Abstract
AmI considerations lead us to argue that it is essential for Security and Dependability (S&D) mechanisms to be able to adapt themselves to renewable context conditions in order to be applied to the ever-changing AmI scenarios. The key for this dynamic adaptation relies on the ability to capture the expertise of S&D engineers in such a way that it can be selected, adapted, used and monitored at runtime by automated means. S&D Artefacts proposed in this chapter represent the core of author’s approach to precisely model such expertise in form of semantic descriptions. They adopt an integral methodology covering the complete system life cycle going from S&D Classes, mostly used at development time, to S&D Patterns and S&D Implementations, perfectly suited for deployment and runtime use. This chapter traces the foundations and internals of S&D Artefacts, describing how they are defined and structured, and how they are categorized and grouped to form an exhaustive library of sound S&D Solutions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Reiter, M. (1996) Distributing trust with the Rampart toolkit, Communications of the ACM, v.39 n.4, p.71–74.
BEA White Paper BEA WebLogic Security Framework Working with Your Security Eco-System. http://www.bea.com. Cited 6 July 2008.
Object Management Group. The Common Object Request Broker Architecture and Specification. http://www.omg.org. Cited 6 July 2008.
Llewellyn-Jones, D., Merabti, M., Shi, Q., B. Askwith (2004) An Extensible Framework for Practical Secure Component Composition in a Ubiquitous Computing Environment. In Proceedings of International Conference on Information Technology.
Fayad, M., Johnson, R., Schmidt, D.C. (1999) Building Application Frameworks Object-Oriented Foundations of Framework Design. Wiley & Sons.
Schumacher, M., Mouratidis, H., Giorgini, P. (2003) Security Patterns for Agent Systems. In Proc. of 8th European Conference on Pattern Languages of Programs.
Wooldridge, M., Jennings, N.R., Kinny., D. (2000) The Gaia methodology for agent-oriented analysis and design. Journal of Autonomous Agents and Multi-Agent Systems, 3(3), p.285.
Boudaoud, K., McCathieNevile, C. (2002) An Intelligent Agent-based Model for Security Management. In Proc. 7th International Symposium on Computers and Communications.
Nobukazu Y., Shinichi H., Anthony F. (2004) Security Patterns A Method for Constructing Secure and Efficient Inter-Company Coordination Systems. Enterprise Distributed Object Computing Conference.
Cigital Labs AOP An Aspect-Oriented Security Assurance Solution. http://www.cigital.com/labs/projects/1027/. Cited 6 July 2008
Shah, V., Hill, F. (2003) An Aspect-Oriented Security Framework. DARPA Information Survivability Conference and Exposition - Volume II, p. 143.
Llewellyn-Jones, D., Merabti, M., Shi, Q., Askwith, B. (2004) Utilizing Component Composition for Secure ubiquitous Computing. In Proceedings of 2nd UK-UbiNet Workshop.
Shi, Q., Zhang, N. (1998) An effective model for composition of secure systems. Journal of Systems and Software. 43(3), pp. 233–244.
Mantel, H. (2002) On the composition of secure systems. In Proc. of IEEE Symposium on Security and Privacy.
Canal, C., Fuentes, L., Pimentel, E., Troya, J.M., Vallecillo, A. (2003) Adding Roles to CORBA Objects. IEEE Transactions on Software Engineering 29(3), pp. 242–260.
López, J., Maña, A., Ortega, J.J., Troya, J., Yague, M.I. (2003) Integrating PMI Services in CORBA Applications. In Computer Standards & Interfaces, 25, 4, pp. 391–409. Elsevier.
Meling, R. (2000) Storing and Retrieving Software Components A Component Description Manager. In Proc. of the Australian Software Engineering Conference. IEEE.
Becker, S. (2006) Coordination and Adaptation Techniques Bridging the Gap between Design and Implementation. Report on the ECOOP’2006 Workshop on Coordination and Adaptation Techniques for Software Entities. Springer.
Khan, K., Han, J. (2002) Composing Security-aware Software. IEEE Software, Vol. 19, Issue 1, pp 34–41. IEEE.
Brogi, A., Cmara, J., Canal, C., Cubo, J., Pimentel, E. (2006) Dynamic Contextual Adaptation. Workshop on the Foundations of Coordination Languages and Software Architectures. Electronic Notes in Theoretical Computer Science. Elsevier.
McDermid, J.A, Shi, Q. (1992) Secure composition of systems. In Proc. of Eighth Annual Computer Security Applications Conference, pp. 112–122.
Jaeger, T. (1998) Security Architecture for component-based Operating System. In ACM Special Interest Group in Operating Systems (SIGOPS) European Workshop.
