Pervasive computing applications involve information flowacross multiple organizations. Thus, any security breach in an applicationcan have far-reaching consequences. However, effective security mecha-nisms can be quite different from those typically deployed in conventionalapplications since these mechanisms are constrained by various factorsin a pervasive environment. In this paper, we propose a methodology toperform a cost-benefit analysis under such circumstances. Our approachis based on the formulation of a set of constrained multi-objective op-timization problems to minimize the residual damage and the cost ofsecurity provisioning. We propose the use of workflow profiles to capturethe contexts in which a communication channel is used in a pervasiveenvironment. This is used to minimize the cost that the underlying busi-ness entity will have to incur in order to keep the workflow secure andrunning.
展开▼
