Article

Dynamic Security Specification Through Autonomic Component Ensembles

Authors:

Frantisek Plasil,

Jiri VinarekAuthors Info & Claims

Leveraging Applications of Formal Methods, Verification and Validation. Distributed Systems: 8th International Symposium, ISoLA 2018, Limassol, Cyprus, November 5-9, 2018, Proceedings, Part III

Pages 172 - 185

https://doi.org/10.1007/978-3-030-03424-5_12

Published: 05 November 2018 Publication History

Abstract

One of the key properties of autonomic component systems is their dynamicity and context-dependence of their behavior. In contrast to systems with a static architecture, their components interact and collaborate in an ad-hoc fashion depending on their internal state and location, the state of other components and their locations, timing and history of events/state of external (uncontrolled) environment. This high degree of dynamicity collides with traditional approaches to security, which typically rely on static hierarchies of roles and a static assignment of roles. To address this problem, we formulate security rules which are autonomically composable and context-dependent; in their evolution, they follow the dynamicity and context-dependence of the autonomic components. Based on our previous work with autonomic component ensembles, we show how ensembles can be exploited to define security rules to control interactions in a system of autonomic components.

References

[1]

Almorsy M, Grundy J, and Ibrahim Amani S Xiang Y, Lopez J, Kuo C-CJ, and Zhou W MDSE@R: model-driven security engineering at runtime Cyberspace Safety and Security 2012 Heidelberg Springer 279-295

[2]

Abd Alrahman Y, De Nicola R, and Loreti M Margaria T and Steffen B Programming of CAS systems by relying on attribute-based communication Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques 2016 Cham Springer 539-553

[3]

Bures T et al. Software abstractions for component interaction in the internet of things Computer 2016 49 12 50-59

[4]

Bures, T., et al.: Trait-based language for smart cyber-physical systems. Technical report D3S-TR-2017-01, Charles University (2017)

[5]

Chaisiri, S., Ko, R.K.L.: From reactionary to proactive security: context-aware security policy management and optimization under uncertainty. In: Proceedings of Trustcom/BigDataSE/ISPA 2016, Tianjin, China, pp. 535–543. IEEE (2016)

[6]

El Khaddar MA et al. A policy-based middleware for context-aware pervasive computing Int. J. Pervasive Comput. Commun. 2015 11 1 43-68

[7]

Hennicker R and Klarl A Iida S, Meseguer J, and Ogata K Foundations for ensemble modeling – the helena approach Specification, Algebra, and Software 2014 Heidelberg Springer 359-381

[8]

Hoisl B et al. Modeling and enforcing secure object flows in process-driven SOAs: an integrated model-driven approach Softw. Syst. Model. 2014 13 2 513-548

[9]

Jürjens J Jézéquel J-M, Hussmann H, and Cook S UMLsec: extending UML for secure systems development ≪UML≫ 2002 — The Unified Modeling Language 2002 Heidelberg Springer 412-425

[10]

Krijt, F. et al.: Intelligent ensembles - a declarative group description language and java framework. In: Proceedings of SEAMS 2017, Buenos Aires, Argentina, pp. 116–122. IEEE (2017)

[11]

Laborde R, Barrère F, and Benzekri A Dimitrakos T, Martinelli F, Ryan PYA, and Schneider S A security management information model derivation framework: from goals to configurations Formal Aspects in Security and Trust 2006 Heidelberg Springer 217-234

[12]

Laborde, R. et al.: dynSMAUG: a dynamic security management framework driven by situations. In: Proceedings of CSNet 2017, Rio de Janeiro, Brazil, pp. 1–8. IEEE (2017)

[13]

Li X et al. Context aware middleware architectures: survey and challenges Sensors 2015 15 8 20570-20607

[14]

Machara, S. et al.: Trust-based context contract models for the internet of things. In: Proceedings of UIC/ATC 2013, Vietri sul Mere, Italy, pp. 557–562. IEEE (2013)

[15]

Marie P, Desprats T, Chabridon S, and Sibilla M Brézillon P and Gonzalez AJ The QoCIM framework: concepts and tools for quality of context management Context in Computing 2014 New York Springer 155-172

[16]

Nasser B, Laborde R, Benzekri A, Barrère F, and Kamel M Meersman R, Tari Z, and Herrero P Access control model for inter-organizational grid virtual organizations On the Move to Meaningful Internet Systems 2005: OTM 2005 Workshops 2005 Heidelberg Springer 537-551

[17]

Nicola, R.D. et al.: A formal approach to autonomic systems programming: the SCEL language. ACM Trans. Auton. Adapt. Syst. 9(2), 7:1–7:29 (2014)

