Ontology-based security adaptation at run-time

Antti Evesti, Eila Ovaska

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

11 Citations (Scopus)

Abstract

This paper describes how software is able to autonomously adapt its security mechanisms based on knowledge from security ontology. Security adaptation is required because a software’s environment changes during run-time. Thus, all security requirements cannot be defined beforehand. To achieve security adaptation, we have combined a security ontology that defines security mechanisms, security objectives, and high level security measurements. The run-time security adaptation utilises this security ontology to adapt security mechanisms or their parameters to fulfil security requirements for each environment and usage situation. The novelty of this approach comes from the utilisation of ontologies and security measurements, which makes adaptation flexible. We validate our security adaptation with a case study in a smart space environment. The case study proves that security adaptation is able to work autonomously without other user actions.
Original languageEnglish
Title of host publicationProceedings
Subtitle of host publicationFourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2010
PublisherInstitute of Electrical and Electronic Engineers IEEE
Pages204-212
ISBN (Print)978-0-7695-4232-4, 978-1-4244-8537-6
DOIs
Publication statusPublished - 2010
MoE publication typeA4 Article in a conference publication
EventFourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2010 - Budapest, Hungary
Duration: 27 Sep 20101 Oct 2010

Conference

ConferenceFourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2010
Abbreviated titleSASO 2010
CountryHungary
CityBudapest
Period27/09/101/10/10

Fingerprint

Ontology

Keywords

  • Security ontology
  • dynamic adaptation
  • quality management

Cite this

Evesti, A., & Ovaska, E. (2010). Ontology-based security adaptation at run-time. In Proceedings : Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2010 (pp. 204-212). Institute of Electrical and Electronic Engineers IEEE. https://doi.org/10.1109/SASO.2010.11
Evesti, Antti ; Ovaska, Eila. / Ontology-based security adaptation at run-time. Proceedings : Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2010. Institute of Electrical and Electronic Engineers IEEE, 2010. pp. 204-212
@inproceedings{1329e8845ca4450180a47f608d8c0779,
title = "Ontology-based security adaptation at run-time",
abstract = "This paper describes how software is able to autonomously adapt its security mechanisms based on knowledge from security ontology. Security adaptation is required because a software’s environment changes during run-time. Thus, all security requirements cannot be defined beforehand. To achieve security adaptation, we have combined a security ontology that defines security mechanisms, security objectives, and high level security measurements. The run-time security adaptation utilises this security ontology to adapt security mechanisms or their parameters to fulfil security requirements for each environment and usage situation. The novelty of this approach comes from the utilisation of ontologies and security measurements, which makes adaptation flexible. We validate our security adaptation with a case study in a smart space environment. The case study proves that security adaptation is able to work autonomously without other user actions.",
keywords = "Security ontology, dynamic adaptation, quality management",
author = "Antti Evesti and Eila Ovaska",
note = "Project code: 31576",
year = "2010",
doi = "10.1109/SASO.2010.11",
language = "English",
isbn = "978-0-7695-4232-4",
pages = "204--212",
booktitle = "Proceedings",
publisher = "Institute of Electrical and Electronic Engineers IEEE",
address = "United States",

}

Evesti, A & Ovaska, E 2010, Ontology-based security adaptation at run-time. in Proceedings : Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2010. Institute of Electrical and Electronic Engineers IEEE, pp. 204-212, Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2010, Budapest, Hungary, 27/09/10. https://doi.org/10.1109/SASO.2010.11

Ontology-based security adaptation at run-time. / Evesti, Antti; Ovaska, Eila.

Proceedings : Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2010. Institute of Electrical and Electronic Engineers IEEE, 2010. p. 204-212.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Ontology-based security adaptation at run-time

AU - Evesti, Antti

AU - Ovaska, Eila

N1 - Project code: 31576

PY - 2010

Y1 - 2010

N2 - This paper describes how software is able to autonomously adapt its security mechanisms based on knowledge from security ontology. Security adaptation is required because a software’s environment changes during run-time. Thus, all security requirements cannot be defined beforehand. To achieve security adaptation, we have combined a security ontology that defines security mechanisms, security objectives, and high level security measurements. The run-time security adaptation utilises this security ontology to adapt security mechanisms or their parameters to fulfil security requirements for each environment and usage situation. The novelty of this approach comes from the utilisation of ontologies and security measurements, which makes adaptation flexible. We validate our security adaptation with a case study in a smart space environment. The case study proves that security adaptation is able to work autonomously without other user actions.

AB - This paper describes how software is able to autonomously adapt its security mechanisms based on knowledge from security ontology. Security adaptation is required because a software’s environment changes during run-time. Thus, all security requirements cannot be defined beforehand. To achieve security adaptation, we have combined a security ontology that defines security mechanisms, security objectives, and high level security measurements. The run-time security adaptation utilises this security ontology to adapt security mechanisms or their parameters to fulfil security requirements for each environment and usage situation. The novelty of this approach comes from the utilisation of ontologies and security measurements, which makes adaptation flexible. We validate our security adaptation with a case study in a smart space environment. The case study proves that security adaptation is able to work autonomously without other user actions.

KW - Security ontology

KW - dynamic adaptation

KW - quality management

U2 - 10.1109/SASO.2010.11

DO - 10.1109/SASO.2010.11

M3 - Conference article in proceedings

SN - 978-0-7695-4232-4

SN - 978-1-4244-8537-6

SP - 204

EP - 212

BT - Proceedings

PB - Institute of Electrical and Electronic Engineers IEEE

ER -

Evesti A, Ovaska E. Ontology-based security adaptation at run-time. In Proceedings : Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2010. Institute of Electrical and Electronic Engineers IEEE. 2010. p. 204-212 https://doi.org/10.1109/SASO.2010.11