Self-Protecting Access Control: On Mitigating Privacy Violations with Fault Tolerance

Self-protecting access control mechanisms can be described as an approach to enforcing security in a manner that automatically protects against violations of access control rules. In this chapter, we present a comparative analysis of standard Cryptographic Access Control (CAC) schemes in relation to privacy enforcement on the Web. We postulate that to mitigate privacy violations, self-protecting CAC mechanisms need to be supported by fault-tolerance. As an example of how one might to do this, we present two solutions that are inspired by the autonomic computing paradigm1. Our solutions are centered on how CAC schemes can be extended to protect against privacy violations that might arise from key updates and collusion attacks

ACHIEVING AUTONOMIC SERVICE ORIENTED ARCHITECTURE USING CASE BASED REASONING

Service-Oriented Architecture (SOA) enables composition of large and complex computational units out of the available atomic services. However, implementation of SOA, for its dynamic nature, could bring about challenges in terms of service discovery, service interaction, service composition, robustness, etc. In the near future, SOA will often need to dynamically re-configuring and re-organizing its topologies of interactions between the web services because of some unpredictable events, such as crashes or network problems, which will cause service unavailability. Complexity and dynamism of the current and future global network system require service architecture that is capable of autonomously changing its structure and functionality to meet dynamic changes in the requirements and environment with little human intervention. This then needs to motivate the research described throughout this thesis. In this thesis, the idea of introducing autonomy and adapting case-based reasoning into SOA in order to extend the intelligence and capability of SOA is contributed and elaborated. It is conducted by proposing architecture of an autonomic SOA framework based on case-based reasoning and the architectural considerations of autonomic computing paradigm. It is then followed by developing and analyzing formal models of the proposed architecture using Petri Net. The framework is also tested and analyzed through case studies, simulation, and prototype development. The case studies show feasibility to employing case-based reasoning and autonomic computing into SOA domain and the simulation results show believability that it would increase the intelligence, capability, usability and robustness of SOA. It was shown that SOA can be improved to cope with dynamic environment and services unavailability by incorporating case-based reasoning and autonomic computing paradigm to monitor and analyze events and service requests, then to plan and execute the appropriate actions using the knowledge stored in knowledge database

ACHIEVING AUTONOMIC SERVICE ORIENTED ARCHITECTURE USING CASE BASED REASONING

Service-Oriented Architecture (SOA) enables composition of large and complex computational units out of the available atomic services. However, implementation of SOA, for its dynamic nature, could bring about challenges in terms of service discovery, service interaction, service composition, robustness, etc. In the near future, SOA will often need to dynamically re-configuring and re-organizing its topologies of interactions between the web services because of some unpredictable events, such as crashes or network problems, which will cause service unavailability. Complexity and dynamism of the current and future global network system require service architecture that is capable of autonomously changing its structure and functionality to meet dynamic changes in the requirements and environment with little human intervention. This then needs to motivate the research described throughout this thesis. In this thesis, the idea of introducing autonomy and adapting case-based reasoning into SOA in order to extend the intelligence and capability of SOA is contributed and elaborated. It is conducted by proposing architecture of an autonomic SOA framework based on case-based reasoning and the architectural considerations of autonomic computing paradigm. It is then followed by developing and analyzing formal models of the proposed architecture using Petri Net. The framework is also tested and analyzed through case studies, simulation, and prototype development. The case studies show feasibility to employing case-based reasoning and autonomic computing into SOA domain and the simulation results show believability that it would increase the intelligence, capability, usability and robustness of SOA. It was shown that SOA can be improved to cope with dynamic environment and services unavailability by incorporating case-based reasoning and autonomic computing paradigm to monitor and analyze events and service requests, then to plan and execute the appropriate actions using the knowledge stored in knowledge database

Immunological inspiration for building a new generation of autonomic systems

Autonomic computing systems of the future will be required to exhibit a number of properties which cannot be engi-neered using current technologies and algorithms. The most direct inspiration for building such systems is nature, where for example the central nervous system and the immune sys-tem function in an autonomic manner. In this paper we show how mechanisms inspired by recent advances in the field of immunology may offer exactly the inspiration re-quired for engineering this new generation of computational systems which are robust, secure, self-organise and self-heal in manner currently unachievable with established software engineering techniques. Immune-inspired mechanisms are often synonomous with providing security in computing ap-plications — however we intend to show that a wider ex-amination of the immune literature offers far greater poten-tial for exploitation of immune-mechanisms and paradigms than simply providing protection to a host. We conclude with a number of case studies, describing work currently in progress, which demonstrate two very different application areas in which the mechanisms described are being applied to illustrate our point. 1