Monitoring Data Usage in Distributed Systems

IT systems manage increasing amounts of sensitive data and there is a growing concern that they comply with policies that regulate data usage. In this paper, we use temporal logic to express policies and runtime monitoring to check system compliance. While well-established methods for monitoring linearly ordered system behavior exist, a major challenge is monitoring distributed and concurrent systems where actions are locally observed in the different system parts. These observations can only be partially ordered, while policy compliance may depend on the actions´ actual order of appearance. Technically speaking, it is in general intractable to check compliance of partially ordered traces. We identify fragments of our policy specification language for which compliance can be checked efficiently, namely, by monitoring a single representative trace in which the observed actions are totally ordered. Through a case study we show that the fragments are capable of expressing nontrivial policies and that monitoring representative traces is feasible on real-world data.