{"title":"运行时基于本体的安全适应","authors":"Antti Evesti, E. Ovaska","doi":"10.1109/SASO.2010.11","DOIUrl":null,"url":null,"abstract":"This paper describes how software is able to autonomously adapt its security mechanisms based on knowledge from security ontology. Security adaptation is required because a software’s environment changes during run-time. Thus, all security requirements cannot be defined beforehand. To achieve security adaptation, we have combined a security ontology that defines security mechanisms, security objectives, and high level security measurements. The run-time security adaptation utilises this security ontology to adapt security mechanisms or their parameters to fulfil security requirements for each environment and usage situation. The novelty of this approach comes from the utilisation of ontologies and security measurements, which makes adaptation flexible. We validate our security adaptation with a case study in a smart space environment. The case study proves that security adaptation is able to work autonomously without other user actions.","PeriodicalId":370044,"journal":{"name":"2010 Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"27","resultStr":"{\"title\":\"Ontology-Based Security Adaptation at Run-Time\",\"authors\":\"Antti Evesti, E. Ovaska\",\"doi\":\"10.1109/SASO.2010.11\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper describes how software is able to autonomously adapt its security mechanisms based on knowledge from security ontology. Security adaptation is required because a software’s environment changes during run-time. Thus, all security requirements cannot be defined beforehand. To achieve security adaptation, we have combined a security ontology that defines security mechanisms, security objectives, and high level security measurements. The run-time security adaptation utilises this security ontology to adapt security mechanisms or their parameters to fulfil security requirements for each environment and usage situation. The novelty of this approach comes from the utilisation of ontologies and security measurements, which makes adaptation flexible. We validate our security adaptation with a case study in a smart space environment. The case study proves that security adaptation is able to work autonomously without other user actions.\",\"PeriodicalId\":370044,\"journal\":{\"name\":\"2010 Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems\",\"volume\":\"15 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-09-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"27\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SASO.2010.11\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Fourth IEEE International Conference on Self-Adaptive and Self-Organizing Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SASO.2010.11","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This paper describes how software is able to autonomously adapt its security mechanisms based on knowledge from security ontology. Security adaptation is required because a software’s environment changes during run-time. Thus, all security requirements cannot be defined beforehand. To achieve security adaptation, we have combined a security ontology that defines security mechanisms, security objectives, and high level security measurements. The run-time security adaptation utilises this security ontology to adapt security mechanisms or their parameters to fulfil security requirements for each environment and usage situation. The novelty of this approach comes from the utilisation of ontologies and security measurements, which makes adaptation flexible. We validate our security adaptation with a case study in a smart space environment. The case study proves that security adaptation is able to work autonomously without other user actions.