The Open UniversitySkip to content

“Why can’t I do that?”: tracing adaptive security decisions

Nhlabatsi, Armstrong; Tun, Thein; Khan, Niamul; Yu, Yijun; Bandara, Arosha; Khan, Khaled M. and Nuseibeh, Bashar (2015). “Why can’t I do that?”: tracing adaptive security decisions. EAI Endorsed Transactions on Self-Adaptive Systems, 1(1), article no. e2.

Full text available as:
PDF (Proof) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (1MB) | Preview
DOI (Digital Object Identifier) Link:
Google Scholar: Look up in Google Scholar


One of the challenges of any adaptive system is to ensure that users can understand how and why the behaviour of the system changes at runtime. This is particularly important for adaptive security behaviours which are essential for applications that are used in many different contexts, such as those hosted in the cloud. In this paper, we propose an approach for using traceability information, enriched with causality relations and contextual attributes of the deployment environment, when providing feedback to the users. We demonstrate, using a cloud storage-as-a-service environment, how our approach provides users of cloud applications better information, explanations and assurances about the security decisions made by the system. This enables the user to understand why a certain security adaptation has occurred, how the adaptation is related to current context of use of the application, and a guarantee that the application still satisfies its security requirements after an adaptation.

Item Type: Journal Item
Copyright Holders: 2015 A. Nhlabatsi et al.
Project Funding Details:
Funded Project NameProject IDFunding Body
Adaptive Information Security: Relating Security Requirements to Design (XC-11-067-BN)NPRP 5-079-1-018Qatar National Research Fund
Keywords: traceability; causality; entailment relation; security requirements; policies
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Research Group: Centre for Research in Computing (CRC)
International Development & Inclusive Innovation
Item ID: 41870
Depositing User: Thein Tun
Date Deposited: 02 Feb 2015 10:03
Last Modified: 07 Dec 2018 18:31
Share this page:


Altmetrics from Altmetric

Citations from Dimensions

Download history for this item

These details should be considered as only a guide to the number of downloads performed manually. Algorithmic methods have been applied in an attempt to remove automated downloads from the displayed statistics but no guarantee can be made as to the accuracy of the figures.

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU