Skip to main content
Kent Academic Repository

Requirements and Specifications for Adaptive Security: Concepts and Analysis

Tun, T. T., Yang, M., Bandara, A. K., Yu, Y., Nhlabatsi, A., Khan, N., Khan, K. M., Nuseibeh, B. (2018) Requirements and Specifications for Adaptive Security: Concepts and Analysis. In: 13th International Symposium on Software Engineering for Adaptive and Self-Managing Systems. SEAMS '18 . 161–171. Association for Computing Machinery, New York, NY, USA ISBN 978-1-4503-5715-9. (doi:10.1145/3194133.3194155) (The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided) (KAR id:89595)

The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided. (Contact us about this Publication)
Official URL:
http://dx.doi.org/10.1145/3194133.3194155

Abstract

In an adaptive security-critical system, security mechanisms change according to the type of threat posed by the environment. Specifying the behavior of these systems is difficult because conditions of the environment are difficult to describe until the system has been deployed and used for a length of time. This paper defines the problem of adaptation in security-critical systems, and outlines the RELAIS approach for expressing requirements and specifying the behavior in a way that helps identify the need for adaptation, and the appropriate adaptation behavior at runtime. The paper introduces the notion of adaptation via input approximation and proposes statistical machine learning techniques for realizing it. The approach is illustrated with a running example and is applied to a realistic security example from a cloud-based file-sharing application. Bayesian classification and logistic regression methods are used to implement adaptive specifications and these methods offer different levels of adaptive security and usability in the file-sharing application.

Item Type: Conference or workshop item (Paper)
DOI/Identification number: 10.1145/3194133.3194155
Uncontrolled keywords: self-adaptation, security requirements
Subjects: H Social Sciences
Divisions: Divisions > Kent Business School - Division > Department of Marketing, Entrepreneurship and International Business
Depositing User: Mu Yang
Date Deposited: 03 Aug 2021 09:39 UTC
Last Modified: 04 Aug 2021 10:16 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/89595 (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.