Towards Self-Adaptive Security for Pervasive Computing Architectures
Staff - Faculty of Informatics
You are cordially invited to attend the PhD Dissertation Defense of Antonio TADDEO on Thursday, May 26th 2011 at 11h00 in room 351 (Main building)
The latest evolutions of pervasive systems exploit sensing and communication capabilities to enable context-aware and self-adaptation capabilities. These capabilities, in turn, allow using pervasive systems in a variety of applicative scenarios.
Adaptation capabilities introduce also new challenges related to security provisioning: any security solution should here operate within an open and dynamic environment, be highly flexible and allow real-time configuration; all these characteristics are certainly not typical of the classical security design approaches. To enforce security, additional computational resources are required; on the other hand, pervasive systems pose strict limitations on power consumption and, thus, on computational resources and on their use.
For this reason, in my thesis the concept of self-adaptive security is introduced: enforcing security requires exploiting the self-adaptive capability of future pervasive systems in order to increase the efficiency in the use of resources (e.g., energy, memory, etc.) while providing an adequate level of protection. Further, an adaptive security approach is capable of responding to any permanent or transient security requirements of the operating environment.
Goal of this dissertation is to provide new design principles, methods and mechanisms for introducing innovative self-adaptive approaches to security of future pervasive systems: to this end, optimization of both network protocols and use of their cryptographic algorithms will be introduced.
In particular, I focused my research on the problem of supporting the selection of the most suitable security solutions for a given operating environment, taking into account constraints on available resources and applications requirements.
To achieve this goal, an appropriate run-time trade-off between security provided, performances, and power consumption is here proposed.
More specifically, in my thesis I analyze and propose solutions for self-adaptive security both at architecture level and network level. At the architecture level, I propose a model for system security self-adaptivity and implement it by developing two different adaptation mechanisms, namely: gradual adaptation of security; and coordinated management of quality of service and security.
Concerning network level self-adaptive security, my contribution is twofold: I describe a protocol to deal with dynamic negotiation of security services for protecting communications between two nodes of a wireless network; and I propose a network protocol for evaluating the trustworthiness of such nodes in a decentralized manner, based on their behavior and on peer recommendations, thus providing a protection mechanism against malicious nodes.
- Prof. Mariagiovanna Sami, Politecnico di Milano, Italy (Research Advisor)
- Prof. Laura Pozzi, Università della Svizzera italiana, Switzerland (Research Co-Advisor)
- Prof. Luca Maria Gambardella, Istituto Dalle Molle di Studi sull'Intelligenza Artificiale, Switzerland (Internal Member)
- Dr. Peter Mueller, IBM Zurich Research Laboratory, Switzerland (External Member)
- Prof. Pierangela Samarati, Università degli Studi di Milano, Italy (External Member)