A Distributed Context-Aware Trust Management Architecture

The realization of a pervasive context-aware service platform imposes new challenges for the security and privacy aspects of the system in relation to traditional service platforms. One important aspect is related with the management of trust relationships, which is especially hard in a pervasive environment because users are supposed to interact with entities unknown before hand in an ad-hoc and dynamic manner. Current trust management solutions do not adapt nor scale well in this dynamic service provisioning scenario because they require previously defined trust relationships in order to operate. The objective of this thesis is to design, prototype and validate a context-aware distributed trust management architecture in order to address: (a) the lack of integration between available trust solutions and security and privacy management languages, and (b) the dynamic characteristics of a context-aware service platform

Using Event Calculus to Formalise Policy Specification and Analysis

As the interest in using policy-based approaches for systems management grows, it is becoming increasingly important to develop methods for performing analysis and refinement of policy specifications. Although this is an area that researchers have devoted some attention to, none of the proposed solutions address the issues of analysing specifications that combine authorisation and management policies; analysing policy specifications that contain constraints on the applicability of the policies; and performing a priori analysis of the specification that will both detect the presence of inconsistencies and explain the situations in which the conflict will occur. We present a method for transforming both policy and system behaviour specifications into a formal notation that is based on event calculus. Additionally it describes how this formalism can be used in conjunction with abductive reasoning techniques to perform a priori analysis of policy specifications for the various conflict types identified in the literature. Finally, it presents some initial thoughts on how this notation and analysis technique could be used to perform policy refinement

A goal-based approach to policy refinement

As the interest in using policy-based approaches for systems management grows, it is becoming increasingly important to develop methods for performing analysis and refinement of policy specifications. Although this is an area that researchers have devoted some attention to, none of the proposed solutions address the issue of deriving implementable policies from high-level goals. A key part of the solution to this problem is having the ability to identify the operations, available on the underlying system, which can achieve a given goal. This paper presents an approach by which a formal representation of a system, based on the Event Calculus, can be used in conjunction with abductive reasoning techniques to derive the sequence of operations that will allow a given system to achieve a desired goal. Additionally it outlines how this technique might be used for providing tool support and partial automation for policy refinement. Building on previous work on using formal techniques for policy analysis, the approach presented here applies a transformation of both policy and system behaviour specifications into a formal notation that is based on Event Calculus. Finally, it shows how the overall process could be used in conjunction with UML modelling and illustrates this by means of an example. 1

An adaptive policy-based framework for network services management

This paper presents a framework for specifying policies for the management of network services. Although policy-based management has been the subject of considerable research, proposed solutions are often restricted to condition-action rules, where conditions are matched against incoming traffic flows. This results in static policy configurations where manual intervention is required to cater for configuration changes and to enable policy deployment. The framework presented in this paper supports automated policy deployment and flexible event triggers to permit dynamic policy configuration. While current research focuses mostly on rules for low-level device configuration, significant challenges remain to be addressed in order to:a) provide policy specification and adaptation across different abstraction layers; and, b) provide tools and services for the engineering of policy-driven systems. In particular, this paper focuses on solutions for dynamic adaptation of policies in response to changes within the managed environment. Policy adaptation includes both dynamically changing policy parameters and reconfiguring the policy objects. Access control for network services is also discussed.Accepted versio

AMUSE: autonomic management of ubiquitous e-Health systems

Future e-Health systems will consist of low-power on-body wireless sensors attached to mobile users that interact with an ubiquitous computing environment to monitor the health and well being of patients in hospitals or at home. Patients or health practitioners have very little technical computing expertise so these systems need to be self-configuring and self-managing with little or no user input. More importantly, they should adapt autonomously to changes resulting from user activity, device failure, and the addition or loss of services. We propose the Self-Managed Cell (SMC) as an architectural pattern for all such types of ubiquitous computing applications and use an e-Health application in which on-body sensors are used to monitor a patient living in their home as an exemplar. We describe the services comprising the SMC and discuss cross-SMC interactions as well as the composition of SMCs into larger structures