Ghosh, A.K., McGraw, G. An Approach for Certifying Security in Software Components.
Kienzle, D.M., Elder, M.C. Final Technical Report Security Patterns for Web Application Development.
IBM’s Security Strategy team (2004) Introduction to Business Security Patterns. An IBM White Paper. http //www-3.ibm.com/security/patterns/intro.pdf. Cited 6 July 2008.
Konrad, S., Cheng, B.H.C., Campbell, Laura, A., Wassermann, R. (2003) Using Security Patterns to Model and Analyze Security Requirements. In Proc. Requirements for High Assurance Systems Workshop.
Yoder, J., Barcalow, J. (2000) Architectural Patterns for Enabling Application Security. In Pattern Languages of Program Design, pp. 301–336. Addison Wesley.
Romanosky, S. (2001) Security Design Patterns, Part 1, 1.4.
Gamma, E., Helm, R., Johnson, R., and Vlissides, J. (1994) Design patterns Elements of Reusable Object-Oriented Software. Addison-Wesley.
Fernandez, E.B. (2006) Security patterns. In Procs. of the Eighth International Symposium on System and Information Security.
Fernandez, E.B., Rouyi, P. (2001) A pattern language for security models. PLoP’01.
Fernandez, E.B. (2000) Metadata and authorization patterns. Technical report, Florida Atlantic University.
Allenby, K., Kelly, T. (2001) Deriving Safety Requirements Using Scenarios. In Proc. of the 5th IEEE International Symposium on Requirements Engineering.
Mikkonen, T. (1998) Formalizing design patterns. In Proc. of 20th ICSE, pp. 115–124. IEEE Computer Society Press.
Wassermann, R., Cheng, B.H.C. (2003) Security Patterns. Technical Report MSU-CSE-03-23, Computer Science and Engineering.
Hallstrom, J. O., Soundarajan, N., Tyler, B. (2004) Monitoring Design Pattern Contracts. In Proc. of the FSE-12 Workshop on Specification and Verification of Component-Based Systems, pp. 87–94.
Hallstrom, J. O., Soundarajan, N. (2006) Pattern-Based System Evolution A Case-Study. In Proc of the 18th International Conference on Software Engineering and Knowledge Engineering.
Pernul, G., Essmayr, W., Tjoa, A.M. (1997) Access controls by object oriented concepts. In Proc. of 11th IFIP WG 11.3 Working Conference on Database Security.
Fernandez, E. B. (2004) Two patterns for web services security. In Proc. International Symposium on Web Services and Applications.
Delessy-Gassant, N., Fernandez. E.B., Rajput. S, Larrondo-Petrie, M.M. (2004) Patterns for Application Firewalls. PLoP’04 Conference.
Torsten, P, Fernandez, E.B., Mehlau, J.I., Pernul, G. (2004) A pattern system for access control. 18th IFIP WG 11.3 Conference on Data and Applications Security.
Androutsopoulos K, Ballas C, Kloukinas C, Mahbub K, Spanoudakis G (2007) Version 1 of the dynamic validation prototype. Deliverable A4.D3.1, SERENITY EU Research Project 027587, available from http //www.serenity-forum.org/Work-package-4-3.html
Shanahan MP (1999) The event calculus explained. In Wooldridge MJ, Veloso M (eds) Artificial Intelligence Today, vol 1600, pp 409–430.
Spanoudakis G, Tsigkritis T, Kloukinas C (2008) Second version of diagnosis proto-type. Deliverable A4.D5.2, SERENITY EU Research Project 027587, available from http//www.serenity-forum.org/Work-package-4-5.html
Tsigkritis T, Spanoudakis G, Kloukinas C, Lorenzoli D (2009) Security and Dependability for Ambient Intelligence, Springer Verlag, chap Diagnosis and Threat Detection Capabilities of the SERENITY Monitoring Framework. Information Security Series.
Barthe G, Grgoire B, Pavlova M. (2008) Preservation of Proof Obligations from Java to the Java Virtual Machine. IJCAR 2008. 83–99.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag US
About this chapter
Cite this chapter
Sánchez-Cid, F., Maña, A., Spanoudakis, G., Kloukinas, C., Serrano, D., Muñoz, A. (2009). Representation of Security and Dependability Solutions. In: Kokolakis, S., Gómez, A., Spanoudakis, G. (eds) Security and Dependability for Ambient Intelligence. Advances in Information Security, vol 45. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-88775-3_5
Download citation
DOI: https://doi.org/10.1007/978-0-387-88775-3_5
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-88774-6
Online ISBN: 978-0-387-88775-3
eBook Packages: Computer ScienceComputer Science (R0)