The Open UniversitySkip to content

Requirements and Specifications for Adaptive Security: Concepts and Analysis

Tun, T. T.; Yang, M.; Bandara, A. K.; Yu, Y.; Nhlabatsi, A.; Khan, N.; Khan, K. M. and Nuseibeh, B. (2018). Requirements and Specifications for Adaptive Security: Concepts and Analysis. In: SEAMS ’18: Proceedings of the 13th International Conference on Software Engineering for Adaptive and Self-Managing Systems, ACM, New York, pp. 161–171.

Full text available as:
PDF (Accepted Manuscript) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (245kB) | Preview
DOI (Digital Object Identifier) Link:
Google Scholar: Look up in Google Scholar


In an adaptive security-critical system, security mechanisms change according to the type of threat posed by the environment. Specifying the behavior of these systems is difficult because conditions of the environment are difficult to describe until the system has been deployed and used for a length of time. This paper defines the problem of adaptation in security-critical systems, and outlines the RELAIS approach for expressing requirements and specifying the behavior in a way that helps identify the need for adaptation, and the appropriate adaptation behavior at runtime. The paper introduces the notion of adaptation via input approximation and proposes statistical machine learning techniques for realizing it. The approach is illustrated with a running example and is applied to a realistic security example from a cloud-based file-sharing application. Bayesian classification and logistic regression methods are used to implement adaptive specifications and these methods offer different levels of adaptive security and usability in the file-sharing application.

Item Type: Conference or Workshop Item
Copyright Holders: 2018 Association for Computing Machinery
ISBN: 1-4503-5715-6, 978-1-4503-5715-9
Project Funding Details:
Funded Project NameProject IDFunding Body
Adaptive Information Security: Relating Security Requirements to Design (XC-11-067-BN)NPRP 5-079-1-018Qatar National Research Fund
Adaptive Security And Privacy (XC-11-004-BN)291652EC (European Commission): FP (inc.Horizon2020 & ERC schemes)
Extra Information: Presented at the ACM/IEEE 13th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, Gothenburg, Sweden, 28-29 May 2018.
Keywords: security requirements; self-adaptation
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Research Group: Software Engineering and Design (SEAD)
Related URLs:
Item ID: 54029
Depositing User: Thein Tun
Date Deposited: 16 Apr 2018 09:14
Last Modified: 04 May 2019 06:16
Share this page:


Altmetrics from Altmetric

Citations from Dimensions

Download history for this item

These details should be considered as only a guide to the number of downloads performed manually. Algorithmic methods have been applied in an attempt to remove automated downloads from the displayed statistics but no guarantee can be made as to the accuracy of the figures.

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU