Software Engineering Techniques Applied to AmI: Security Patterns

The realization of the Ambient Intelligence concept entails many important challenges, but the most important barriers to this realization is the lack of adequate support for security. In this paper we present a conceptual model of our solution for building secure systems for AmI environments, taking as basis the concept of Security and Dependability (S&D) Pattern as a precise representation of validated S&D solutions and mechanisms. The main elements embedded in our solution framework (S&D library, monitoring interface and S&D Manager) are presented both conceptually, and also using a simple example scenario based on an hospital AmI environment.

[1]  Frank Hill,et al.  An aspect-oriented security framework , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[2]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[3]  David Llewellyn-Jones,et al.  An extensible framework for practical secure component composition in a ubiquitous computing environment , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[4]  A Min Tjoa,et al.  Access Controls by Object-Oriented Concepts , 1997, DBSec.

[5]  Eduardo B. Fernandez,et al.  A pattern language for security models , 2001 .

[6]  Eduardo B. Fernández,et al.  A Pattern System for Access Control , 2004, DBSec.

[7]  Eduardo B. Fernandez,et al.  Metadata and authorization patterns , 2000 .

[8]  James O. Coplien,et al.  Pattern languages of program design , 1995 .

[9]  Tim Kelly,et al.  Deriving safety requirements using scenarios , 2001, Proceedings Fifth IEEE International Symposium on Requirements Engineering.

[10]  Karima Boudaoud,et al.  An intelligent agent-based model for security management , 2002, Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications.

[11]  Haralambos Mouratidis,et al.  A Set of Patterns for Secure Agent Systems , 2003, EuroPLoP.

[12]  Ning Zhang,et al.  An effective model for composition of secure systems , 1998, J. Syst. Softw..

[13]  Joseph W. Yoder,et al.  Architectural Patterns for Enabling Application Security , 1998 .

[14]  Madjid Merabti,et al.  Utilising Component Composition for Secure Ubiquitous Computing , 2004 .

[15]  Haralambos Mouratidis,et al.  Security Patterns for Agent Systems , 2003 .

[16]  Neelam Soundarajan,et al.  Monitoring Design Pattern Contracts , 2004 .

[17]  Tommi Mikkonen,et al.  Formalizing design patterns , 1998, Proceedings of the 20th International Conference on Software Engineering.

[18]  Eduardo B. Fernández,et al.  Two Patterns for Web Services Security , 2004, International Conference on Internet Computing.

[19]  Neelam Soundarajan,et al.  Pattern-Based System Evolution: A Case-Study , 2006, SEKE.

[20]  Douglas C. Schmidt,et al.  Building application frameworks: object-oriented foundations of framework design , 1999 .

[21]  Heiko Mantel,et al.  On the composition of secure systems , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.