lnu.sePublications
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Framework for Secure Structural Adaptation
Linnaeus University, Faculty of Technology, Department of computer science and media technology (CM).
2018 (English)Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

A (self-) adaptive system is a system that can dynamically adapt its behavior or structure during execution to "adapt" to changes to its environment or the system itself. From a security standpoint, there has been some research pertaining to (self-) adaptive systems in general but not enough care has been shown towards the adaptation itself. Security of systems can be reasoned about using threat models to discover security issues in the system. Essentially that entails abstracting away details not relevant to the security of the system in order to focus on the important aspects related to security. Threat models often enable us to reason about the security of a system quantitatively using security metrics. The structural adaptation process of a (self-) adaptive system occurs based on a reconfiguration plan, a set of steps to follow from the initial state (configuration) to the final state. Usually, the reconfiguration plan consists of multiple strategies for the structural adaptation process and each strategy consists of several steps steps with each step representing a specific configuration of the (self-) adaptive system. Different reconfiguration strategies have different security levels as each strategy consists of a different sequence configuration with different security levels. To the best of our knowledge, there exist no approaches which aim to guide the reconfiguration process in order to select the most secure available reconfiguration strategy, and the explicit security of the issues associated with the structural reconfiguration process itself has not been studied. In this work, based on an in-depth literature survey, we aim to propose several metrics to measure the security of configurations, reconfiguration strategies and reconfiguration plans based on graph-based threat models. Additionally, we have implemented a prototype to demonstrate our approach and automate the process. Finally, we have evaluated our approach based on a case study of our making. The preliminary results tend to expose certain security issues during the structural adaptation process and exhibit the effectiveness of our proposed metrics.

Place, publisher, year, edition, pages
2018. , p. 86
Keywords [en]
Self-Adaptive System, Adaptive System, Security, Threat Models, Security Metrics, Structural Adaptation, Reconfiguration Plan, Security Level, Graph-based Threat Models, Dynamic Reconfiguration, Structural Reconfiguration, Attack Graphs, T-HARM, Attack Trees, Attack Graphs Generation, MulVAL
National Category
Computer Sciences Computer Systems
Identifiers
URN: urn:nbn:se:lnu:diva-78658OAI: oai:DiVA.org:lnu-78658DiVA, id: diva2:1263858
Subject / course
Computer Science
Educational program
Software Technology Programme, Master Programme, 60 credits
Presentation
2018-09-26, D1173A, P G Vejdes väg, 351 95 Växjö, 10:50 (English)
Supervisors
Examiners
Available from: 2018-11-19 Created: 2018-11-16 Last updated: 2018-11-19Bibliographically approved

Open Access in DiVA

A Framework for Secure Structural Adaptation(2571 kB)22 downloads
File information
File name FULLTEXT01.pdfFile size 2571 kBChecksum SHA-512
31a9eec2ad73281f5a20348e6e51c1f77a75957cc134f4bd7d272042ae1f9d01147f965689785d6f81bc1f641a43cf3b97bdff8ec8d70e260a7d903449f9ce86
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Saman Nariman, Goran
By organisation
Department of computer science and media technology (CM)
Computer SciencesComputer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 22 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 177 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf