File(s) under permanent embargo
Adaptive security for software systems
chapter
posted on 2017-01-01, 00:00 authored by Mohamed AbdelrazekMohamed Abdelrazek, John Grundy, Amani IbrahimWith continuously changing operational and business needs, system security is one of the key system capabilities that need to be updated as well. Most security engineering efforts focus on engineering security requirements of software systems at design time and existing adaptive security engineering efforts require complex design-time preparation. In this chapter we discuss the needs for adaptive software security, and key efforts in this area. We then introduce a new runtime adaptive security engineering approach, which enables adapting software security capabilities at runtime based on new security objectives, risks/threats, requirements as well as newly reported vulnerabilities. We categorize the source of adaptation in terms of manual adaptation (managed by end users), and automated adaption (automatically triggered by the platform). The new platform makes use of new ideas we built for vulnerability analysis, security engineering using aspect-oriented programming, and model-driven engineering techniques.
History
Title of book
Managing trade-offs in adaptable software architecturesChapter number
5Pagination
99 - 127Publisher
Morgan KaufmannPlace of publication
Burlington, Mass.Publisher DOI
ISBN-13
9780128028551Language
engPublication classification
B Book chapter; B1 Book chapterCopyright notice
2017, ElsevierExtent
14Editor/Contributor(s)
I Mistrik, N Ali, J Grundy, R Kazman, B SchmerlUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC