Adaptive self-management of teams of autonomous vehicles

Unmanned Autonomous Vehicles (UAVs) are increasingly deployed for missions that are deemed dangerous or impractical to perform by humans in many military and disaster scenarios. Collaborating UAVs in a team form a Self- Managed Cell (SMC) with at least one commander. UAVs in an SMC may need to operate independently or in sub- groups, out of contact with the commander and the rest of the team in order to perform specific tasks, but must still be able to eventually synchronise state information. The SMC must also cope with intermittent and permanent communication failures as well permanent UAV failures. This paper describes a failure management scheme that copes with both communication link and UAV failures, which may result in temporary disjoint sub-networks within the SMC. A communication management protocol is proposed to control UAVs performing disconnected individual operations, while maintaining the SMCs structure by trying to ensure that all members of the mission regardless of destination or task, can communicate by moving UAVs to act as relays or by allowing the UAVs to rendezvous at intermittent intervals. Copyright 2008 ACM.Accepted versio

Security policy refinement using data integration: a position paper.

In spite of the wide adoption of policy-based approaches for security management, and many existing treatments of policy verification and analysis, relatively little attention has been paid to policy refinement: the problem of deriving lower-level, runnable policies from higher-level policies, policy goals, and specifications. In this paper we present our initial ideas on this task, using and adapting concepts from data integration. We take a view of policies as governing the performance of an action on a target by a subject, possibly with certain conditions. Transformation rules are applied to these components of a policy in a structured way, in order to translate the policy into more refined terms; the transformation rules we use are similar to those of global-as-view database schema mappings, or to extensions thereof. We illustrate our ideas with an example. Copyright 2009 ACM

A policy based role object model

Enterprise roles dejine the duties and responsibilities of the individuals which are assigned to them This paper introduces a framework for the management of large distributed systems which makes use of the concepts developed in role theory. Our concept of a role groups the specifications of management policies which define the rights and duties corresponding to that role. Individuals m y then be assigned to or withdrawn from a role, to enable rapid and flexible organisational change, without altering the Specification of the policies. We extend this role concept to include relationships as means of specifying required interactions, duties and rights between related roles. Organisations may contain large numbers of similar roles with multiple relationships between them, so there is a need for reuse of specifications. Role and relationship classes permit multiple instantiation and inheritance is used for incremental extension of the organisational structure with minimal specification effort. We also briefly examine consistency and auditing issues related to this role framework. 1

Security and management policy specification

Accepted versio

Self-managed cells and their federation

Future e-Health systems will consist of low-power, on-body wireless sensors attached to mobile users that interact with a ubiquitous computing environment. This kind of system needs to be able to configure itself with little or no user input; more importantly, it is required to adapt autonomously to changes such as user movement, device failure, the addition or loss of services, and proximity to other such systems. This extended abstract describes the basic architecture of a Self-Managed Cell (SMC) to address these requirements, and discusses various forms of federation between/among SMCs. This structure is motivated by a typical e-Health scenario

Role-based security for distributed object systems

This paper describes a security architecture designed to support role-based access control for distributed object systems in a large-scale, multi-organisational enterprise in which domains are used to group objects for specifying security policies. We use the concept of a role to define access control related to a position within an organisation although our role framework caters for the specification of both authorisation and obligation policies. Access control and authentication is implemented using security agents on a per host basis to achieve a high degree of transparency to the application level. Cascaded delegation of access rights is also supported. The domain based authentication service uses symmetric cryptography and is implemented by replicated servers which maintain minimal state

Securing Body Sensor Networks: Sensor Association and Key Management

Accepted versio