Requirements-driven mediation for collaborative security

A. Bennaceur, A. Bandara, M. Jackson, W. Liu, Lionel Montrieux, T. Tun, Y. Yu, B. Nuseibeh
{"title":"Requirements-driven mediation for collaborative security","authors":"A. Bennaceur, A. Bandara, M. Jackson, W. Liu, Lionel Montrieux, T. Tun, Y. Yu, B. Nuseibeh","doi":"10.1145/2593929.2593938","DOIUrl":null,"url":null,"abstract":"Security is concerned with the protection of assets from intentional harm. Secure systems provide capabilities that enable such protection to satisfy some security requirements. In a world increasingly populated with mobile and ubiquitous computing technology, the scope and boundary of security systems can be uncertain and can change. A single functional component, or even multiple components individually, are often insufficient to satisfy complex security requirements on their own. \n Adaptive security aims to enable systems to vary their protection in the face of changes in their operational environment. Collaborative security, which we propose in this paper, aims to exploit the selection and deployment of multiple, potentially heterogeneous, software-intensive components to collaborate in order to meet security requirements in the face of changes in the environment, changes in assets under protection and their values, and the discovery of new threats and vulnerabilities. \n However, the components that need to collaborate may not have been designed and implemented to interact with one another collaboratively. To address this, we propose a novel framework for collaborative security that combines adaptive security, collaborative adaptation and an explicit representation of the capabilities of the software components that may be needed in order to achieve collaborative security. We elaborate on each of these framework elements, focusing in particular on the challenges and opportunities afforded by (1) the ability to capture, represent, and reason about the capabilities of different software components and their operational context, and (2) the ability of components to be selected and mediated at runtime in order to satisfy the security requirements. We illustrate our vision through a collaborative robotic implementation, and suggest some areas for future work.","PeriodicalId":168314,"journal":{"name":"International Symposium on Software Engineering for Adaptive and Self-Managing Systems","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Symposium on Software Engineering for Adaptive and Self-Managing Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2593929.2593938","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 19

Abstract

Security is concerned with the protection of assets from intentional harm. Secure systems provide capabilities that enable such protection to satisfy some security requirements. In a world increasingly populated with mobile and ubiquitous computing technology, the scope and boundary of security systems can be uncertain and can change. A single functional component, or even multiple components individually, are often insufficient to satisfy complex security requirements on their own. Adaptive security aims to enable systems to vary their protection in the face of changes in their operational environment. Collaborative security, which we propose in this paper, aims to exploit the selection and deployment of multiple, potentially heterogeneous, software-intensive components to collaborate in order to meet security requirements in the face of changes in the environment, changes in assets under protection and their values, and the discovery of new threats and vulnerabilities. However, the components that need to collaborate may not have been designed and implemented to interact with one another collaboratively. To address this, we propose a novel framework for collaborative security that combines adaptive security, collaborative adaptation and an explicit representation of the capabilities of the software components that may be needed in order to achieve collaborative security. We elaborate on each of these framework elements, focusing in particular on the challenges and opportunities afforded by (1) the ability to capture, represent, and reason about the capabilities of different software components and their operational context, and (2) the ability of components to be selected and mediated at runtime in order to satisfy the security requirements. We illustrate our vision through a collaborative robotic implementation, and suggest some areas for future work.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
用于协作安全性的需求驱动中介
安全与保护资产免受故意损害有关。安全系统提供了支持这种保护以满足某些安全需求的功能。在移动和无处不在的计算技术日益普及的世界中,安全系统的范围和边界可能是不确定的,也可能发生变化。单个功能组件,甚至单独的多个组件,通常不足以单独满足复杂的安全性需求。自适应安全旨在使系统能够在面对操作环境的变化时改变其保护。我们在本文中提出的协同安全,旨在利用选择和部署多个潜在异构的软件密集型组件进行协作,以满足面对环境变化、受保护资产及其价值变化以及发现新威胁和漏洞时的安全需求。然而,需要协作的组件可能没有被设计和实现为以协作方式相互交互。为了解决这个问题,我们提出了一个新的协作安全框架,它结合了自适应安全、协作适应和实现协作安全可能需要的软件组件功能的显式表示。我们详细阐述了这些框架元素中的每一个,特别关注以下方面所带来的挑战和机遇:(1)捕获、表示和推理不同软件组件的功能及其操作上下文的能力,以及(2)在运行时选择和调节组件以满足安全需求的能力。我们通过协作机器人实现阐述了我们的愿景,并提出了未来工作的一些领域。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Designing search based adaptive systems: a quantitative approach A prediction-driven adaptation approach for self-adaptive sensor networks Autonomic resource provisioning for cloud-based software Requirements-driven mediation for collaborative security A computational field framework for collaborative task execution in volunteer clouds
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1