MaPE-K-Based Approach for Security @ Runtime

Dynamic systems cause challenges for security because it is impossible to anticipate all the possible changes at design-time. Adaptive security is an applicable solution for this challenge. It is able to automatically select security mechanisms and their parameters at runtime in order to preserve the required security level in a changing environment. In this paper we describe an approach detailing key steps and activities to create an adaptive security solution. The architecture conforms to the MAPE-K reference model, which is a widely applied reference model in autonomic computing. Steps include: Establishing a control point to force control of the security decision process from the existing system. Identifying an environment parameter with which the security will trade off. Studying the interrelationship between security and the environment parameter in the existing system context by identifying measurable factors which influence their relationship. Formulation of a trade-off goal which is optimised based on multiple objectives, one of which is a security objective. Consequently, the proposed approach is capable of deploying mechanisms adaptive security to satisfy different security needs at different conditions.