Adaptable Context Management Framework for Secure Network Services

• Autorzy: Kotulski Z. , Sepczuk M. , Sitek A. , Tunia M. A.
• Języki publikacji: EN

Abstrakty

EN

Last decades the contextual approach became an important methodology of analysing information processes in the dynamic environment. In this paper we propose a context management framework suitable for secure network services. The framework allows tracking the contextual information from its origin, through all stages of its processing up to application in security services protecting the secure network application. Besides the framework's description, an example of its application in constructing secure voice call network service is given.

Słowa kluczowe

EN

context management framework; secure network services; secure network application

• Wydawca: Wydawnictwo UMCS
• Czasopismo: Annales Universitatis Mariae Curie-Skłodowska. Sectio AI, Informatica
• Rocznik: 2014
• Tom: Vol. 14, no. 2
• Strony: 7--30
• Opis fizyczny: Bibliogr. 38 poz., rys.

Twórcy

autor

Kotulski Z.

• Faculty of Electronics and Information Technology, Warsaw University of Technology, Poland

autor

Sepczuk M.

• Faculty of Electronics and Information Technology, Warsaw University of Technology, Poland

autor

Sitek A.

• Faculty of Electronics and Information Technology, Warsaw University of Technology, Poland

autor

Tunia M. A.

• Faculty of Electronics and Information Technology, Warsaw University of Technology, Poland

