Policy-Driven Adaptive Protection Systems.
MetadataShow full item record
The increasing number and complexity of security attacks on IT infrastructure demands for the development of protection systems capable of dealing with the security challenges of today’s highly dynamic environments. Several converging trends including mobilisation, externalisation and collaboration, virtualisation, and cloud computing are challenging traditional silo approaches to providing security. IT security policies should be considered as being inherently dynamic and flexible enough to trigger decisions efficiently and effectively taking into account not only the current execution environment of a protection system and its runtime contextual factors, but also dynamically changing the security requirements introduced by external entities in the operational environment. This research is motivated by the increasing need for security systems capable of supporting security decisions in dynamic operational environments and advocates for a policy-driven adaptive security approach. The first main contribution of this thesis is to articulate the property of specialisation in adaptive software systems and propose a novel methodological framework for the realisation of policy-driven adaptive systems capable of specialisation via adaptive policy transformation. Furthermore, this thesis proposes three distinctive novel protection mechanisms, all three mechanisms exhibit adaptation via specialisation, but each one presenting its own research novelty in its respective field. They are: 1. A Secure Execution Context Enforcement based on Activity Detection; 2. Privacy and Security Requirements Enforcement Framework in Internet-Centric Services; 3. A Context-Aware Multifactor Authentication Scheme Based On Dynamic Pin. 3 Along with a comprehensive study of the state of the art in policy based adaptive systems and a comparative analysis of those against the main objectives of the framework this thesis proposes, these three protection mechanisms serve as a foundation and experimental work from which core characteristics, methods, components, and other elements are analysed in detail towards the investigation and the proposition of the methodological framework presented in this thesis.
AuthorsDiaz Tellez, Yair Hernando
- Theses