Abstract
Providing context-dependent security services is an important challenge for ambient intelligent systems. The complexity and the unbounded nature of such systems make it difficult even for the most experienced and knowledgeable security engineers, to foresee all possible situations and interactions when developing the system. In order to solve this problem context based self- diagnosis and reconfiguration at runtime should be provided.
We present in this paper a generic security and dependability framework for the dynamic provision of Security and Dependability (S&D) solutions at runtime. Through out the paper, we use a smart items based e-health scenario to illustrate our approach. The eHealth prototype has been implemented and demonstrated in many scientific and industrial events.
Chapter PDF
References
ActiveBPEL, LLC, ActiveBPEL, the Open Source BPEL Engine, No longer supported by the company as Open Source since 2010, http://www.activebpel.org
Prediction-based strategies for energy saving in object tracking sensor networks (2004)
Abendroth, J., Jensen, C.D.: A unified security framework for networked applications. In: Proc. of the 2003 ACM Symp. on Applied Comp., pp. 351–357. ACM Press, New York (2003)
Acampora, G., Gaeta, M., Loia, V., Vasilakos, A.V.: Interoperable and adaptive fuzzy services for ambient intelligence applications. ACM Trans. Auton. Adapt. Syst. (2010)
Altenschmidt, C., Biskup, J., Flegel, U., Karabulut, Y.: Secure mediation: Requirements, design, and architecture. JCS 11(3), 365–398 (2003)
Au, R., Looi, M., Ashley, P.: Cross-domain one-shot authorization using smart cards. In: Proc. of CCS 2000, pp. 220–227. ACM Press, New York (2000)
Aura, T., Roe, M.: Designing the mobile ipv6 security protocol. Annales des Télécommunications 61(3-4), 332–356 (2006)
Beznosov, K., Deng, Y., Blakley, B., Burt, C., Barkley, J.: A resource access decision service for CORBA-based distributed systems. In: Proc. of ACSAC 1999, pp. 310–319. IEEE Press, Los Alamitos (1999)
Bonatti, P.A.: Rule languages for security and privacy in cooperative systems. COMPSAC (1), 268–269 (2005)
Butler, S.A.: Security attribute evaluation method: a cost-benefit approach. In: ICSE, pp. 232–240. ACM, New York (2002)
Chadwick, D.W., Otenko, A.: The permis x.509 role based privilege management infrastructure. In: Proc. of SACMAT 2002, pp. 135–140. ACM Press, New York (2002)
Compagna, L., Khoury, P.E., Massacci, F., Thomas, R., Zannone, N.: How to capture, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach. In: ICAIL 2007: Proceedings of the 11th International Conference on Artificial Intelligence and Law, pp. 149–153. ACM Press, New York (2007)
Constandache, I., Olmedilla, D., Siebenlist, F.: Policy-driven negotiation for authorization in the grid, pp. 211–220. IEEE Press, Los Alamitos (2007)
Constandache, I., Olmedilla, D., Siebenlist, F.: Policy-driven negotiation for authorization in the grid. In: IEEE International Policies for Distributed Systems and Networks (POLICY 2007). IEEE Computer Society Press, Los Alamitos (2007)
Covingtony, M.J., Fogla, P., Mustaque Ahamad, Z.Z.: A context-aware security architecture for emerging applications. In: ACSAC 2002 (2002)
Cukier, M., Courtney, T., Lyons, J., Ramasamy, H.V., Sanders, W.H., Seri, M., Atighetchi, M., Rubel, P., Jones, C., Webber, F., Watro, P.P.R., Gossett, J.: Providing intrusion tolerance with itua. In: Supplement of the 2002 Int. Conf. on Dependable Systems and Networks. IEEE Press, Los Alamitos (2002)
Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B.M., Ylonen, T.: SPKI Certificate Theory, IETF RFC 2693 (September 1999)
Fernandez, E.: Metadata and authorization patterns. Technical report, Florida Atlantic University (2000)
Fernandez, E., Pan, R.: A pattern language for security models. In: Proc. of the 8th Conf. on Pattern Languages of Programs (2001)
Gomez, L., Thomas, I.: Towards user authentication flexibility. In: Proc. of the ACM International Conference of Security and Cryptography. ACM Press, New York (2007)
Hine, J.A., Yao, W., Bacon, J., Moody, K.: An architecture for distributed OASIS services. In: Coulson, G., Sventek, J. (eds.) Middleware 2000. LNCS, vol. 1795, pp. 104–120. Springer, Heidelberg (2000)
Johnston, W., Mudumbai, S., Thompson, M.: Authorization and attribute certificates for widely distributed access control. In: Proc. of the 7th IEEE Int. Work. on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 1998), pp. 340–345. IEEE Press, Los Alamitos (1998)
