Actions over Core-closed Knowledge Bases
Paper in proceeding, 2022
We present new results on the application of semantic- and knowledge-based reasoning techniques to the analysis of cloud deployments. In particular, to the security of Infrastructure as Code configuration files, encoded as description logic knowledge bases. We introduce an action language to model mutating actions; that is, actions that change the structural configuration of a given deployment by adding, modifying, or deleting resources. We mainly focus on two problems: the problem of determining whether the execution of an action, no matter the parameters passed to it, will not cause the violation of some security requirement (static verification), and the problem of finding sequences of actions that would lead the deployment to a state where (un)desirable properties are (not) satisfied (plan existence and plan synthesis). For all these problems, we provide definitions, complexity results, and decision procedures.
Author
Claudia Cauli
Chalmers, Computer Science and Engineering (Chalmers), Formal methods
University of Gothenburg
Magdalena Ortiz
Vienna University of Technology
Nir Piterman
University of Gothenburg
Chalmers, Computer Science and Engineering (Chalmers), Formal methods
Lecture Notes in Computer Science
0302-9743 (ISSN) 1611-3349 (eISSN)
Vol. 13385 LNAI 281-2999783031107689 (ISBN)
11th International Joint Conference on Automated Reasoning, IJCAR 2022, part of the Federated Logic Conference, FLoC 2022
Haifa, Israel,
Haifa, Israel,
Subject Categories (SSIF 2025)
Computer Sciences
DOI
10.1007/978-3-031-10769-6_17