A framework for an adaptive early warning and response system for insider privacy breaches

Almajed, Yasser M.

January 2015

Organisations such as governments and healthcare bodies are increasingly responsible for managing large amounts of personal information, and the increasing complexity of modern information systems is causing growing concerns about the protection of these assets from insider threats. Insider threats are very difficult to handle, because the insiders have direct access to information and are trusted by their organisations. The nature of insider privacy breaches varies with the organisation’s acceptable usage policy and the attributes of an insider. However, the level of risk that insiders pose depends on insider breach scenarios including their access patterns and contextual information, such as timing of access. Protection from insider threats is a newly emerging research area, and thus, only few approaches are available that systemise the continuous monitoring of dynamic insider usage characteristics and adaptation depending on the level of risk. The aim of this research is to develop a formal framework for an adaptive early warning and response system for insider privacy breaches within dynamic software systems. This framework will allow the specification of multiple policies at different risk levels, depending on event patterns, timing constraints, and the enforcement of adaptive response actions, to interrupt insider activity. Our framework is based on Usage Control (UCON), a comprehensive model that controls previous, ongoing, and subsequent resource usage. We extend UCON to include interrupt policy decisions, in which multiple policy decisions can be expressed at different risk levels. In particular, interrupt policy decisions can be dynamically adapted upon the occurrence of an event or over time. We propose a computational model that represents the concurrent behaviour of an adaptive early warning and response system in the form of statechart. In addition, we propose a Privacy Breach Specification Language (PBSL) based on this computational model, in which event patterns, timing constraints, and the triggered early warning level are expressed in the form of policy rules. The main features of PBSL are its expressiveness, simplicity, practicality, and formal semantics. The formal semantics of the PBSL, together with a model of the mechanisms enforcing the policies, is given in an operational style. Enforcement mechanisms, which are defined by the outcomes of the policy rules, influence the system state by mutually interacting between the policy rules and the system behaviour. We demonstrate the use of this PBSL with a case study from the e-government domain that includes some real-world insider breach scenarios. The formal framework utilises a tool that supports the animation of the enforcement and policy models. This tool also supports the model checking used to formally verify the safety and progress properties of the system over the policy and the enforcement specifications.

658.4

A Model-Based Approach to Engineer Self-Adaptive Systems with Guarantees / En modelbaserad metod för att utveckla självadaptiva system med garantier

Iftikhar, Muhammad Usman

January 2017

Modern software systems are increasingly characterized by uncertainties in the operating context and user requirements. These uncertainties are difficult to predict at design time. Achieving the quality goals of such systems depends on the ability of the software to deal with these uncertainties at runtime. A self-adaptive system employs a feedback loop to continuously monitor and adapt itself to achieve particular quality goals (i.e., adaptation goals) regardless of uncertainties. Current research applies formal techniques to provide guarantees for adaptation goals, typically using exhaustive verification techniques. Although these techniques offer strong guarantees for the goals, they suffer from well-known state explosion problem. In this thesis, we take a broader perspective and focus on two types of guarantees: (1) functional correctness of the feedback loop, and (2) guaranteeing the adaptation goals in an efficient manner. To that end, we present ActivFORMS (Active FORmal Models for Self-adaptation), a formally founded model-driven approach for engineering self-adaptive systems with guarantees. ActivFORMS achieves functional correctness by direct execution of formally verified models of the feedback loop using a reusable virtual machine. To efficiently provide guarantees for the adaptation goals with a required level of confidence, ActivFORMS applies statistical model checking at runtime. ActivFORMS supports on the fly changes of adaptation goals and updates of the verified feedback loop models that meet the changed goals. To demonstrate the applicability and effectiveness of the approach, we applied ActivFORMS in several domains: warehouse transportation, oceanic surveillance, tele assistance, and IoT building security monitoring. / Marie Curie CIG, FP7-PEOPLE-2011-CIG, Project ID: 303791

Self-adaptive software systems

MAPE-K feedback loop

Statistical model checking

Analytical methods

Computer Science

Datavetenskap (datalogi)

Issues in Specifying Requirements for Adaptive Software Systems

Peng, Qian

January 2009

<p>This thesis emphasizes on surveying the state-of-the-art in software requirements specification with a focus on, autonomic, self-adapting software systems. Since various requirements are brought forward accord with environments, modeling requirements for adaptive software systems may be changed at run-time. Nowadays, Keep All Objectives Satisfied (KAOS) is an effective method to build goal model. Various manipulations, such as change, remove, active and de-active goals, appear new goals, could mediate conflicts among goals in adaptive software system. At specification time, specifications of event sequences to be monitored are generated from requirements specification.</p>

requirements specification

self-adapting software systems

adaptive software systems

Keep All Objects Satisfied (KAOS)

goal model

Computer science

Datavetenskap

Software engineering

Programvaruteknik

Issues in Specifying Requirements for Adaptive Software Systems

Peng, Qian

January 2009

This thesis emphasizes on surveying the state-of-the-art in software requirements specification with a focus on, autonomic, self-adapting software systems. Since various requirements are brought forward accord with environments, modeling requirements for adaptive software systems may be changed at run-time. Nowadays, Keep All Objectives Satisfied (KAOS) is an effective method to build goal model. Various manipulations, such as change, remove, active and de-active goals, appear new goals, could mediate conflicts among goals in adaptive software system. At specification time, specifications of event sequences to be monitored are generated from requirements specification.

requirements specification

self-adapting software systems

adaptive software systems

Keep All Objects Satisfied (KAOS)

goal model

Computer Sciences

Datavetenskap (datalogi)

Software Engineering

Programvaruteknik