Adaptive security for software systems

With continuously changing operational and business needs, system security is one of the key system capabilities that need to be updated as well. Most security engineering efforts focus on engineering security requirements of software systems at design time and existing adaptive security engineering efforts require complex design-time preparation. In this chapter we discuss the needs for adaptive software security, and key efforts in this area. We then introduce a new runtime adaptive security engineering approach, which enables adapting software security capabilities at runtime based on new security objectives, risks/threats, requirements as well as newly reported vulnerabilities. We categorize the source of adaptation in terms of manual adaptation (managed by end users), and automated adaption (automatically triggered by the platform). The new platform makes use of new ideas we built for vulnerability analysis, security engineering using aspect-oriented programming, and model-driven engineering techniques.

Adaptable, model-driven security engineering for SaaS cloud-based applications

Software-as-a-service (SaaS) multi-tenancy in cloud-based applications helps service providers to save cost, improve resource utilization, and reduce service customization and maintenance time. This is achieved by sharing of resources and service instances among multiple "tenants" of the cloud-hosted application. However, supporting multi-tenancy adds more complexity to SaaS applications required capabilities. Security is one of these key requirements that must be addressed when engineering multi-tenant SaaS applications. The sharing of resources among tenants - i.e. multi-tenancy - increases tenants' concerns about the security of their cloud-hosted assets. Compounding this, existing traditional security engineering approaches do not fit well with the multi-tenancy application model where tenants and their security requirements often emerge after the applications and services were first developed. The resultant applications do not usually support diverse security capabilities based on different tenants' needs, some of which may change at run-time i.e. after cloud application deployment. We introduce a novel model-driven security engineering approach for multi-tenant, cloud-hosted SaaS applications. Our approach is based on externalizing security from the underlying SaaS application, allowing both application/service and security to evolve at runtime. Multiple security sets can be enforced on the same application instance based on different tenants' security requirements. We use abstract models to capture service provider and multiple tenants' security requirements and then generate security integration and configurations at runtime. We use dependency injection and dynamic weaving via Aspect-Oriented Programming (AOP) to integrate security within critical application/service entities at runtime. We explain our approach, architecture and implementation details, discuss a usage example, and present an evaluation of our approach on a set of open source web applications.

Security from the transparent computing aspect

Transparent computing is an emerging computing paradigm where the users can enjoy any kind of service over networks on-demand with any devices, without caring about the underlying deployment details. In transparent computing, all software resources (even the OS) are stored on remote servers, from which the clients can request the resources for local execution in a block-streaming way. This paradigm has many benefits including cross-platform experience, user orientation, and platform independence. However, due to its fundamental features, e.g., separation of computation and storage in clients and servers respectively, and block-streaming-based scheduling and execution, transparent computing faces many new security challenges that may become its biggest obstacle. In this paper, we propose a Transparent Computing Security Architecture (TCSA), which builds user-controlled security for transparent computing by allowing the users to configure the desired security environments on demand. We envision, TCSA, which allows the users to take the initiative to protect their own data, is a promising solution for data security in transparent computing. © 2014 IEEE.

An approach to search and exploration through mixed-initiative

Generative design environments need support for human intervention as well as sound computational formalisms. A systematic approach to integrating the two, formal generation and the exploratory, is lacking. In this paper, we posit the possibility of a design support system that combines formal search with user driven exploration. Our approach is to cast the interaction between the user and the generative formalism as agent collaboration in a mixed-initiative environment. We describe the role of interaction and agency in an experimental mixed-initiative design support system, FOLDS and demonstrate its application.

A formal model of mixed-initiative interaction in design exploration

Computer-based environments for supporting design are complex software artifacts. These tools need to use sound computational formalisms as well as address issues of human usability. The development of interactive and usable generative systems is a significant research area in design computation. Though classical search techniques play a central role in the generative kernels of these "closed-world" systems, the open-ended exploration of design spaces is the desirable goal. In this paper, we present a formal model of exploration that combines search with user driven exploration. We describe the role of interaction and agency in an experimental mixed-initiative design support system.

IUCN red list of ecosystems

We begin by briefly examining the achievements of the IUCN Red List of Threatened Species, and offering it as the model and motivator for the creation of the IUCN Red List of Ecosystems (RLE). The history of the RLE concept within IUCN is briefly summarized, from the first attempt to formally establish an RLE in 1996 to the present. Major activities since 2008, when the World Conservation Congress initiated a "consultation process for the development, implementation and monitoring of a global standard for the assessment of ecosystem status, applicable at local, regional and global levels," have included: Development of a research agenda for strengthening the scientific foundations of the RLE, publication of preliminary categories and criteria for examination by the scientific and conservation community, dissemination of the effort widely by presenting it at workshops and conferences around the world, and encouraging tests of the system for a diversity of ecosystem types and in a variety of institutional settings. Between 2009 and 2012, the Red List of Ecosystems Thematic Group of the IUCN Commission on Ecosystem Management organized 18 workshops and delivered 17 conferences in 20 countries on 5 continents, directly reaching hundreds of participants. Our vision for the future includes the integration of the RLE to the other three key IUCN knowledge products (IUCN Red List of Threatened Species, World Database on Protected Areas and Key Biodiversity Areas), in an on-line, user-driven, freely-accessible information management system for performing biodiversity assessments. In addition we wish to pilot the integration of the RLE into land/water use planning and macro-economic planning. Fundamental challenges for the future include: Substantial expansion in existing institutional and technical capacity (especially in biodiversity-rich countries in the developing world), progressive assessment of the status of all terrestrial, freshwater, marine and subterranean ecosystems, and development of a map of the ecosystems of the world. Our ultimate goal is that national, regional and global RLEs are used to inform conservation and land/water use decision-making by all sectors of society. © Author(s) 2012.

Request-driven cross-media content adaptation technique

Devices, standards and software develop rapidly, but still often independently of each other. This creates problems in terms of content suitability on various devices. Also, in mobile environment, user and system-level applications must execute subject to a variety of resource constraints. In order to deal with these constraints, content adaptation is required. In this chapter, we justify the need of distributed cross media content adaptation and the potential of utilizing Web Services as the adaptation providers. We introduce request-driven context to complement constraint-driven and utility-driven approaches. We describe the request context mapping and propose a novel path’s determination scheme for determining the optimal service proxies to facilitate the adaptation tasks. To better illustrate the disjoint portions in content passing between service proxies, two communication models were associated. Then, within Web Services, we explain the related protocols and socket connection between adaptation’s services. We conclude with discussion regarding the strengths of the proposed architecture.

Supporting user evaluation of IT security certification schemes

IT Security Certification is an increasingly important qualification for information technology (IT) professionals seeking employment in IT security. Yet currently there is a lack of rigorously developed approaches to support the evaluation and selection by key stakeholders of the most appropriate IT security certification scheme from among hundreds of vendor-neutral and vendor-specific schemes. This paper develops a framework based on categories, characteristics and criteria to support user evaluation and selection of an (IT) Security Certification scheme that satisfies user priorities and requirements. The paper illustrates the use of the framework to support an experienced IT Professional’s evaluation. Theoretical and practical implications of the framework and trial evaluation are discussed.

User preference of cyber security awareness delivery methods

Operating systems and programmes are more protected these days and attackers have shifted their attention to human elements to break into the organisation's information systems. As the number and frequency of cyber-attacks designed to take advantage of unsuspecting personnel are increasing, the significance of the human factor in information security management cannot be understated. In order to counter cyber-attacks designed to exploit human factors in information security chain, information security awareness with an objective to reduce information security risks that occur due to human related vulnerabilities is paramount. This paper discusses and evaluates the effects of various information security awareness delivery methods used in improving end-users’ information security awareness and behaviour. There are a wide range of information security awareness delivery methods such as web-based training materials, contextual training and embedded training. In spite of efforts to increase information security awareness, research is scant regarding effective information security awareness delivery methods. To this end, this study focuses on determining the security awareness delivery method that is most successful in providing information security awareness and which delivery method is preferred by users. We conducted information security awareness using text-based, game-based and video-based delivery methods with the aim of determining user preferences. Our study suggests that a combined delivery methods are better than individual security awareness delivery method.

Development of organizational internet security policy: a holistic approach

This chapter describes a general framework for developing organizational internet security policy. A model of internet security risks for an internet user organization is proposed. The framework utilizes this model, as well as a holistic approach, to develop the organization's internet security policy. A hierarchy of sub-policies for the internet security policy is also suggested. This chapter presents findings from part of a wider investigation into internet security policy.

Security in the online e-learning environment

This paper addresses the role of security in the collaborative e-learning environment, and in particular, the social aspects of security and the importance of identity. It represents a case study, completed in Nov 2004, which was conducted to test the sense of security that students experienced whilst using the wiki platform as a means of online collaboration in the tertiary education environment. Wikis, fully editable Web sites, are easily accessible, require no software and allow its contributors (in this case students) to feel a sense of responsibility and ownership. A comparison between two wiki studies will be made whereby one group employed user login and the other maintained anonymity throughout the course of the study. The results consider the democratic participation and evolution of the work requirements over time, which in fact ascertains the nonvalidity of administrative identification.

User perceptions and acceptance of benevolent worms - a matter of fear?

Worms and other forms of malware have been considered by IT Security firms and large companies for many years as one of the leading threats to the integrity of their data and security. However, several researchers over recent years have been working on creating worms which, instead of causing harm to machines which they infect, or the networks on which the machines reside, actually aid the network and systems administrators. Several uses of these worms have been proposed by these researchers, including, but not limited to, rapid remote patching of machines, network and system administration through use of their unique discovery and propagation methods, actively hunting, and defending against, other forms of malware such as "malevolent" worms, viruses, spyware, as well as increasing reliable communication of nodes in distributed computing. However, there has been no hint of commercial adoption of these worms, which one researcher has described as being due to a fear factor'. This paper concentrates on assessing and delivering the findings of user attitudes towards these worms in an attempt to find out how users feel about these worms, and to try and define and overcome the factors which might contribute to the fear factor'.

Mining inconsistent secure messages toward analyzing security protocols

Traditional approaches such as theorem proving and model checking have been successfully used to analyze security protocols. Ideally, they assume the data communication is reliable and require the user to predetermine authentication goals. However, missing and inconsistent data have been greatly ignored, and the increasingly complicated security protocol makes it difficult to predefine such goals. This paper presents a novel approach to analyze security protocols using association rule mining. It is able to not only validate the reliability of transactions but also discover potential correlations between secure messages. The algorithm and experiment demonstrate that our approaches are useful and promising.