Visible to the public Architecture-based Self-securing Systems

ABSTRACT

Despite our best attempts to ensure that software systems are secure by design and construction, deployed systems must inevitably cope with unanticipated attacks and latent vulnerabilities. Hence, a critical component of a comprehensive science for security is the ability to support run- time security enforcement, problem detection, and repair. However, today's run-time mechanisms for handling security problems are often an ad hoc mixture of single point solutions unsupported by a unifying set of design and analysis principles. It is virtually impossible to make rigorous and assurable decisions about the kinds and levels of run time detection and prevention needed in a particular context. Our research contributes directly to this aspect of a science of security - namely, assurable run-time security enforcement and repair. Specifically, our approach recognizes that the problem is essentially one of developing closed-loop control systems that provide a supervisory level responsible for detecting and repairing security problems. It builds on prior research in architecture-based self-adaptive systems, where architecture models provide the foundation for analysis and repair.

License: 
Creative Commons 2.5

Other available formats:

Architecture-based Self-securing Systems
Switch to experimental viewer