Knight, C., Heimbigner, D., Wolf, A.L., Carzaniga, A., Hill, J.C., Devanbu, P., Gertz, M.: The willow survivability architecture. In: Proc. of the 4th Information Survivability Workshop (2001)
Konrad, S., Cheng, B.H.C., Campbell, L.A., Wassermann, R.: Using security patterns to model and analyze security requirements. In: Proceedings of the Requirements for High Assurance Systems Workshop (RHAS 2003), Monterey Bay CA, USA. IEEE Computer Society, Los Alamitos (September 2003)
Ma, D., Tsudik, G.: Extended abstract: Forward-secure sequential aggregate authentication. In: SP 2007: Proceedings of the 2007 IEEE Symposium on Security and Privacy, Washington, DC, USA. IEEE Computer Society, Los Alamitos (2007)
McGuinness, D.L., da Silva, P.P.: Explaining answers from the semantic web: The inference web approach. Journal of Web Semantics 1(4), 397–413 (2004)
Meyer, B.: Design by contract. In: Mandrioli, D., Meyer, B. (eds.) Advances in Object-Oriented Software Engineering, pp. 1–50. Prentice-Hall, Englewood Cliffs (1991)
Meyer, B.: Applying ”design by contract”. Computer 25(10), 40–51 (1992)
Meyer, B.: The grand challenge of trusted components. In: ICSE 2003: Proceedings of the 25th International Conference on Software Engineering, Washington, DC, USA, pp. 660–667. IEEE Computer Society, Los Alamitos (2003)
Moloney, M., Weber, S.: A context-aware trust-based security system for ad hoc networks. In: Proc. of the Security and Privacy for Emerging Areas in Communication Networks Workshop, pp. 153–160. IEEP (2005)
Moses, T.: extensible access control markup language tc v2.0 (xacml) (February 2005)
Piero, J.P., Bonatti, A., Olmedilla, D.: Advanced policy explanations on the web. In: ECAI 2006, pp. 200–204 (2006)
Pigot, H., Mayers, A., Giroux, S.: The intelligent habitat and everyday life activity support. In: Proc. of the 5th Int. Conf. on Simulations in Biomedicine, pp. 507–516 (2003)
Sanchez-Cid, F., Munoz, A., Khoury, P.E., Compagna, L.: Xacml as a security and dependability pattern for access control in ami environments. In: Proc. of the Ambient Intelligence Developments Conf. (AmI.d 2007). Springer, Heidelberg (2007)
Sang, Y., Shen, H., Inoguchi, Y., Tan, Y., Xiong, N.: Secure data aggregation in wireless sensor networks: A survey. In: International Conference on Parallel and Distributed Computing Applications and Technologies, pp. 315–320 (2006)
Schumacher, M., Roedig, U.: Security Engineering with Patterns. In: Proceedings of the 8th Conference on Pattern Languages of Programs (PLoP 2001). ACM Press, New York (2001)
Spanoudakis, G., Gomez, A.M., Kokolakis, S. (eds.): Security and Dependability for Ambient Intelligence. Advances in Information Security, vol. 45. Springer, Heidelberg (2009) ISBN: 978-0-387-88774-6
Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate-based access control for widely distributed resources. In: Proc. of 8th USENIX Security Symposium, pp. 215–228 (August 1999)
Wassermann, R., Cheng, B.: Security patterns. Technical Report MSU-CSE-03-23, Comp. Sci. and Eng., Michigan State Univ. (2003)
Wimmel, G., Wisspeintner, A.: Extended description techniques for security engineering. In: Proc. of the 16th Int. Conf. on Information Security (2001)
Woo, T., Lam, S.: Authorization in distributed systems: a formal approach. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 529–536. IEEE Press, Los Alamitos (1992)
Yoder, J., Barcalow, J.: Architectural patterns for enabling application security. In: Conference on Pattern Languages of Programs (PLoP 1997). ACM, New York (1997)
Zurko, M., Simon, R., Sanfilippo, T.: A user-centered, modular authorization service built on an RBAC foundation. In: Proc. of Symp. on Sec. and Privacy, pp. 57–71. IEEE Press, Los Alamitos (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Compagna, L., El Khoury, P., Massacci, F., Saidane, A. (2010). A Dynamic Security Framework for Ambient Intelligent Systems: A Smart-Home Based eHealth Application. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds) Transactions on Computational Science X. Lecture Notes in Computer Science, vol 6340. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17499-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-17499-5_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17498-8
Online ISBN: 978-3-642-17499-5
eBook Packages: Computer ScienceComputer Science (R0)