Bibliografia

• [1] MacDonald, N., The Future of Information Security is Context-Aware and Adaptive, Gartner RAS Core Research Note G00200385, p. RA341601022011, 14 May 2010
• [2] Keller, A., Ludwig, H., The WSLA Framework: Specifying and Monitoring Service Level Agreements for Web Services, Journal of Network and Systems Management 11(1) (2003): 57–81.
• [3] Henning, R.R., Security service level agreements: quantifiable security for the enterprise?, Proceedings of the workshop on New security paradigms, Caledon Hills, Ontario, Canada, September 22-24 (1999).
• [4] Bernsmed, K., Jaatun, M., Meland, P., Undheim, A.: Security SLAs for Federated Cloud Services, Sixth International Conference on Availability, Reliability and Security, ARES (2011).
• [5] Moore, T., Anderson, R., Economics and Internet Security: a Survey of Recent Analytical, Empirical and Behavioral Research, TR-03-11, Computer Science Group, Harvard University, Cambridge, Massachusetts (2011).
• [6] Anderson, R.J., Economics and Security Resource Page, http://www.cl.cam.ac.uk/ rja14/econsec.html (2014).
• [7] Anderson, R.J., Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley (2008).
• [8] Ksiezopolski, B., Kotulski, Z., Adaptable security mechanism for dynamic environments, Computers & Security 26(3) (2007): 246–255.
• [9] Gerstel, O., Sasaki, G., Quality of Protection (QoP): A Quantitative Unifying Paradigm to Protection Service Grades, OptiComm 2001, Optical Networking and Communication Conference (2001).
• [10] Xue, G., Chen, L., Thulasiraman, K., Quality-of-Service and Quality-of-Protection Issues in Preplanned Recovery Schemes Using Redundant Trees, IEEE Journal on Selected Areas in Communications 21(8) (2003): 1332–1345.
• [11] Fiedler, M., Hossfeld, T., Tran-Gia, P., A generic quantitative relationship between quality of experience and quality of service, Network, IEEE 24(2) (2010): 36–41.
• [12] Ciszkowski, T., Mazurczyk, W., Kotulski, Z., Hossfeld, T., Fiedler, M., Collange, D., Towards Quality of Experience-based Reputation Models for Future Web Service Provisioning, Telecommunication Systems Journal 51(4), 283-295 (2012)
• [13] Abowd, G.D., Dey, A.K., Brown, P.J., Davies, N., Smith, M., Steggles, P., Towards a Better Understanding of Context and Context-Awareness, Handheld and Ubiquitous Computing, LNCS, vol. 1707, Springer, Berlin (1999): 304–307.
• [14] Weiser, M., The Computer for the 21 st Century, ACM SIGMOBILE Mobile Computing and Communications Review 3 (1999): 3–11.
• [15] Jovanovikj, V., Gabrijelcic, D., Klobucar, T., A conceptual model of security context, International Journal of Information Security (2014).
• [16] Baldauf, M., Dustdar, S., Rosenberg, F., A survey on context-aware systems, Int. J. Ad Hoc and Ubiquitous Computing 2(4) (2007): 263–277.
• [17] Hayashi, E., Das, S., Shahriyar, A., Owusu, E., Han, J., Hong, J., Oakley, I., Perrig, A., Zhang, J., CASA: A Framework for Context-Aware Scalable Authentication, SOUPS’13: Ninth Symposium on Usable Privacy and Secrecy (2013).
• [18] Wrona, K., Gomez, L., Context-aware security and secure context-awareness in ubiquitous computing environments, Annales UMCS Informatica AI 4 (2006): 332–348.
• [19] Orr, R.J., Abowd, G.D., The Smart Floor: A Mechanism for Natural User Identification and Tracking, Conference on Human Factors in Computing Systems (CHI 2000), The Hague, Netherlands (2000).
• [20] Contextual Service Adaptation Framework, http://soa4all.eu/contextmanagement.html (2014).
• [21] Siljee, B., Bosloper, I., Nijhuis, J., A Classification Framework for Storage and Retrieval of Context, KI-04 Workshop on Modelling and Retrieval of Context, CEUR 114 (2004).
• [22] Preuveneers, D., Berbers, Y., Adaptive Context Management Using a Component-Based Approach, Distributed Applications and Interoperable Systems, LNCS, vol. 3543, Springer, Berlin Heidelberg (2005): 14–26.
• [23] Chen, H., An intelligent broker architecture for context-aware systems, A PhD. Dissertation Proposal in Computer Science at the University of Maryland, Baltimore County (2003).
• [24] Bauer, M., Olsen, R., Jacobsson, M., Sanchez, L., Lanza, J., Imine, M., Prasad, N., Context Management Framework for MAGNET Beyond, Workshop on Capturing Context and and Context-Aware Systems and Platforms, Proceedings of IST Mobile and Wireless Summit (2006).
• [25] Won-Ki Hong, J., Han, Y., Kang, J.-M., Seo, S., Context Management for User-centric Context-aware Services over Pervasive Networks, 14th Asia-Pacific IEEE Network Operations and Management Symposium (APNOMS 2012) (2012): 1–4.
• [26] Chabridon, S., Desprats, T., Laborde, R., Marie, P., Marquez, S., Oglaza, M., A survey on addressing privacy together with quality of context for context management in the Internet of Things, Annales of Telecommunications-Annales des telecommunications 69(1-2) (2014): 47–62.
• [27] Lee, M., Park, S., A Secure Context Management for QoS-Aware Vertical Handovers in 4G Networks, Communications and Multimedia Security, LNCS, vol. 3677, Springer, Berlin Heidelberg (2005): 220–229.
• [28] Fischer, K., Karsch, S., Modelling Security Relevant Context - An approach towards Adaptive Security in Volatile Mobile Web Environments, WebSci11, June 14-17, 2011, Koblenz, Germany (2011).
• [29] Smirnov, A., Pashkin, M., Chilov, N., Levashova, T., Operational Decision Support: Context-Based Approach and Technological Framework, Proceedings of the 5th International and Interdisciplinary Conference CENTEXT (2005).
• [30] Michelberger, B., Mutschler, B., Reichert, M., A Context Framework for Process-Oriented Information Logistics, Business Information Systems, LNBIP 117, Springer, Berlin Heidelberg (2012): 260–271.
• [31] Ksiezopolski, B., QoP-ML: Quality of Protection modelling language for cryptographic protocols, Computers & Security 31(4) (2012): 569–596.
• [32] ISO/IEC 27005 Second edition 2011-06-01, Information technology Security techniques Information security risk management.
• [33] NIST Special Publication 800-30, Revision 1, Risk Management Guide for Information Technology Systems (2012).
• [34] Shoniregun, C.A., Impacts and Risk Assessment of Technology for Internet Security. Enabled Information Small-Medium Enterprises (TEISMES), Advances in Information Security, Volume 17, Springer Science+Business Media, Inc. (2005).
• [35] NIST Special Publication 800-12, An Introduction to Computer Security: The NIST Handbook (1995).
• [36] FIPS PUB 199, Standards for Security Categorization of Federal Information and Information Systems (2004).
• [37] Menezes, A., van Oorschot, P., Vanstone, S., Handbook of Applied Cryptography, CRC Press, Boca Raton (1996).
• [38] Freeman, R.L., Telecommunication System Engineering, Fourth Edition, John Wiley & Sons, Hoboken, New Jersey (2004).