Monitoring Usage-Control Policies in Distributed Systems
The authors have previously presented a monitoring algorithm for compliance checking of policies formalized in an expressive metric first-order temporal logic. They explain here the steps required to go from the original algorithm to a working infrastructure capable of monitoring an existing distributed application producing millions of log entries per day. The main challenge is to correctly and efficiently monitor the trace inter-leavings obtained by totally ordering actions that happen at the same time. They provide solutions based on formula transformations and monitoring representative traces. They also report, for the first time, on statistics on the performance of their monitor on real-world data, providing evidence of its suitability for nontrivial applications.