disruptive protecting policy is then represented by an automaton called the <italic>secret enforcer</i> whose state size is polynomial both in the number of the plant states and the number of secret states in the plant.","PeriodicalId":13201,"journal":{"name":"IEEE Transactions on Automatic Control","volume":"70 4","pages":"2321-2333"},"PeriodicalIF":7.0000,"publicationDate":"2024-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Automatic Control","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10716794/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"AUTOMATION & CONTROL SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

In this article, we propose a general framework to design optimal secret protection policies in discrete-event systems. The system is modeled by an automaton in which several states are secret and assigned with different confidentiality requirement. Events in the system can be protected to verify the identity of the user, and a user who successfully executes/passes a protected event gains some authorization. Our purpose is to design an event-protecting policy such that any user, either legal or unauthorized, who visits a secret state must have an authorization that satisfies the requirement of confidentiality of the state. We consider the criteria of optimality on protecting policies as to protecting policies with a minimum degree of disturbance to legal users' normal operations. To this aim, we use Moore machines to model the dynamics of the clearance level of users when using the system. Then, we develop an auxiliary data structure called the generalized secret automaton, based on which we propose a method to design a protecting policy using the classical supervisory control theory. The minimally disruptive protecting policy is then represented by an automaton called the secret enforcer whose state size is polynomial both in the number of the plant states and the number of secret states in the plant.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

具有通用保密要求的离散事件系统中的秘密保护

本文提出了离散事件系统中设计最优秘密保护策略的一般框架。该系统由一个自动机建模，其中多个状态是保密的，并被赋予不同的保密要求。可以对系统中的事件进行保护，以验证用户的身份，成功执行/通过受保护事件的用户获得一定的授权。我们的目的是设计一个事件保护策略，这样任何访问秘密状态的用户，无论是合法的还是未经授权的，都必须具有满足状态机密性要求的授权。我们将保护策略的最优性标准视为对合法用户的正常操作干扰程度最小的保护策略。为此，我们使用摩尔机来模拟用户在使用系统时的权限级别动态。在此基础上，提出了一种利用经典监督控制理论设计保护策略的方法。然后，最小干扰保护策略由一个称为秘密执行者的自动机表示，其状态大小在工厂状态的数量和工厂中秘密状态的数量中都是多项式。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Automatic Control 工程技术-工程：电子与电气

CiteScore

11.30

自引率

5.90%

发文量

824

审稿时长

9 months

期刊介绍： In the IEEE Transactions on Automatic Control, the IEEE Control Systems Society publishes high-quality papers on the theory, design, and applications of control engineering. Two types of contributions are regularly considered: 1) Papers: Presentation of significant research, development, or application of control concepts. 2) Technical Notes and Correspondence: Brief technical notes, comments on published areas or established control topics, corrections to papers and notes published in the Transactions. In addition, special papers (tutorials, surveys, and perspectives on the theory and applications of control systems topics) are solicited.