Deakin University
Browse

File(s) under permanent embargo

Adaptive security for software systems

chapter
posted on 2017-01-01, 00:00 authored by Mohamed AbdelrazekMohamed Abdelrazek, John Grundy, Amani Ibrahim
With continuously changing operational and business needs, system security is one of the key system capabilities that need to be updated as well. Most security engineering efforts focus on engineering security requirements of software systems at design time and existing adaptive security engineering efforts require complex design-time preparation. In this chapter we discuss the needs for adaptive software security, and key efforts in this area. We then introduce a new runtime adaptive security engineering approach, which enables adapting software security capabilities at runtime based on new security objectives, risks/threats, requirements as well as newly reported vulnerabilities. We categorize the source of adaptation in terms of manual adaptation (managed by end users), and automated adaption (automatically triggered by the platform). The new platform makes use of new ideas we built for vulnerability analysis, security engineering using aspect-oriented programming, and model-driven engineering techniques.

History

Title of book

Managing trade-offs in adaptable software architectures

Chapter number

5

Pagination

99 - 127

Publisher

Morgan Kaufmann

Place of publication

Burlington, Mass.

ISBN-13

9780128028551

Language

eng

Publication classification

B Book chapter; B1 Book chapter

Copyright notice

2017, Elsevier

Extent

14

Editor/Contributor(s)

I Mistrik, N Ali, J Grundy, R Kazman, B Schmerl

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC