Skip navigation

Requirements and specifications for adaptive security: Concepts and analysis

Requirements and specifications for adaptive security: Concepts and analysis

Tun, T. T., Yang, M., Bandara, A. K., Nhlabatsi, A., Khan, N., Khan, K. M. and Nuseibeh, B. (2018) Requirements and specifications for adaptive security: Concepts and analysis. In: 13th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS ’18). ACM Press, pp. 161-171. ISBN 978-1-4503-5715-9 (doi:https://doi.org/10.1145/3194133.3194155)

[img] PDF (Publisher's PDF)
19824 YANG_Requirements_and Specifications_for_Adaptive_Security_2018.pdf - Published Version
Restricted to Registered users only

Download (250kB)

Abstract

In an adaptive security-critical system, security mechanisms change according to the type of threat posed by the environment. Specifying the behavior of these systems is difficult because conditions of the environment are difficult to describe until the system has been deployed and used for a length of time. This paper defines the problem of adaptation in security-critical systems, and outlines the RELAIS approach for expressing requirements and specifying the behavior in a way that helps identify the need for adaptation, and the appropriate adaptation behavior at runtime. The paper introduces the notion of adaptation via input approximation and proposes statistical machine learning techniques for realizing it. The approach is illustrated with a running example and is applied to a realistic security example from a cloud-based file-sharing application. Bayesian classification and logistic regression methods are used to implement adaptive specifications and these methods offer different levels of adaptive security and usability in the file-sharing application.

Item Type: Conference Proceedings
Title of Proceedings: 13th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS ’18)
Additional Information: Conference held from 28-29 May 2018, Gothenburg, Sweden.
Uncontrolled Keywords: security requirements; self-adaptation
Faculty / Department / Research Group: Faculty of Business
Faculty of Business > Networks and Urban Systems Centre (NUSC) > Connected Cities Research Group
Faculty of Business > Department of Systems Management & Strategy
Last Modified: 18 May 2019 20:44
Selected for GREAT 2016: None
Selected for GREAT 2017: None
Selected for GREAT 2018: GREAT d
Selected for GREAT 2019: GREAT 4
URI: http://gala.gre.ac.uk/id/eprint/19824

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics