A Genetic Algorithms-Based Approach for Optimized Self-protection in a Pervasive Service Middleware

  • Weishan Zhang
  • Julian Schütte
  • Mads Ingstrup
  • Klaus M. Hansen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5900)


With increasingly complex and heterogeneous systems in pervasive service computing, it becomes more and more important to provide self-protected services to end users. In order to achieve self-protection, the corresponding security should be provided in an optimized manner considering the constraints of heterogeneous devices and networks. In this paper, we present a Genetic Algorithms-based approach for obtaining optimized security configurations at run time, supported by a set of security OWL ontologies and an event-driven framework. This approach has been realized as a prototype for self-protection in the Hydra middleware, and is integrated with a framework for enforcing the computed solution at run time using security obligations. The experiments with the prototype on configuring security strategies for a pervasive service middleware show that this approach has acceptable performance, and could be used to automatically adapt security strategies in the middleware.


Pareto Front Memory Consumption Security Mechanism Replay Attack Security Strategy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Elkhodary, A., Whittle, J.: A survey of approaches to adaptive application security. In: Proc. of the 2007 International Workshop on Software Engineering for Adaptive and Self-Managing Systems, Washington, DC, USA. IEEE C.S, Los Alamitos (2007)Google Scholar
  2. 2.
    Mitchell, M.: An Introduction to Genetic Algorithms. Bradford Books (1996)Google Scholar
  3. 3.
    Whitten, A., Tygar, J.D.: Why johnny can’t encrypt: A usability evaluation of pgp 5.0. In: Proceedings of the 8th USENIX Security Symposium (August 1999)Google Scholar
  4. 4.
    Kramer, J., Magee, J.: Self-Managed Systems: an Architectural Challenge. In: International Conference on Software Engineering, pp. 259–268 (2007)Google Scholar
  5. 5.
    Eugster, P., Felber, P., Guerraoui, R., Kermarrec, A.: The Many Faces of Publish/Subscribe. ACM Computing Surveys 35(2), 114–131 (2003)CrossRefGoogle Scholar
  6. 6.
    Zhang, W., Hansen, K.M.: Semantic web based self-management for a pervasive service middleware. In: Second IEEE International Conference on Self-Adaptive and Self-Organizing Systems (SASO 2008), Venice, Italy, October 2008, pp. 245–254 (2008)Google Scholar
  7. 7.
    Ingstrup, M., Hansen, K.M.: Modeling architectural change - architectural scripting and its applications to reconfiguration. In: WICSA/ECSA 2009, Cambridge, England, September 2009. IEEE, Los Alamitos (2009)Google Scholar
  8. 8.
    Koehler, J., Nebel, B., Hoffmann, J., Dimopoulos, Y.: Extending planning graphs to an adl subset. In: Steel, S. (ed.) ECP 1997. LNCS, vol. 1348, pp. 273–285. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  9. 9.
    Zhang, W., Hansen, K.: An Evaluation of the NSGA-II and MOCell Genetic Algorithms for Self-management Planning in a Pervasive Service Middleware. In: 14th IEEE International Conference on Engineering Complex Computer Systems (ICECCS 2009), pp. 192–201. IEEE Computer Society, Washington (2009)CrossRefGoogle Scholar
  10. 10.
    Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Communications of the ACM 49(9), 39–44 (2006)CrossRefGoogle Scholar
  11. 11.
    FIPA Security: Harmonising heterogeneous security models using an ontological approach. Part of deliverable Agentcities. RTD, Deliverable D3.4 (2003)Google Scholar
  12. 12.
    Naval Research Lab: NRL Security Ontology (2007),
  13. 13.
    Zitzler, E., Thiele, L.: Multiobjective evolutionary algorithms: a comparative case study and the strength Pareto approach. IEEE transactions on Evolutionary Computation 3(4), 257–271 (1999)CrossRefGoogle Scholar
  14. 14.
    Knight, J., Heimbigner, D., Wolf, A.L., Carzaniga, A., et al.: The Willow Architecture: Comprehensive Survivability for Large-Scale Distributed Applications, Technical Report CU-CS-926-01, University of ColoradoGoogle Scholar
  15. 15.
    Ryutov, T., Zhou, L., Neuman, C., Leithead, T., Seamons, K.E.: Adaptive trust negotiation and access control. In: SACMAT 2005: Proceedings of the tenth ACM symposium on Access control models and technologies, pp. 139–146. ACM, New York (2005)CrossRefGoogle Scholar
  16. 16.
    Capra, L., Emmerich, W., Mascolo, C.: CARISMA: Context-Aware Reflective mIddleware System for Mobile Applications. IEEE Transactions on Software Engineering, 929–945 (2003)Google Scholar
  17. 17.
    Twidle, K., Dulay, N., Lupu, E., Sloman, M.: Ponder2: A policy system for autonomous pervasive environments. In: The Fifth International Conference on Autonomic and Autonomous Systems (ICAS) (April 2009)Google Scholar
  18. 18.
    Dasgupta, D.: Advances in artificial immune systems. IEEE Computational Intelligence Magazine 1(4), 40–49 (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Weishan Zhang
    • 1
  • Julian Schütte
    • 3
  • Mads Ingstrup
    • 1
  • Klaus M. Hansen
    • 1
    • 2
  1. 1.Aarhus University 
  2. 2.University of Iceland 
  3. 3.Fraunhofer Institute for Secure Information Technology 

Personalised recommendations