Adaptive security in smart spaces

Dissertation

Antti Evesti

Research output: ThesisDissertationCollection of Articles

Abstract

Smart spaces - like smart homes, smart offices and smart cities - exploit various resources in order to offer enriched services and information for the end users. Achieving security in such a dynamic and heterogeneous environment with pre-defined and static security mechanisms is a challenging task. Hence, solutions for self-adaptive security are needed. Self-adaptive security is able to automatically select security mechanisms and their parameters at runtime in order to preserve the required security level in a changing environment. The research problem of the dissertation is how to achieve security adaptation in a smart-space application. For this dissertation, architecture and knowledge base objectives were set. The objectives were satisfied with security-adaptation architecture that contains an adaptation loop and an ontology-based knowledge base for security. The adaptation loop conforms to the Monitor, Analyse, Plan, Execute and Knowledge (MAPE-K) model, which is a widely applied reference model in autonomic computing. The ontology-based knowledge base offers input knowledge for security adaptation. The research was carried using five cases, which iteratively developed the architecture and the knowledge base for security adaptation. The contributions of the dissertation are: Firstly, reusable adaptation architecture for security is presented. The architecture strictly conforms to the MAPE-K reference model and defines all phases in it. Moreover, the architecture is the first that specifically separates security knowledge from the adaptation loop. Secondly, the architecture supports the utilisation of security measures to recognise an adaptation need. Security measures are presented by means of a three-level structure in order to achieve systematic monitoring. Due to the suggested architecture, it is possible to reuse and extend the defined security measures. Thirdly, this is the first time that an ontology has been applied for security adaptation. Hence, the Information Security Measuring Ontology (ISMO) acts as the knowledge base for the security adaptation. The ISMO is applicable at design-time and runtime alike. At design-time, the ISMO offers knowledge for the software architect, in order to design an application with security-adaptation features. In contrast, the application searches knowledge from the ISMO at runtime, in order to automatically perform the security adaptation. Utilising the ontology as a knowledge base ensures that the knowledge is presented in a reusable and extensible form. Moreover, the application does not need hard-coded adaptation knowledge.
Original languageEnglish
QualificationDoctor Degree
Awarding Institution
  • University of Oulu
Supervisors/Advisors
  • Riekki, Jukka, Supervisor, External person
Award date31 Jan 2014
Place of PublicationEspoo
Publisher
Print ISBNs978-951-38-8113-9
Electronic ISBNs978-951-38-8114-6
Publication statusPublished - 2013
MoE publication typeG5 Doctoral dissertation (article)

Fingerprint

Ontology
Security of data
Space applications
Monitoring

Keywords

  • architecture
  • security measuring
  • ontology
  • knowledge base
  • self-adaptive

Cite this

Evesti, A. (2013). Adaptive security in smart spaces: Dissertation. Espoo: VTT Technical Research Centre of Finland.
Evesti, Antti. / Adaptive security in smart spaces : Dissertation. Espoo : VTT Technical Research Centre of Finland, 2013. 198 p.
@phdthesis{ab57c9402cfc477c86a19688c884f2b0,
title = "Adaptive security in smart spaces: Dissertation",
abstract = "Smart spaces - like smart homes, smart offices and smart cities - exploit various resources in order to offer enriched services and information for the end users. Achieving security in such a dynamic and heterogeneous environment with pre-defined and static security mechanisms is a challenging task. Hence, solutions for self-adaptive security are needed. Self-adaptive security is able to automatically select security mechanisms and their parameters at runtime in order to preserve the required security level in a changing environment. The research problem of the dissertation is how to achieve security adaptation in a smart-space application. For this dissertation, architecture and knowledge base objectives were set. The objectives were satisfied with security-adaptation architecture that contains an adaptation loop and an ontology-based knowledge base for security. The adaptation loop conforms to the Monitor, Analyse, Plan, Execute and Knowledge (MAPE-K) model, which is a widely applied reference model in autonomic computing. The ontology-based knowledge base offers input knowledge for security adaptation. The research was carried using five cases, which iteratively developed the architecture and the knowledge base for security adaptation. The contributions of the dissertation are: Firstly, reusable adaptation architecture for security is presented. The architecture strictly conforms to the MAPE-K reference model and defines all phases in it. Moreover, the architecture is the first that specifically separates security knowledge from the adaptation loop. Secondly, the architecture supports the utilisation of security measures to recognise an adaptation need. Security measures are presented by means of a three-level structure in order to achieve systematic monitoring. Due to the suggested architecture, it is possible to reuse and extend the defined security measures. Thirdly, this is the first time that an ontology has been applied for security adaptation. Hence, the Information Security Measuring Ontology (ISMO) acts as the knowledge base for the security adaptation. The ISMO is applicable at design-time and runtime alike. At design-time, the ISMO offers knowledge for the software architect, in order to design an application with security-adaptation features. In contrast, the application searches knowledge from the ISMO at runtime, in order to automatically perform the security adaptation. Utilising the ontology as a knowledge base ensures that the knowledge is presented in a reusable and extensible form. Moreover, the application does not need hard-coded adaptation knowledge.",
keywords = "architecture, security measuring, ontology, knowledge base, self-adaptive",
author = "Antti Evesti",
note = "Project code: 79314",
year = "2013",
language = "English",
isbn = "978-951-38-8113-9",
series = "VTT Science",
publisher = "VTT Technical Research Centre of Finland",
number = "50",
address = "Finland",
school = "University of Oulu",

}

Evesti, A 2013, 'Adaptive security in smart spaces: Dissertation', Doctor Degree, University of Oulu, Espoo.

