Architectural Optimization for Confidentiality Under Structural Uncertainty

More and more connected systems gather and exchange data. This allows building smarter, more efficient and overall better systems. However, the exchange of data also leads to questions regarding the confidentiality of these systems. Design notions such as Security by Design or Privacy by Design help to build secure and confidential systems by considering confidentiality already at the design-time. During the design-time, different analyses can support the architect. However, essential properties that impact confidentiality, such as the deployment, might be unknown during the design-time, leading to structural uncertainty about the architecture and its confidentiality. Structural uncertainty in the software architecture represents unknown properties about the structure of the software architecture. This can be, for instance, the deployment or the actual implementation of a component. For handling this uncertainty, we combine a design space exploration and optimization approach with a dataflow-based confidentiality analysis. This helps to estimate the confidentiality of an architecture under structural uncertainty. We evaluated our approach on four application examples. The results indicate a high accuracy regarding the found confidentiality violations

Use Cases in Dataflow-Based Privacy and Trust Modeling and Analysis in Industry 4.0 Systems

Fostering efficiency of distributed supply chains in the Industry 4.0 often bases on IoT-data analysis and by means of lean- and shop oor-management. However, trust by preserving privacy is a precondition: Competing factories will not share data, if, e.g., the analysis of the data will reveal business relevant information to competitors. Our approach is enforcing privacy policies in Industry 4.0 supply chains. These are highly dynamic and therefore not manageable by \u27traditional\u27 rights-management approaches as we will stretch in a literature analysis. To enforce privacy, we analyze two industrial settings and derive general requirements: (1) Lean- and shop oor-management and (2) factory access control, both common in Industry 4.0 supply chains. We further propose a reference architecture for Industry 4.0 supply chains. We introduce the combination of Palladio Component Model (PCM) [23] and Ensembles [4] in order to analyze and enforce privacy policies in highly dynamic environments. Our novel approach paves way for data sharing and global data analyzes in highly dynamic Industry 4.0 supply chains. It is an important step for efficiency of these supply chains and therefore one important cornerstone for the success of Industry 4.0

Aspect-Oriented Adaptation of Access Control Rules

Cyber-physical systems (CPS) and IoT systems are nowadays commonly designed as self-adaptive, endowing them with the ability to dynamically reconfigure to reflect their changing environment. This adaptation concerns also the security, as one of the most important properties of these systems. Though the state of the art on adaptivity in terms of security related to these systems can often deal well with fully anticipated situations in the environment, it becomes a challenge to deal with situations that are not or only partially anticipated. This uncertainty is however omnipresent in these systems due to humans in the loop, open-endedness and only partial understanding of the processes happening in the environment. In this paper, we partially address this challenge by featuring an approach for tackling access control in face of partially unanticipated situations. We base our solution on special kind of aspects that build on existing access control system and create a second level of adaptation that addresses the partially unanticipated situations by modifying access control rules. The approach is based on our previous work where we have analyzed and classified uncertainty in security and trust in such systems and have outlined the idea of access-control related situational patterns. The aspects that we present in this paper serve as means for application-specific specialization of the situational patterns. We showcase our approach on a simplified but real-life example in the domain of Industry 4.0 that comes from one of our industrial projects

Additional file 1: of Improved application technique of albumin-glutaraldehyde glue for repair of superficial lung defects

Results of individual tests. (XLS 63 kb