Why can't I do that?: Explaining Adaptive Security

Adaptive security demo, extracted from Collaborative Security video 
Our world is increasingly being pervaded by connected digital devices that make up the Internet of Things, making it important to ensure that the security of these devices and the functionality they provide.  We are working on techniques to support adaptive information security, where the security mechanisms used to protect these pervasive computing systems can change as the value of the assets being protected and the threats that arise in the environment change.  A key challenge in any adaptive system is to ensure that users understand why the behaviour of the system is changing at runtime. This is particularly true of security adaptations because in many situations they are likely to prevent users from accessing functionality.

In recent work, we have focussed on software engineering techniques that support this through traceability for explaining adaptive security decisions.  Our paper  on this has been published by the European Alliance for Innovation in the journal, Transactions on Self-Adaptive Systems.

Nhlabatsi, Armstrong; Tun, Thein; Khan, Niamul; Yu, Yijun; Bandara, Arosha; Khan, Khaled M. and Nuseibeh, Bashar (2015). “Why can’t I do that?”: tracing adaptive security decisions. EAI Endorsed Transactions on Self-Adaptive Systems, 1(1), Article No. E2.


Popular posts from this blog

Cloud Wedge - geek of the week

Priming Code Club

Are we losing the Internet Security battle?