Abstract
Security violations occur in systems even if security design is carried out or security tools are deployed. Social engineering attacks, vulnerabilities that can not be captured in the relatively abstract design model (as buffer-overflows), or unclear security requirements are only some examples of such unpredictable or unexpected vulnerabilities. One of the aims of autonomous systems is to react to these unexpected events through the system itself. Subsequently, this goal demands further research about how such behavior can be designed and sufficiently supported throughout the software development process. We present an approach to engineer self-protection rules for autonomous systems that is integrated into a model-driven software engineering process and provides concepts to formally verify that a given intrusion response model satisfies certain security requirements.
Chapter PDF
Similar content being viewed by others
References
Ahn, G.-J., Sandhu, R.: Role-Based Authorization Constraints Specification. ACM Transactions on Information and System Security 3(4), 207–226, 200
Baresi, L., Ghezzi, C., Guinea, S.: Towards Self-healing Compositions of Services. In: Proc. of PRISE 2004, First Conference on PRInciples of Software Engineering, pp. 11–20 (2004)
Basin, D., Doser, J., Lodderstedt, T.: Model Driven Security: from UML Models to Access Control Infrastructures. Journal of ACM Transactions on Software Engineering and Methodology (2005)
Ehrig, H., Prange, U., Taentzer, G.: Fundamental theory for typed attributed graph transformation. In: Ehrig, H., Engels, G., Parisi-Presicce, F., Rozenberg, G. (eds.) ICGT 2004. LNCS, vol. 3256, pp. 161–177. Springer, Heidelberg (2004)
Frankel, D.S.: Model Driven Architecture: Applying MDA to Enterprise Computing. John Wiley and Sons, Chichester (2003)
Horn, P.: Autonomic computing: IBM perspective on the state of information technology. Technical report, IBM T.J. Watson Labs (October 2001)
Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2005)
Koch, M., Parisi-Presicce, F.: Access Control Policy Specification in UML. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 63–78. Springer, Heidelberg (2002)
Koch, M., Pauls, K.: Generation of Role-based Access Control Requirements from UML Diagrams. In: Proc. of SREIS 2005, Symposium on Requirements Engineering for Information Security (2005)
Mead, N.R., Stehney, T.: Security Quality Requirements Engineering (SQUARE) Methodology. In: Proc. of Software Engineering for Secure Systems (SESS 2005) (2005)
OASIS. XACML 1.1 Specification (August 2003)
Interactive Objects. Arcstyler (2005), http://www.io-software.com
OMG. OCL 2.0 Specification, Version 2.0 OMG (2005)
Pillai, M.M.: An approach to implement a network intrusion detection system using genetic algorithms. In: SAICSIT 2004: Proceedings of the 2004 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries. Republic of South Africa, pp. 221–221. South African Institute for Computer Scientists and Information Technologists (2004)
Plump, D.: Hypergraph Rewriting: Critical Pairs and Undecidability of Confluence. In: Sleep, M., Plasmeijer, M., van Eekelen, M.C. (eds.) Term Graph Rewriting, pp. 201–214. Wiley, Chichester (1993)
Priebe, T., Dobmeier, W., Muschall, B., Pernul, G.: ABAC – Ein Referenzmodell für attributbasierte Zugriffskontrolle. In: Proc. of Sicherheit 2005. Lecture Notes in Informatics GI–Edition, pp. 285–296 (2005)
Rozenberg, G.: Handbook of Graph Grammars and Computing by Graph Transformation. Foundations, vol. 1. World Scientific, Singapore (1997)
Sterritt, R.: Autonomic computing. Innovations in Systems and Software Engineering - A NASA Journal 1(1) (2005)
Stillerman, M., Marceau, C., Stillman, M.: Intrusion Detection for Distributed Applications. Communications of the ACM 42(7), 62–69 (1999)
Taentzer, G., Ermel, C., Rudolf, M.: Handbook of Graph Grammars and Computing by Graph Transformation. In: The AGG Approach: Language and Tool Environment, vol. 2, World Scientific, Singapore (1999)
Vigna, G., Valeur, F., Kemmerer, R.A.: Designing and implementing a family of intrusion detection systems. In: ESEC/FSE-11: Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering, pp. 88–97. ACM Press, New York (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Koch, M., Pauls, K. (2006). Engineering Self-protection for Autonomous Systems. In: Baresi, L., Heckel, R. (eds) Fundamental Approaches to Software Engineering. FASE 2006. Lecture Notes in Computer Science, vol 3922. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11693017_5
Download citation
DOI: https://doi.org/10.1007/11693017_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33093-6
Online ISBN: 978-3-540-33094-3
eBook Packages: Computer ScienceComputer Science (R0)