Bennaceur, Amel; Bandara, Arosha; Jackson, Michael; Liu, Wei; Montrieux, Lionel; Tun, Thein; Yu, Yijun and Nuseibeh, Bashar
PDF (Accepted Manuscript)
- Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (609Kb) | Preview
|DOI (Digital Object Identifier) Link:||https://doi.org/10.1145/2593929.2593938|
|Google Scholar:||Look up in Google Scholar|
Security is concerned with the protection of assets from intentional harm. Secure systems provide capabilities that enable such protection to satisfy some security requirements. In a world increasingly populated with mobile and ubiquitous computing technology, the scope and boundary of security systems can be uncertain and can change. A single functional component, or even multiple components individually, are often insufficient to satisfy complex security requirements on their own.
Adaptive security aims to enable systems to vary their protection in the face of changes in their operational environment. Collaborative security, which we propose in this paper, aims to exploit the selection and deployment of multiple, potentially heterogeneous, software-intensive components to collaborate in order to meet security requirements in the face of changes in the environment, changes in assets under protection and their values, and the discovery of new threats and vulnerabilities.
However, the components that need to collaborate may not have been designed and implemented to interact with one another collaboratively. To address this, we propose a novel framework for collaborative security that combines adaptive security, collaborative adaptation and an explicit representation of the capabilities of the software components that may be needed in order to achieve collaborative security. We elaborate on each of these framework elements, focusing in particular on the challenges and opportunities afforded by (1) the ability to capture, represent, and reason about the capabilities of different software components and their operational context, and (2) the ability of components to be selected and mediated at runtime in order to satisfy the security requirements. We illustrate our vision through a collaborative robotic implementation, and suggest some areas for future work.
|Item Type:||Conference Item|
|Copyright Holders:||2014 ACM|
|Project Funding Details:||
|Keywords:||security requirements; mediation; collaborative adaptation|
|Academic Unit/School:||Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
|Interdisciplinary Research Centre:||Centre for Policing Research and Learning (CPRL)
Centre for Research in Computing (CRC)
International Development & Inclusive Innovation
|Depositing User:||Amel Bennaceur|
|Date Deposited:||14 Mar 2014 10:26|
|Last Modified:||09 Feb 2017 12:36|
|Share this page:|
Download history for this item
These details should be considered as only a guide to the number of downloads performed manually. Algorithmic methods have been applied in an attempt to remove automated downloads from the displayed statistics but no guarantee can be made as to the accuracy of the figures.