TY - GEN
T1 - An adaptable security framework for service-based systems
AU - Yau, Sik-Sang
AU - Yao, Yisheng
AU - Chen, Zhaoji
AU - Zhu, Luping
PY - 2005
Y1 - 2005
N2 - A major advantage of service-based computing technology is the ability to enable rapid formation of large-scale distributed systems by composing massively available services to achieve the system goals, regardless of the programming languages and platforms used to develop and run these services. In these large-scale service-based systems, various capabilities are provided by different organizations and interconnected by various types of networks, including wireless (infrastructure or ad hoc) and wired networks. For these systems which often involve multiple organizations, high confidence and adaptability are of prime concern to ensure that users can use these systems anywhere, any time, through various devices, knowing that their confidentiality and privacy are well protected under various situations. In this paper, an adaptable security framework for large-scale service-based systems is presented. It includes a core ontology and a logic-based situation-aware security specification language for specifying dynamic security policies for service-based systems, an approach to policy conflict detection and resolution, and tools for generating and deploying security agents to enforce security policies. With this framework, various parties of large-scale service-based systems can rapidly specify, update, verify, and enforce security policies in service-based systems to meet their security requirements under various situations.
AB - A major advantage of service-based computing technology is the ability to enable rapid formation of large-scale distributed systems by composing massively available services to achieve the system goals, regardless of the programming languages and platforms used to develop and run these services. In these large-scale service-based systems, various capabilities are provided by different organizations and interconnected by various types of networks, including wireless (infrastructure or ad hoc) and wired networks. For these systems which often involve multiple organizations, high confidence and adaptability are of prime concern to ensure that users can use these systems anywhere, any time, through various devices, knowing that their confidentiality and privacy are well protected under various situations. In this paper, an adaptable security framework for large-scale service-based systems is presented. It includes a core ontology and a logic-based situation-aware security specification language for specifying dynamic security policies for service-based systems, an approach to policy conflict detection and resolution, and tools for generating and deploying security agents to enforce security policies. With this framework, various parties of large-scale service-based systems can rapidly specify, update, verify, and enforce security policies in service-based systems to meet their security requirements under various situations.
KW - Adaptability
KW - Security agent
KW - Security framework
KW - Security policy
KW - Service-based systems
KW - Situation-awareness
UR - http://www.scopus.com/inward/record.url?scp=27544437710&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=27544437710&partnerID=8YFLogxK
U2 - 10.1109/WORDS.2005.15
DO - 10.1109/WORDS.2005.15
M3 - Conference contribution
AN - SCOPUS:27544437710
SN - 0769523471
T3 - Proceedings - International Workshop on Object-Oriented Real-Time Dependable Systems, WORDS
SP - 28
EP - 35
BT - Proceedings - 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems, WORDS 2005
T2 - 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems, WORDS 2005
Y2 - 2 February 2005 through 4 February 2005
ER -