Ubiquitous computing systems are creating the potential of a smarter but more complex world. One way of managing this complexity is to develop adaptive systems that can react to changes in their operating environment. In such environments security is an important consideration because the assets, threats, attacks and vulnerabilities can all change at runtime. Adaptive security can help but it is important to have assurances about (a) Validation -
Will the system protect the assets from security threats? (Have we built the right system?); (b) Verification:
Has the system been correctly configured to protect the assets from security threats? (Have we built the system right?); and Explanation: Can we understand the behaviour of the adaptive security system?
2. Variable
Assets
Risks
Zero-day
Threat
Security
Control Failure
Security in a Smarter World
2
Threat
Asset
Adaptive Security:
Systems that continue to
satisfy their security
requirements when threats
and assets are uncertain /
changing.
Attack
Vulnerability
3. Validation, Verification & Explanation
● Validation:
Will the system protect the assets
from security threats?
(Have we built the right system?)
● Verification:
Has the system been correctly
configured to protect the assets from
security threats?
(Have we built the system right?)
● Explanation:
Can we understand the behaviour of
the adaptive security system?
Assurances for Adaptive Security
3
Nicholas Morant. National Film Board of Canada.
Photothèque. Library and Archives Canada, PA-112911
5. Adaptive Security – VV&E
● Validation: Is the system measuring
the right things to determine if a
security adaptation is needed and
deciding on the right security controls
to be deployed?
● Verification: Is the system
measuring things and making
decisions in the right way?
● Explanation: Can we understand
why we are measuring things and the
reasons for doing this in particular
way?
Security Metrics, Decision Making and Controls
5
9. Variable
Assets
Risks
Zero-day
Threat
Security
Control Failure
Security in a Smarter World
9
Threat
Asset
Adaptive Security:
Systems that continue to
satisfy their security
requirements when threats
and assets are uncertain /
changing.
Attack
Vulnerability
10. Final Thoughts
● Are there are specific issues for
validating, verifying and explaining
adaptive security systems?
● e.g., Assets, Threats, Attackers, Vulnerabilities
● Can we use decision analysis
techniques to determine the best
metrics and measurement methods
to drive adaptation?
● How do the runtime models need to
extended to support validation,
verification and explanation for
adaptive security?
Comments and Questions
10