Skip to main content
SpringerLink
Log in

A Dynamic Security Framework for Ambient Intelligent Systems: A Smart-Home Based eHealth Application

  • Chapter
Transactions on Computational Science X

Part of the book series: Lecture Notes in Computer Science ((TCOMPUTATSCIE,volume 6340))

Abstract

Providing context-dependent security services is an important challenge for ambient intelligent systems. The complexity and the unbounded nature of such systems make it difficult even for the most experienced and knowledgeable security engineers, to foresee all possible situations and interactions when developing the system. In order to solve this problem context based self- diagnosis and reconfiguration at runtime should be provided.

We present in this paper a generic security and dependability framework for the dynamic provision of Security and Dependability (S&D) solutions at runtime. Through out the paper, we use a smart items based e-health scenario to illustrate our approach. The eHealth prototype has been implemented and demonstrated in many scientific and industrial events.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ActiveBPEL, LLC, ActiveBPEL, the Open Source BPEL Engine, No longer supported by the company as Open Source since 2010, http://www.activebpel.org

  2. Prediction-based strategies for energy saving in object tracking sensor networks (2004)

    Google Scholar 

  3. Abendroth, J., Jensen, C.D.: A unified security framework for networked applications. In: Proc. of the 2003 ACM Symp. on Applied Comp., pp. 351–357. ACM Press, New York (2003)

    Chapter  Google Scholar 

  4. Acampora, G., Gaeta, M., Loia, V., Vasilakos, A.V.: Interoperable and adaptive fuzzy services for ambient intelligence applications. ACM Trans. Auton. Adapt. Syst. (2010)

    Google Scholar 

  5. Altenschmidt, C., Biskup, J., Flegel, U., Karabulut, Y.: Secure mediation: Requirements, design, and architecture. JCS 11(3), 365–398 (2003)

    Google Scholar 

  6. Au, R., Looi, M., Ashley, P.: Cross-domain one-shot authorization using smart cards. In: Proc. of CCS 2000, pp. 220–227. ACM Press, New York (2000)

    Chapter  Google Scholar 

  7. Aura, T., Roe, M.: Designing the mobile ipv6 security protocol. Annales des Télécommunications 61(3-4), 332–356 (2006)

    Google Scholar 

  8. Beznosov, K., Deng, Y., Blakley, B., Burt, C., Barkley, J.: A resource access decision service for CORBA-based distributed systems. In: Proc. of ACSAC 1999, pp. 310–319. IEEE Press, Los Alamitos (1999)

    Google Scholar 

  9. Bonatti, P.A.: Rule languages for security and privacy in cooperative systems. COMPSAC (1), 268–269 (2005)

    Google Scholar 

  10. Butler, S.A.: Security attribute evaluation method: a cost-benefit approach. In: ICSE, pp. 232–240. ACM, New York (2002)

    Google Scholar 

  11. Chadwick, D.W., Otenko, A.: The permis x.509 role based privilege management infrastructure. In: Proc. of SACMAT 2002, pp. 135–140. ACM Press, New York (2002)

    Chapter  Google Scholar 

  12. Compagna, L., Khoury, P.E., Massacci, F., Thomas, R., Zannone, N.: How to capture, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach. In: ICAIL 2007: Proceedings of the 11th International Conference on Artificial Intelligence and Law, pp. 149–153. ACM Press, New York (2007)

    Chapter  Google Scholar 

  13. Constandache, I., Olmedilla, D., Siebenlist, F.: Policy-driven negotiation for authorization in the grid, pp. 211–220. IEEE Press, Los Alamitos (2007)

    Google Scholar 

  14. Constandache, I., Olmedilla, D., Siebenlist, F.: Policy-driven negotiation for authorization in the grid. In: IEEE International Policies for Distributed Systems and Networks (POLICY 2007). IEEE Computer Society Press, Los Alamitos (2007)

    Google Scholar 

  15. Covingtony, M.J., Fogla, P., Mustaque Ahamad, Z.Z.: A context-aware security architecture for emerging applications. In: ACSAC 2002 (2002)

    Google Scholar 

  16. Cukier, M., Courtney, T., Lyons, J., Ramasamy, H.V., Sanders, W.H., Seri, M., Atighetchi, M., Rubel, P., Jones, C., Webber, F., Watro, P.P.R., Gossett, J.: Providing intrusion tolerance with itua. In: Supplement of the 2002 Int. Conf. on Dependable Systems and Networks. IEEE Press, Los Alamitos (2002)

    Google Scholar 

  17. Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B.M., Ylonen, T.: SPKI Certificate Theory, IETF RFC 2693 (September 1999)

    Google Scholar 

  18. Fernandez, E.: Metadata and authorization patterns. Technical report, Florida Atlantic University (2000)

    Google Scholar 

  19. Fernandez, E., Pan, R.: A pattern language for security models. In: Proc. of the 8th Conf. on Pattern Languages of Programs (2001)

    Google Scholar 

  20. Gomez, L., Thomas, I.: Towards user authentication flexibility. In: Proc. of the ACM International Conference of Security and Cryptography. ACM Press, New York (2007)

    Google Scholar 

  21. Hine, J.A., Yao, W., Bacon, J., Moody, K.: An architecture for distributed OASIS services. In: Coulson, G., Sventek, J. (eds.) Middleware 2000. LNCS, vol. 1795, pp. 104–120. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  22. Johnston, W., Mudumbai, S., Thompson, M.: Authorization and attribute certificates for widely distributed access control. In: Proc. of the 7th IEEE Int. Work. on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 1998), pp. 340–345. IEEE Press, Los Alamitos (1998)

    Google Scholar 

  23. Knight, C., Heimbigner, D., Wolf, A.L., Carzaniga, A., Hill, J.C., Devanbu, P., Gertz, M.: The willow survivability architecture. In: Proc. of the 4th Information Survivability Workshop (2001)

    Google Scholar 

  24. Konrad, S., Cheng, B.H.C., Campbell, L.A., Wassermann, R.: Using security patterns to model and analyze security requirements. In: Proceedings of the Requirements for High Assurance Systems Workshop (RHAS 2003), Monterey Bay CA, USA. IEEE Computer Society, Los Alamitos (September 2003)

    Google Scholar 

  25. Ma, D., Tsudik, G.: Extended abstract: Forward-secure sequential aggregate authentication. In: SP 2007: Proceedings of the 2007 IEEE Symposium on Security and Privacy, Washington, DC, USA. IEEE Computer Society, Los Alamitos (2007)

    Google Scholar 

  26. McGuinness, D.L., da Silva, P.P.: Explaining answers from the semantic web: The inference web approach. Journal of Web Semantics 1(4), 397–413 (2004)

    Google Scholar 

  27. Meyer, B.: Design by contract. In: Mandrioli, D., Meyer, B. (eds.) Advances in Object-Oriented Software Engineering, pp. 1–50. Prentice-Hall, Englewood Cliffs (1991)

    Google Scholar 

  28. Meyer, B.: Applying ”design by contract”. Computer 25(10), 40–51 (1992)

    Article  Google Scholar 

  29. Meyer, B.: The grand challenge of trusted components. In: ICSE 2003: Proceedings of the 25th International Conference on Software Engineering, Washington, DC, USA, pp. 660–667. IEEE Computer Society, Los Alamitos (2003)

    Google Scholar 

  30. Moloney, M., Weber, S.: A context-aware trust-based security system for ad hoc networks. In: Proc. of the Security and Privacy for Emerging Areas in Communication Networks Workshop, pp. 153–160. IEEP (2005)

    Google Scholar 

  31. Moses, T.: extensible access control markup language tc v2.0 (xacml) (February 2005)

    Google Scholar 

  32. Piero, J.P., Bonatti, A., Olmedilla, D.: Advanced policy explanations on the web. In: ECAI 2006, pp. 200–204 (2006)

    Google Scholar 

  33. Pigot, H., Mayers, A., Giroux, S.: The intelligent habitat and everyday life activity support. In: Proc. of the 5th Int. Conf. on Simulations in Biomedicine, pp. 507–516 (2003)

    Google Scholar 

  34. Sanchez-Cid, F., Munoz, A., Khoury, P.E., Compagna, L.: Xacml as a security and dependability pattern for access control in ami environments. In: Proc. of the Ambient Intelligence Developments Conf. (AmI.d 2007). Springer, Heidelberg (2007)

    Google Scholar 

  35. Sang, Y., Shen, H., Inoguchi, Y., Tan, Y., Xiong, N.: Secure data aggregation in wireless sensor networks: A survey. In: International Conference on Parallel and Distributed Computing Applications and Technologies, pp. 315–320 (2006)

    Google Scholar 

  36. Schumacher, M., Roedig, U.: Security Engineering with Patterns. In: Proceedings of the 8th Conference on Pattern Languages of Programs (PLoP 2001). ACM Press, New York (2001)

    Google Scholar 

  37. Spanoudakis, G., Gomez, A.M., Kokolakis, S. (eds.): Security and Dependability for Ambient Intelligence. Advances in Information Security, vol. 45. Springer, Heidelberg (2009) ISBN: 978-0-387-88774-6

    Google Scholar 

  38. Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate-based access control for widely distributed resources. In: Proc. of 8th USENIX Security Symposium, pp. 215–228 (August 1999)

    Google Scholar 

  39. Wassermann, R., Cheng, B.: Security patterns. Technical Report MSU-CSE-03-23, Comp. Sci. and Eng., Michigan State Univ. (2003)

    Google Scholar 

  40. Wimmel, G., Wisspeintner, A.: Extended description techniques for security engineering. In: Proc. of the 16th Int. Conf. on Information Security (2001)

    Google Scholar 

  41. Woo, T., Lam, S.: Authorization in distributed systems: a formal approach. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 529–536. IEEE Press, Los Alamitos (1992)

    Google Scholar 

  42. Yoder, J., Barcalow, J.: Architectural patterns for enabling application security. In: Conference on Pattern Languages of Programs (PLoP 1997). ACM, New York (1997)

    Google Scholar 

  43. Zurko, M., Simon, R., Sanfilippo, T.: A user-centered, modular authorization service built on an RBAC foundation. In: Proc. of Symp. on Sec. and Privacy, pp. 57–71. IEEE Press, Los Alamitos (1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Trento, Italy

    Fabio Massacci & Ayda Saidane

  2. SAP Research, France

    Luca Compagna & Paul El Khoury

  3. LIRIS, University of Lyon 1, France

    Paul El Khoury

Authors
  1. Luca Compagna
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paul El Khoury
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fabio Massacci
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ayda Saidane
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Calgary, 2500 University Drive N.W., T2N 1N4, Calgary, AB, Canada

    Marina L. Gavrilova

  2. Exascala Ltd., Unit 9, 97 Rickman Drive, B15 2AL, Birmingham, UK

    C. J. Kenneth Tan

  3. DCOMP/UFS - Federal University of Sergipe, Aracaju, SE, Brazil

    Edward David Moreno

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Compagna, L., El Khoury, P., Massacci, F., Saidane, A. (2010). A Dynamic Security Framework for Ambient Intelligent Systems: A Smart-Home Based eHealth Application. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds) Transactions on Computational Science X. Lecture Notes in Computer Science, vol 6340. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17499-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17499-5_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17498-8

  • Online ISBN: 978-3-642-17499-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation