Prometheus: Um Serviço de Segurança Adaptativa
Abstract
We propose Prometheus, an Adaptive Security Service that provides facilities to dynamic adaptation of security controls used to mitigate risks and to dynamic adaptation of adaptation policies. These adaptations are driven by context changes and guided by predefined policies. The main contribution of this work is to provide runtime adaptation of security controls and of adaptation policies for ubiquitous applications executing in mobile devices, thus ensuring availability, confidentiality and integrity of these applications.
References
Canal, C., Murillo, J.M., Poizat, P. (2006) “Software Adaptation”. L’Objet, 12(1), 2006. Special Issue on WCAT’04.
Chunxiao Chigan Leiyuan Li Yinghua Ye (2005) “Resource-aware self-adaptive security provisioning in mobile ad hoc networks”, Anais da IEEE 2005 Wireless Communications and Networking Conference, WCNC 2005, pps 2118 2124 Vol. 4, USA.
Dey, A. et al (2000) “The Context Toolkit: Aiding the Development of Context-Aware Applications”. Workshop on Software Engineering for Wearable and Pervasive Computing, Limerick, Ireland, June 6, 2000.
Doomun, M et al (2007) “Adaptive IEEE 802.11i Security for Energy-Security Optimization”, Anais da The Third Advanced International Conference on Telecommunications, AICT 2007, pps 38-38, Mauritius.
Elkhodary et al (2007) “Survey of Approaches to Adaptive Application Security”, Anais do International Workshop on Software Engineering for Adaptive and Self-Managing Systems, 2007, ICSE Workshops SEAMS '07, pps 16 16, USA.
Hoh, S et al (2006) “Context-aware systems, 2006 a primer for user-centred services”. BT Technology Journal, Volume 24, Issue 2 (April 2006), pp. 186 – 194, Kluwer Academic Publishers Hingham, MA, USA.
Hinton, H. et al (1999) “SAM: Security Adaptation Manager”, Anais da 15th Annual Computer Security Applications Conference, ACSAC '99, pps 361 – 370, Scottsdale, AZ.
Izquierdo Antonio et al (2007) “Providing Security for Digital Ecosystems with Adaptative Encryption”, Digital EcoSystems and Technologies Conference, DEST '07. pps 329 – 333, Australia.
Sacramento, V. et al., MoCA (2004) “A Middleware for Developing Collaborative Applications for Mobile Users”, ACM/IFIP/USENIX International Middleware Conference.
Springer T et al (2006) “Middleware Support for Context-Awareness in 4G”, International Workshop on Wireless Mobile Multimedia archive, Proceedings of the 2006 International Symposium on World of Wireless, Mobile and Multimedia Networks Environments, pps 203 – 211, IEEE Computer Society
Ylonen, T (2006) RFC 4251 The Secure Shell (SSH) Protocol Architecture.
Weiser M. (1991) “The Computer for the Twenty-First Century” Scientific American.
J. Zhang et al (2004) “Adding safeness to dynamic adaptation techniques”, in Proceedings of the ICSE 2004 Workshop on Architecting Dependable Systems, 2004.
J. Zhang et al (2005) “Enabling safe dynamic component-based software adaptation”, in Architecting Dependable Systems III, Springer Lecture Notes for Computer Science (A. R. Rogério de Lemos, Cristina Gacek, ed.), Springer-Verlag, 2005.
J. Zhang et al (2006) “Model-Based Development of Dynamically Adaptive Software” IEEE International Conference on Software Engineering (ICSE06), China, May 2006. IEEE.
Chunxiao Chigan Leiyuan Li Yinghua Ye (2005) “Resource-aware self-adaptive security provisioning in mobile ad hoc networks”, Anais da IEEE 2005 Wireless Communications and Networking Conference, WCNC 2005, pps 2118 2124 Vol. 4, USA.
Dey, A. et al (2000) “The Context Toolkit: Aiding the Development of Context-Aware Applications”. Workshop on Software Engineering for Wearable and Pervasive Computing, Limerick, Ireland, June 6, 2000.
Doomun, M et al (2007) “Adaptive IEEE 802.11i Security for Energy-Security Optimization”, Anais da The Third Advanced International Conference on Telecommunications, AICT 2007, pps 38-38, Mauritius.
Elkhodary et al (2007) “Survey of Approaches to Adaptive Application Security”, Anais do International Workshop on Software Engineering for Adaptive and Self-Managing Systems, 2007, ICSE Workshops SEAMS '07, pps 16 16, USA.
Hoh, S et al (2006) “Context-aware systems, 2006 a primer for user-centred services”. BT Technology Journal, Volume 24, Issue 2 (April 2006), pp. 186 – 194, Kluwer Academic Publishers Hingham, MA, USA.
Hinton, H. et al (1999) “SAM: Security Adaptation Manager”, Anais da 15th Annual Computer Security Applications Conference, ACSAC '99, pps 361 – 370, Scottsdale, AZ.
Izquierdo Antonio et al (2007) “Providing Security for Digital Ecosystems with Adaptative Encryption”, Digital EcoSystems and Technologies Conference, DEST '07. pps 329 – 333, Australia.
Sacramento, V. et al., MoCA (2004) “A Middleware for Developing Collaborative Applications for Mobile Users”, ACM/IFIP/USENIX International Middleware Conference.
Springer T et al (2006) “Middleware Support for Context-Awareness in 4G”, International Workshop on Wireless Mobile Multimedia archive, Proceedings of the 2006 International Symposium on World of Wireless, Mobile and Multimedia Networks Environments, pps 203 – 211, IEEE Computer Society
Ylonen, T (2006) RFC 4251 The Secure Shell (SSH) Protocol Architecture.
Weiser M. (1991) “The Computer for the Twenty-First Century” Scientific American.
J. Zhang et al (2004) “Adding safeness to dynamic adaptation techniques”, in Proceedings of the ICSE 2004 Workshop on Architecting Dependable Systems, 2004.
J. Zhang et al (2005) “Enabling safe dynamic component-based software adaptation”, in Architecting Dependable Systems III, Springer Lecture Notes for Computer Science (A. R. Rogério de Lemos, Cristina Gacek, ed.), Springer-Verlag, 2005.
J. Zhang et al (2006) “Model-Based Development of Dynamically Adaptive Software” IEEE International Conference on Software Engineering (ICSE06), China, May 2006. IEEE.
Published
2008-09-01
How to Cite
PIRMEZ, Marcos; PIRMEZ, Luci; CARMO, Luis Fernando Rust da Costa; DELICATO, Flávia C.; PIRES, Paulo F.; SOUSA, Edson Barbosa de.
Prometheus: Um Serviço de Segurança Adaptativa. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 8. , 2008, Gramado.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2008
.
p. 229-242.
DOI: https://doi.org/10.5753/sbseg.2008.20900.