[18]

OASIS: eXtensible Access Control Markup Language (XACML) Version 3.0 (2013)

[19]

Pelaez, A. et al.: Dynamic adaptation of policies using machine learning. In: Proceedings of CCGrid, Cartagena, Colombia, pp. 501–510. IEEE (2016)

[20]

Mohsin Saleemi M, Díaz Rodríguez N, Lilius J, and Porres I Balandin S, Koucheryavy Y, and Hu H A framework for context-aware applications for smart spaces Smart Spaces and Next Generation Wired/Wireless Networking 2011 Heidelberg Springer 14-25

[21]

Thanigaivelan NK, Nigussie E, Virtanen S, and Isoaho J Rak J, Bay J, Kotenko I, Popyack L, Skormin V, and Szczypiorski K Towards self-aware approach for mobile devices security Computer Network Security 2017 Cham Springer 171-182

[22]

Wu, Z., Weaver, A.C.: Application of fuzzy logic in federated trust management for pervasive computing. In: Proceedings of COMPSAC 2006, Chicago, USA, pp. 215–222. IEEE (2006)

Cited By

Töpfer MKhalyeyev DBureš THnětynka PPlášil F(2024)How Well Do LLMs Understand DEECo Ensemble-Based Component ArchitecturesLeveraging Applications of Formal Methods, Verification and Validation. Rigorous Engineering of Collective Adaptive Systems10.1007/978-3-031-75107-3_13(208-223)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1007/978-3-031-75107-3_13
Bures THnetynka PHeinrich RSeifermann SWalter M(2020)Capturing Dynamicity and Uncertainty in Security and Trust via Situational PatternsLeveraging Applications of Formal Methods, Verification and Validation: Engineering Principles10.1007/978-3-030-61470-6_18(295-310)Online publication date: 20-Oct-2020
https://dl.acm.org/doi/10.1007/978-3-030-61470-6_18

Index Terms

Dynamic Security Specification Through Autonomic Component Ensembles
1. Security and privacy
  1. Systems security
2. Software and its engineering
  1. Software notations and tools
    1. General programming languages
  2. Software organization and properties
    1. Software system structures
      1. Software architectures

Index terms have been assigned to the content through auto-classification.

Recommendations

Toward autonomically composable and context-dependent access control specification through ensembles
Abstract
Dynamicity and context dependence are some of the key properties of autonomic component systems that include a large spectrum of today’s modern smart systems. In these systems, components dynamically re-group themselves, interact and collaborate ...
A language and framework for dynamic component ensembles in smart systems
Abstract
Smart system applications (SSAs)—a heterogeneous landscape of applications of Internet of things, cyber-physical systems, and smart sensing systems—are composed of autonomous yet inherently cooperating components. An important problem in this area ...
SCAF: A Simple Component Architecture Framework
TOOLS '00: Proceedings of the Technology of Object-Oriented Languages and Systems (TOOLS 33)

SCAF is a Simple Component Architecture Framework built upon OMG CORBA. Components are the core-modeling concept. Components describe their relationship with other components by means of interface provision and requirement descriptions. These interfaces ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

Leveraging Applications of Formal Methods, Verification and Validation. Distributed Systems: 8th International Symposium, ISoLA 2018, Limassol, Cyprus, November 5-9, 2018, Proceedings, Part III

Nov 2018

530 pages

ISBN:978-3-030-03423-8

DOI:10.1007/978-3-030-03424-5

Editors:
Tiziana Margaria
University of Limerick, Limerick, Ireland
,
Bernhard Steffen
TU Dortmund, Dortmund, Germany

© Springer Nature Switzerland AG 2018.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 05 November 2018

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Töpfer MKhalyeyev DBureš THnětynka PPlášil F(2024)How Well Do LLMs Understand DEECo Ensemble-Based Component ArchitecturesLeveraging Applications of Formal Methods, Verification and Validation. Rigorous Engineering of Collective Adaptive Systems10.1007/978-3-031-75107-3_13(208-223)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1007/978-3-031-75107-3_13
Bures THnetynka PHeinrich RSeifermann SWalter M(2020)Capturing Dynamicity and Uncertainty in Security and Trust via Situational PatternsLeveraging Applications of Formal Methods, Verification and Validation: Engineering Principles10.1007/978-3-030-61470-6_18(295-310)Online publication date: 20-Oct-2020
https://dl.acm.org/doi/10.1007/978-3-030-61470-6_18

View Options

View options

Media

Figures

Other

Tables

View Table of Contents