Towards the modelling of secure pervasive computing systems: A paradigm of Context-Aware Secure Action System

The design of security-critical pervasive systems is challenging due to that security constraints are often highly dependent on dynamically changing contexts. To increase the trustworthiness of pervasive systems, a dependable approach to system development must be followed, which enables seamless integration of the functional, security and context-awareness requirements. This paper proposes a paradigm which enables the specification of the functional, security and context-awareness requirements of a system in a single formalism, called Context-Aware Secure Action System (CASAS). Its syntax, formal semantics and pragmatics are presented, as well as algorithms and techniques for analysing the behaviour of a pervasive computing system. Propose CASAS, a paradigm for modelling secure pervasive computing systems.Present the syntax and a formal semantics for CASAS.Present an algorithm for checking system consistency statically (i.e.?at compile time).Define a set of operators for building complex CASAS systems from simpler ones in a compositional manner.Demonstrate the pragmatics of the proposed formalism using a number of real-world case studies.

[1]  Jason Crampton,et al.  PTaCL: A Language for Attribute-Based Access Control in Open Systems , 2012, POST.

[2]  Hussein Zedan,et al.  The Calculus of Context-aware Ambients , 2011, J. Comput. Syst. Sci..

[3]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[4]  James H. Aylor,et al.  Computer for the 21st Century , 1999, Computer.

[5]  Glenn S. Himes,et al.  Automatic Target Recognition Using a Neocognitron , 1992, IEEE Trans. Knowl. Data Eng..

[6]  Ramjee Prasad,et al.  Capability-based access control delegation model on the federated IoT network , 2012, The 15th International Symposium on Wireless Personal Multimedia Communications.

[7]  Christine Julien,et al.  Modeling adaptive behaviors in Context UNITY , 2007, Theor. Comput. Sci..

[8]  Donald E. Knuth,et al.  Semantics of context-free languages , 1968, Mathematical systems theory.

[9]  Rose F. Gamble,et al.  Security policy foundations in context UNITY , 2011, SESS '11.

[10]  Mauro Conti,et al.  CRêPE: A System for Enforcing Fine-Grained Context-Related Policies on Android , 2012, IEEE Transactions on Information Forensics and Security.

[11]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[12]  K. Mani Chandy,et al.  Parallel program design - a foundation , 1988 .

[13]  Mark Weiser,et al.  Some computer science issues in ubiquitous computing , 1993, CACM.

[14]  Francois Siewe,et al.  Formal specification of CA-UCON model using CCA , 2013, 2013 Science and Information Conference.

[15]  Robin Milner,et al.  Pure bigraphs: Structure and dynamics , 2006, Inf. Comput..

[16]  Abulgader Almutairi,et al.  CA-UCON: a context-aware usage control model , 2011, CASEMANS '11.

[17]  Zohar Manna,et al.  Verification of concurrent programs, Part I: The temporal framework , 1981 .

[18]  Mustaque Ahamad,et al.  A context-aware security architecture for emerging applications , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[19]  José Carlos Brustoloni,et al.  Uclinux: a linux security module for trusted-computing-based usage controls enforcement , 2007, STC '07.

[20]  Gruia-Catalin Roman,et al.  A Notation and Logic for Mobile Computing , 2002, Formal Methods Syst. Des..

[21]  Pascal Zimmer A Calculus for Context-Awareness , 2005 .

[22]  Fabio Martinelli,et al.  Architecture, Workflows, and Prototype for Stateful Data Usage Control in Cloud , 2014, 2014 IEEE Security and Privacy Workshops.

[23]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[24]  Robin Milner,et al.  Stochastic Bigraphs , 2008, MFPS.

[25]  Lars Birkedal,et al.  Bigraphical Models of Context-Aware Systems , 2006, FoSSaCS.

[26]  Doina Bucur,et al.  Secure Data Flow in a Calculus for Context Awareness , 2008, Concurrency, Graphs and Models.

[27]  Ralph-Johan Back,et al.  Decentralization of Process Nets with Centralized Control , 1983, PODC.

[28]  S. Kimmel Architecture , 2013, Arsham-isms.

[29]  Liang Gu,et al.  Context-Aware Usage Control for Android , 2010, SecureComm.

[30]  Xuxian Jiang,et al.  Towards a VMM-based usage control framework for OS kernel integrity protection , 2007, SACMAT '07.

[31]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[32]  Robin Milner,et al.  Bigraphs and mobile processes (revised) , 2004 .

[33]  Wolfram Höpken,et al.  Exploiting E-C-A Rules for Defining and Processing Context-Aware Push Messages , 2007, RuleML.

[34]  Hyerim Bae,et al.  Automatic control of workflow processes using ECA rules , 2004, IEEE Transactions on Knowledge and Data Engineering.

[35]  Dawn M. Tilbury,et al.  Event-Condition-Action Systems for Reconfigurable Logic Control , 2007, IEEE Transactions on Automation Science and Engineering.

[36]  Ralph-Johan Back,et al.  Distributed cooperation with action systems , 1988, TOPL.

[37]  Gregory D. Abowd,et al.  Securing context-aware applications using environment roles , 2001, SACMAT '01.

[38]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[39]  Lin Yan,et al.  Context-aware usage control for web of things , 2014, Secur. Commun. Networks.

[40]  Luca Cardelli,et al.  Mobile Ambients , 1998, FoSSaCS.

[41]  Aekyung Moon,et al.  Context‐Aware Active Services in Ubiquitous Computing Environments , 2007 .

[42]  Young Ik Eom,et al.  Adaptive Access Control Scheme Utilizing Context Awareness in Pervasive Computing Environments , 2008, 2008 IEEE International Performance, Computing and Communications Conference.