posted on 2014-09-10, 08:20authored byLiliana Pasquale, Carlo Ghezzi, Claudio Menghi, Christos Tsigkanos, Bashar NuseibehBashar Nuseibeh
Adaptive security systems aim to protect valuable assets in the
face of changes in their operational environment. They do so by
monitoring and analysing this environment, and deploying security
functions that satisfy some protection (security, privacy, or forensic)
requirements. In this paper, we suggest that a key characteristic
for engineering adaptive security is the topology of the operational
environment, which represents a physical and/or a digital space -
including its structural relationships, such as containment, proximity,
and reachability. For adaptive security, topology expresses a
rich representation of context that can provide a system with both
structural and semantic awareness of important contextual characteristics.
These include the location of assets being protected or the
proximity of potentially threatening agents that might harm them.
Security-related actions, such as the physical movement of an actor
from a room to another in a building, may be viewed as topological
changes. The detection of a possible undesired topological change
(such as an actor possessing a safe’s key entering the room where
the safe is located) may lead to the decision to deploy a particular
security control to protect the relevant asset. This position paper
advocates topology awareness for more effective engineering of
adaptive security. By monitoring changes in topology at runtime
one can identify new or changing threats and attacks, and deploy
adequate security controls accordingly. The paper elaborates on the
notion of topology and provides a vision and research agenda on its
role for systematically engineering adaptive security systems.
Funding
Study on Aerodynamic Characteristics Control of Slender Body Using Active Flow Control Technique