Although highly promising to meet the challenges of pervasive network security, self-managed protection has been little addressed in this setting. This paper adopts a policy-based management approach to the problem, and presents a policy-driven security framework called ASPF. Enforced authorization policies in a device are adapted according to the security context, both at the network and device levels. ASPF describes how an autonomic security manager may control OS-level authorization mechanisms supporting multiple classes of policies. Evaluation of an ASPF implementation shows that the design is applicable for effective and yet flexible self-protection of pervasive systems.
展开▼