Skip to main content

Challenges in Engineering Self-adaptive Authorisation Infrastructures

Montrieux, Lionel and de Lemos, Rogerio and Bailey, Christopher (2019) Challenges in Engineering Self-adaptive Authorisation Infrastructures. In: Yu, Y. and Bandara, A. and Honiden, S. and Hu, Z. and Tamai, T. and Muller, H. and Mylopoulos, J. and Nuseibeh, B., eds. Engineering Adaptive Software Systems: Communications of NII Shonan Meetings. Springer, pp. 57-94. ISBN 978-981-1321-85-6. (doi:10.1007/978-981-13-2185-6) (Access to this publication is currently restricted. You may be able to access a copy if URLs are provided)

PDF
Restricted to Repository staff only
Contact us about this Publication
[img]
Official URL
http://dx.doi.org/10.1007/978-981-13-2185-6

Abstract

As organisations expand and interconnect, authorisation infrastructures become increasingly difficult to manage. Several solutions have been proposed, including self-adaptive authorisation, where the access control policies are dynamically adapted at run-time to respond to misuse and malicious behaviour. The ultimate goal of self-adaptive authorisation is to reduce human intervention, make authorisation infrastructures more responsive to malicious behaviour. In this chapter, we scope and define the emerging area of self-adaptive authorisation by describing some of its developments, trends and challenges. For that, we start by identifying key concepts related to access control and authorisation infrastructures, and provide a brief introduction to self-adaptive software systems, which provides the foundation for investigating how self-adaptation can enable the enforcement of authorisation policies. The outcome of this study is the identification of several technical challenges related to self-adaptive authorisation, which are classified according to the different stages of a feedback control loop.

Item Type: Book section
DOI/Identification number: 10.1007/978-981-13-2185-6
Uncontrolled keywords: internal threats, self-adaptive authorisation infrastructures, self-protection, access control models
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Sciences > School of Computing
Faculties > Sciences > School of Computing > Security Group
Depositing User: Rogerio de Lemos
Date Deposited: 15 May 2018 10:56 UTC
Last Modified: 17 Mar 2020 16:37 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/67031 (The current URI for this page, for reference purposes)
de Lemos, Rogerio: https://orcid.org/0000-0002-0281-6308
  • Depositors only (login required):

Downloads

Downloads per month over past year