Posts

Showing posts from February, 2015

Why can't I do that?: Explaining Adaptive Security

Image
Adaptive security demo, extracted from Collaborative Security video  produced by Amel Bennaceur

Our world is increasingly being pervaded by connected digital devices that make up the Internet of Things, making it important to ensure that the security of these devices and the functionality they provide.  We are working on techniques to support adaptive information security, where the security mechanisms used to protect these pervasive computing systems can change as the value of the assets being protected and the threats that arise in the environment change.  A key challenge in any adaptive system is to ensure that users understand why the behaviour of the system is changing at runtime. This is particularly true of security adaptations because in many situations they are likely to prevent users from accessing functionality.

In recent work, we have focussed on software engineering techniques that support this through traceability for explaining adaptive security decisions.  Our paper  o…