EAI Endorsed Transactions on Self-Adaptive Systems 15(1): e2

Research Article

“Why can’t I do that?”: Tracing Adaptive Security Decisions

Download71 downloads
  • @ARTICLE{10.4108/sas.1.1.e2,
        author={Armstrong Nhlabatsi and Thein Tun and Niamul Khan and Yijun Yu and Arosha K.  Bandara and Khaled M. Khan and Bashar Nuseibeh},
        title={“Why can’t I do that?”: Tracing Adaptive Security Decisions},
        journal={EAI Endorsed Transactions on Self-Adaptive Systems},
        volume={15},
        number={1},
        publisher={ICST},
        journal_a={SAS},
        year={2015},
        month={1},
        keywords={Traceability, Causality, Entailment Relation, Security Requirements, Access Control Policies},
        doi={10.4108/sas.1.1.e2}
    }
    
  • Armstrong Nhlabatsi
    Thein Tun
    Niamul Khan
    Yijun Yu
    Arosha K. Bandara
    Khaled M. Khan
    Bashar Nuseibeh
    Year: 2015
    “Why can’t I do that?”: Tracing Adaptive Security Decisions
    SAS
    ICST
    DOI: 10.4108/sas.1.1.e2
Armstrong Nhlabatsi1,*, Thein Tun2, Niamul Khan1, Yijun Yu2, Arosha K. Bandara2, Khaled M. Khan1, Bashar Nuseibeh2,3
  • 1: Qatar University
  • 2: The Open University
  • 3: Lero, University of Limerick
*Contact email: armstrong.nhlabatsi@qu.edu.qa

Abstract

One of the challenges of any adaptive system is to ensure that users can understand how and why the behaviour of the system changes at runtime. This is particularly important for adaptive security behaviours which are essential for applications that are used in many different contexts, such as those hosted in the cloud. In this paper, we propose an approach for using traceability information, enriched with causality relations and contextual attributes of the deployment environment, when providing feedback to the users. We demonstrate, using a cloud storage-as-a-service environment, how our approach provides users of cloud applications better information, explanations and assurances about the security decisions made by the system. This enables the user to understand why a certain security adaptation has occurred, how the adaptation is related to current context of use of the application, and a guarantee that the application still satisfies its security requirements after an adaptation.