Abstract
With increasingly complex and heterogeneous systems in pervasive service computing, it becomes more and more important to provide self-protected services to end users. In order to achieve self-protection, the corresponding security should be provided in an optimized manner considering the constraints of heterogeneous devices and networks. In this paper, we present a Genetic Algorithms-based approach for obtaining optimized security configurations at run time, supported by a set of security OWL ontologies and an event-driven framework. This approach has been realized as a prototype for self-protection in the Hydra middleware, and is integrated with a framework for enforcing the computed solution at run time using security obligations. The experiments with the prototype on configuring security strategies for a pervasive service middleware show that this approach has acceptable performance, and could be used to automatically adapt security strategies in the middleware.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Elkhodary, A., Whittle, J.: A survey of approaches to adaptive application security. In: Proc. of the 2007 International Workshop on Software Engineering for Adaptive and Self-Managing Systems, Washington, DC, USA. IEEE C.S, Los Alamitos (2007)
Mitchell, M.: An Introduction to Genetic Algorithms. Bradford Books (1996)
Whitten, A., Tygar, J.D.: Why johnny can’t encrypt: A usability evaluation of pgp 5.0. In: Proceedings of the 8th USENIX Security Symposium (August 1999)
Kramer, J., Magee, J.: Self-Managed Systems: an Architectural Challenge. In: International Conference on Software Engineering, pp. 259–268 (2007)
Eugster, P., Felber, P., Guerraoui, R., Kermarrec, A.: The Many Faces of Publish/Subscribe. ACM Computing Surveys 35(2), 114–131 (2003)
Zhang, W., Hansen, K.M.: Semantic web based self-management for a pervasive service middleware. In: Second IEEE International Conference on Self-Adaptive and Self-Organizing Systems (SASO 2008), Venice, Italy, October 2008, pp. 245–254 (2008)
Ingstrup, M., Hansen, K.M.: Modeling architectural change - architectural scripting and its applications to reconfiguration. In: WICSA/ECSA 2009, Cambridge, England, September 2009. IEEE, Los Alamitos (2009)
Koehler, J., Nebel, B., Hoffmann, J., Dimopoulos, Y.: Extending planning graphs to an adl subset. In: Steel, S. (ed.) ECP 1997. LNCS, vol. 1348, pp. 273–285. Springer, Heidelberg (1997)
Zhang, W., Hansen, K.: An Evaluation of the NSGA-II and MOCell Genetic Algorithms for Self-management Planning in a Pervasive Service Middleware. In: 14th IEEE International Conference on Engineering Complex Computer Systems (ICECCS 2009), pp. 192–201. IEEE Computer Society, Washington (2009)
Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Communications of the ACM 49(9), 39–44 (2006)
FIPA Security: Harmonising heterogeneous security models using an ontological approach. Part of deliverable Agentcities. RTD, Deliverable D3.4 (2003)
Naval Research Lab: NRL Security Ontology (2007), http://chacs.nrl.navy.mil/projects/4SEA/ontology.html
Zitzler, E., Thiele, L.: Multiobjective evolutionary algorithms: a comparative case study and the strength Pareto approach. IEEE transactions on Evolutionary Computation 3(4), 257–271 (1999)
Knight, J., Heimbigner, D., Wolf, A.L., Carzaniga, A., et al.: The Willow Architecture: Comprehensive Survivability for Large-Scale Distributed Applications, Technical Report CU-CS-926-01, University of Colorado
Ryutov, T., Zhou, L., Neuman, C., Leithead, T., Seamons, K.E.: Adaptive trust negotiation and access control. In: SACMAT 2005: Proceedings of the tenth ACM symposium on Access control models and technologies, pp. 139–146. ACM, New York (2005)
Capra, L., Emmerich, W., Mascolo, C.: CARISMA: Context-Aware Reflective mIddleware System for Mobile Applications. IEEE Transactions on Software Engineering, 929–945 (2003)
Twidle, K., Dulay, N., Lupu, E., Sloman, M.: Ponder2: A policy system for autonomous pervasive environments. In: The Fifth International Conference on Autonomic and Autonomous Systems (ICAS) (April 2009)
Dasgupta, D.: Advances in artificial immune systems. IEEE Computational Intelligence Magazine 1(4), 40–49 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, W., Schütte, J., Ingstrup, M., Hansen, K.M. (2009). A Genetic Algorithms-Based Approach for Optimized Self-protection in a Pervasive Service Middleware. In: Baresi, L., Chi, CH., Suzuki, J. (eds) Service-Oriented Computing. ServiceWave ICSOC 2009 2009. Lecture Notes in Computer Science, vol 5900. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10383-4_29
Download citation
DOI: https://doi.org/10.1007/978-3-642-10383-4_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10382-7
Online ISBN: 978-3-642-10383-4
eBook Packages: Computer ScienceComputer Science (R0)