The Open UniversitySkip to content
 

Engineering topology aware adaptive security: preventing requirements violations at runtime

Tsigkanos, Christos; Pasquale, Liliana; Menghi, Claudio; Ghezzi, Carlo and Nuseibeh, Bashar (2014). Engineering topology aware adaptive security: preventing requirements violations at runtime. In: 2014 IEEE 22nd International Requirements Engineering Conference (RE): Proceedings, Institute of Electrical and Electronics Engineers, pp. 203–212.

Full text available as:
[img]
Preview
PDF (Version of Record) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (835kB) | Preview
DOI (Digital Object Identifier) Link: https://doi.org/10.1109/RE.2014.6912262
Google Scholar: Look up in Google Scholar

Abstract

Adaptive security systems aim to protect critical assets in the face of changes in their operational environment. We have argued that incorporating an explicit representation of the environment’s topology enables reasoning on the location of assets being protected and the proximity of potentially harmful agents. This paper proposes to engineer topology aware adaptive security systems by identifying violations of security requirementsthat may be caused by topological changes, and selecting a setof security controls that prevent such violations. Our approach focuses on physical topologies; it maintains at runtime a live representation of the topology which is updated when assets or agents move, or when the structure of the physical space is altered. When the topology changes, we look ahead at a subset of the future system states. These states are reachable when the agents move within the physical space. If security requirements can be violated in future system states, a configuration of security controls is proactively applied to prevent the system from reaching those states. Thus, the system continuously adapts to topological stimuli, while maintaining requirements satisfaction. Security requirements are formally expressed using a propositional temporal logic, encoding spatial properties in Computation Tree Logic (CTL). The Ambient Calculus is used to represent the topology of the operational environment - including location of assets and agents - as well as to identify future system states that are reachable from the current one. The approach is demonstrated and evaluated using a substantive example concerned with physical access control.

Item Type: Conference or Workshop Item
Copyright Holders: 2014 by the Institute of Electrical and Electronics Engineers
ISBN: 1-4799-3031-8, 978-1-4799-3031-9
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Research Group: Centre for Research in Computing (CRC)
International Development & Inclusive Innovation
Item ID: 41170
Depositing User: Danielle Lilly
Date Deposited: 21 Oct 2014 10:40
Last Modified: 02 May 2018 14:03
URI: http://oro.open.ac.uk/id/eprint/41170
Share this page:

Metrics

Altmetrics from Altmetric

Citations from Dimensions

Download history for this item

These details should be considered as only a guide to the number of downloads performed manually. Algorithmic methods have been applied in an attempt to remove automated downloads from the displayed statistics but no guarantee can be made as to the accuracy of the figures.

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU