skip to main content
10.1145/1868630.1868634acmconferencesArticle/Chapter ViewAbstractPublication PagesmswimConference Proceedingsconference-collections
research-article

Putting together QoS and security in autonomic pervasive systems

Published:20 October 2010Publication History

ABSTRACT

Current pervasive systems tend to consider security and QoS separately, ignoring the influence of each aspect on the other. This paper presents an adaptation model based on selection of component compositions enabling to capture dynamic and fine-grained trade-offs between both QoS and security in those systems. The model is multi-constraints and utility-based, and takes into account computing resources, the perceived risk level, and user preferences. We illustrate through a case study of a typical Beyond 3G adaptive multimedia streaming service how the model may be applied to find the right balance between different QoS and security dimensions.

References

  1. M. Alia, V. Eide, N. Paspallis, F. Eliassen, S. Hallsteinsen, and G. Papadopoulos. A Utility-Based Adaptivity Model for Mobile Applications. In International Conference on Advanced Information Networking and Applications (AINA) Workshops, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. M. Alia, G. Horn, F. Eliassen, M. U. Khan, R. Fricke, and R. Reichle. A Component-based Planning Framework for Adaptive Systems. In International Symposium on Distributed Objects and Applications (DOA), 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. M. Alia and M. Lacoste. A QoS and Security Adaptation Model for Autonomic Pervasive Systems. In International COMPSAC Workshop on Secure Software Engineering (IWSSE), 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. S. Amundsen, K. Lund, C. Griwodz, and P. Halvorsen. QoS-Aware Mobile Middleware for Video Streaming. In EUROMICRO Conference on Software Engineering and Advanced Applications, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. S. Bowers, L. Delcambre, D. Maier, C. Cowan, P. Wagle, D. McNamee, A.-F. Le Meur, and H. Hinton. Applying Adaptation Spaces to Support Quality of Service and Survivability. In DARPA Information Survivability Conference and Exposition (DISCEX), 2000.Google ScholarGoogle Scholar
  6. E. Bruneton, T. Coupaye, M. Leclercq, V. Quéma, and J.-B. Stefani. The Fractal Component Model and its Support in Java. Software - Practice and Experience (SP&E), 36(11-12):1257--1284, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Y. Chen, C. D. Jensen, E. Gray, V. Cahill, and J.-M. Seigneur. A General Risk Assessment of Security in Pervasive Computing, 2003.Google ScholarGoogle Scholar
  8. D. Chess, C. Palmer, and S. White. Security in an Autonomic Computing Environment. IBM Systems Journal, 42(1):107--118, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. E. Dashofy, A. van der Hoek, and R. Taylor. Towards Architecture-Based Self-Healing Systems. In Workshop on Self-healing Systems (WOSS), 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. C. Diaz, S. Seys, J. Claessens, and B. Preneel. Towards Measuring Anonymity. In Privacy Enhancing Technologies Workshop (PET), 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. R. Dingledine, N. Mathewson, and P. Syverson. Tor: The Second-Generation Onion Router. In USENIX Security Symposium, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. V. Eide, F. Eliassen, and J. Michaelsen. Exploiting Content-Based Networking for Fine Granularity Multi-Receiver Video Streaming. In Annual Conference on Multimedia Computing and Networking (MMCN), 2005.Google ScholarGoogle Scholar
  13. S. Eriksén, C. Eliasson, M. Fiedler, S. Chevul, and A. Ekelin. Mapping Service Quality - Measuring and Comparing Quality of Experience and Quality of Service for Internet-Based Map Services. In 30th Information Systems Research Seminar in Scandinavia (IRIS30), Tampere, Finland, 2007.Google ScholarGoogle Scholar
  14. J. Floch, S. Hallsteinsen, E. Stav, F. Eliassen, K. Lund, and E. Gjørven. Using Architecture Models for Runtime Adaptability. IEEE Software, 23(2):62--70, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. A. Ganek and T. Corbi. The Dawning of the Autonomic Computing Era. IBM Systems Journal, 42(1):5--18, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. D. Garlan, S.-W. Cheng, A.-C. Huang, B. Schmerl, and P. Steenkiste. Rainbow: Architecture-Based Self-Adaptation with Reusable Infrastructure. IEEE Computer, 37(10):46--54, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. C. Hager. Context Aware and Adaptive Security for Wireless Networks. PhD thesis, Virginia Polytechnic Institute and State University, 2004.Google ScholarGoogle Scholar
  18. R. He, M. Lacoste, and J. Leneutre. A Policy Management Framework for Self-Protection of Pervasive Systems. In International Conference on Autonomic and Autonomous Systems (ICAS), 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. K.-D. Kang and S. Son. Towards Security and QoS Optimization in Real-Time Embedded Systems. ACM SIGBED Review, 3(1):29--34, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. K. Khan and J. Han. Deriving Systems Level Security Properties of Component-Based Composite Systems. In Australian Software Engineering Conference (ASWEC), 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. A. Kim, J. Luo, and M. Kang. Security Ontology for Annotating Resources. In International Conference on Ontologies, Databases, and Application of Semantics (ODBASE), 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. M. Lacoste, T. Jarboui, and R. He. A Component-Based Policy-Neutral Architecture for Kernel-Level Access Control. Annals of Telecommunications, 64(1-2):121--146, 2008.Google ScholarGoogle Scholar
  23. M. Lacoste, G. Privat, and F. Ramparany. Evaluating Confidence in Context for Context-Aware Security. In European Conference on Ambient Intelligence (AmI), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. M. Reiter and A. Rubin. Crowds: Anonymity for Web Transactions. ACM Transactions on Information and System Security (TISSEC), 1(1), 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. H. Ma, I.-L. Yen, J. Zhou, and K. Cooper. QoS Analysis for Component-Based Embedded Software: Model and Methodology. Journal of Systems Software, 79(6):859--870, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. D. McCullough. Noninterference and the Composability of Security Properties. In IEEE Symposium on Security and Privacy, 1988.Google ScholarGoogle Scholar
  27. F. Mendoza et al. Design of an Enhanced PKI for Ubiquitous Networks. In International Workshop on Secure Ubiquitous Networks (SUN), 2005.Google ScholarGoogle Scholar
  28. L. Mengual, J. Bobadilla, R. Caballero, and G. Hernandez. Design and Testing of Two Secure Video Conferencing Applications Based on JMF (Java Media Framework) and VIC (Video Conferencing Tool). In International Conference on Digital Telecommunications (ICDT), 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. A. Sabelfeld, editor. Workshop on Logical Foundations of an Adaptive Security Infrastructure (WOLFASI), 2004. In conjunction with Workshop on Foundations on Computer Security (FCS).Google ScholarGoogle Scholar
  30. A. Serjantov and G. Danezis. Towards an Information Theoretic Metric for Anonymity. In Privacy Enhancing Technologies Workshop (PET), 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. A. Serjantov, R. Dingledine, and P. Syverson. From a Trickle to a Flood: Active Attacks on Several Mix Types. In Information Hiding Workshop (IH), 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. E. Spyropoulou, T. Levin, and C. Irvine. Calculating Costs for Quality of Security Service. In Annual Computer Security Applications Conference (ACSAC), 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. VoIP Security Alliance (VoIPSA). VoIP Security and Privacy Threat Taxonomy. http://www.voipsa.org/, 2005.Google ScholarGoogle Scholar
  34. S. S. Yau, Y. Yin, and H. G. An. An Adaptive Model for Tradeoff between Service Performance and Security in Service-based Environments. In International Conference on Web Services (ICWS), 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Putting together QoS and security in autonomic pervasive systems

                    Recommendations

                    Reviews

                    Ahmed Patel

                    Quality of service (QoS) is the ability of a set of networked resources-such as network elements, infrastructure devices, host computers, or a myriad of applications-to deliver traffic with minimum delay and maximum availability. Recently, QoS included two elements-secure QoS (or QoS that is secure) and security service QoS-that are services offered against service-level agreements (SLAs). This paper attempts to put these two elements together for pervasive systems and networking, but fails to do so. The main confusion in the paper arises with the repetition of buzzwords and terms, and the lack of accuracy and clarity across several subject domains, such as software engineering, security, autonomic computing, and algorithm analysis. In addition, the keywords are inconsistently used. Difficulty in understanding arises again when one considers other parts of the proposed model, ranging from subjective to primitive objective parameters in the context of multiple constraints, utility-based use of computing resources, perceived risks, and user preferences. This model-an extension of previous work by one of the authors-includes "perceived risk level and limitations in computing resources." The authors offer minimal tangible output or evidence that their system can actually work in a real environment. I would not recommend this paper for understanding QoS. Online Computing Reviews Service

                    Access critical reviews of Computing literature here

                    Become a reviewer for Computing Reviews.

                    Comments

                    Login options

                    Check if you have access through your login credentials or your institution to get full access on this article.

                    Sign in
                    • Published in

                      cover image ACM Conferences
                      Q2SWinet '10: Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks
                      October 2010
                      118 pages
                      ISBN:9781450302753
                      DOI:10.1145/1868630

                      Copyright © 2010 ACM

                      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

                      Publisher

                      Association for Computing Machinery

                      New York, NY, United States

                      Publication History

                      • Published: 20 October 2010

                      Permissions

                      Request permissions about this article.

                      Request Permissions

                      Check for updates

                      Qualifiers

                      • research-article

                      Acceptance Rates

                      Q2SWinet '10 Paper Acceptance Rate16of54submissions,30%Overall Acceptance Rate46of131submissions,35%

                    PDF Format

                    View or Download as a PDF file.

                    PDF

                    eReader

                    View online with eReader.

                    eReader