Adaptive security in smart spaces : Dissertation. / Evesti, Antti.

Espoo : VTT Technical Research Centre of Finland, 2013. 198 p.

Research output: ThesisDissertationCollection of Articles

TY - THES

T1 - Adaptive security in smart spaces

T2 - Dissertation

AU - Evesti, Antti

N1 - Project code: 79314

PY - 2013

Y1 - 2013

N2 - Smart spaces - like smart homes, smart offices and smart cities - exploit various resources in order to offer enriched services and information for the end users. Achieving security in such a dynamic and heterogeneous environment with pre-defined and static security mechanisms is a challenging task. Hence, solutions for self-adaptive security are needed. Self-adaptive security is able to automatically select security mechanisms and their parameters at runtime in order to preserve the required security level in a changing environment. The research problem of the dissertation is how to achieve security adaptation in a smart-space application. For this dissertation, architecture and knowledge base objectives were set. The objectives were satisfied with security-adaptation architecture that contains an adaptation loop and an ontology-based knowledge base for security. The adaptation loop conforms to the Monitor, Analyse, Plan, Execute and Knowledge (MAPE-K) model, which is a widely applied reference model in autonomic computing. The ontology-based knowledge base offers input knowledge for security adaptation. The research was carried using five cases, which iteratively developed the architecture and the knowledge base for security adaptation. The contributions of the dissertation are: Firstly, reusable adaptation architecture for security is presented. The architecture strictly conforms to the MAPE-K reference model and defines all phases in it. Moreover, the architecture is the first that specifically separates security knowledge from the adaptation loop. Secondly, the architecture supports the utilisation of security measures to recognise an adaptation need. Security measures are presented by means of a three-level structure in order to achieve systematic monitoring. Due to the suggested architecture, it is possible to reuse and extend the defined security measures. Thirdly, this is the first time that an ontology has been applied for security adaptation. Hence, the Information Security Measuring Ontology (ISMO) acts as the knowledge base for the security adaptation. The ISMO is applicable at design-time and runtime alike. At design-time, the ISMO offers knowledge for the software architect, in order to design an application with security-adaptation features. In contrast, the application searches knowledge from the ISMO at runtime, in order to automatically perform the security adaptation. Utilising the ontology as a knowledge base ensures that the knowledge is presented in a reusable and extensible form. Moreover, the application does not need hard-coded adaptation knowledge.

AB - Smart spaces - like smart homes, smart offices and smart cities - exploit various resources in order to offer enriched services and information for the end users. Achieving security in such a dynamic and heterogeneous environment with pre-defined and static security mechanisms is a challenging task. Hence, solutions for self-adaptive security are needed. Self-adaptive security is able to automatically select security mechanisms and their parameters at runtime in order to preserve the required security level in a changing environment. The research problem of the dissertation is how to achieve security adaptation in a smart-space application. For this dissertation, architecture and knowledge base objectives were set. The objectives were satisfied with security-adaptation architecture that contains an adaptation loop and an ontology-based knowledge base for security. The adaptation loop conforms to the Monitor, Analyse, Plan, Execute and Knowledge (MAPE-K) model, which is a widely applied reference model in autonomic computing. The ontology-based knowledge base offers input knowledge for security adaptation. The research was carried using five cases, which iteratively developed the architecture and the knowledge base for security adaptation. The contributions of the dissertation are: Firstly, reusable adaptation architecture for security is presented. The architecture strictly conforms to the MAPE-K reference model and defines all phases in it. Moreover, the architecture is the first that specifically separates security knowledge from the adaptation loop. Secondly, the architecture supports the utilisation of security measures to recognise an adaptation need. Security measures are presented by means of a three-level structure in order to achieve systematic monitoring. Due to the suggested architecture, it is possible to reuse and extend the defined security measures. Thirdly, this is the first time that an ontology has been applied for security adaptation. Hence, the Information Security Measuring Ontology (ISMO) acts as the knowledge base for the security adaptation. The ISMO is applicable at design-time and runtime alike. At design-time, the ISMO offers knowledge for the software architect, in order to design an application with security-adaptation features. In contrast, the application searches knowledge from the ISMO at runtime, in order to automatically perform the security adaptation. Utilising the ontology as a knowledge base ensures that the knowledge is presented in a reusable and extensible form. Moreover, the application does not need hard-coded adaptation knowledge.

KW - architecture

KW - security measuring

KW - ontology

KW - knowledge base

KW - self-adaptive

M3 - Dissertation

SN - 978-951-38-8113-9

T3 - VTT Science

PB - VTT Technical Research Centre of Finland

CY - Espoo

ER -

Evesti A. Adaptive security in smart spaces: Dissertation. Espoo: VTT Technical Research Centre of Finland, 2013. 198 p.