|
Property | Description |
|
Adaptation |
Object to adapt | Security services for authentication, authorization, and cryptography are directly mentioned. However, the Responder module produces configuration information, which can be delivered for any part in the device. Thus, the solution is generic. |
Adaptation timing | Runtime and reactive |
Monitoring and analyses | Dedicated components for monitoring and analysing. Monitoring components observe predefined security related events from environment or device and analysing components subscribe to these events. The analysing components propose high-level security actions based on information from the profile database. Consequently, analysing component covers also the planning phase. |
Planning and execution | No dedicated planning component. The planning functionality is partially composed inside the Analyse and Respond components. The Respond components map high-level security actions from the Analyse component to the implementation specific subsystems. The implementation specific subsystem decides how to finally execute the adaptation. Thus, the adaptation approach does not dictate the content of plan and execution phases as a whole. |
Knowledge | Separated support module, which contains the Profile database. The monitor, analyse, and respond components are able to retrieve knowledge from the Profile database. However, the content of the database is not described. |
Self-properties | Self-configuration and self-optimization, that is, changing used security components or setting different parameters for those components. Self-protection by recognising events that decrease security. Context-awareness monitors security relevant events from the environment by means of Context Management Infrastructure (CMI). |
|
Security |
Attributes | Generic solution, authors emphasize authentication, authorisation, confidentiality, and integrity attributes. |
Mechanisms | Generic security services for authentication, authorisation, and cryptography. |
Protected asset | Generic solution |
Threats | Generic solution |
|
Lifecycle |
Architecture | The adaptation loop is clearly defined, and Monitor, Analyse, and Respond components are separated for their own components. Events between the Monitor and Analyse components are specified to occur via Dbus based event bus. The Responder component sends events to implementation specific subsystems, which in turn support generalisation. Therefore, both structure and behaviour of the approach are described. |
Extensibility | The presented architecture supports extensions; that is, new security mechanisms and monitoring techniques can be applied. |
Flexibility | The presented architecture supports flexibility. No dependencies to specific domain or environment. |
Reusability | The framework and its components are conceptually reusable. Internal functionality of components is not described, which complicates reusing. |
Maturity | The adaptation approach is implemented by Java for the Nokia 770 Internet tablet, but validation use cases are not described. The framework is described in a research paper. The latest article from the approach appeared in 2010. The software community or code libraries are not available. |
|