A Survey on Self-Adaptive Security for Large-scale Open Environments

摘要

Contemporary software systems operate in heterogeneous, dynamic, and distributed environments, where security needs change at runtime. The security solutions for such systems need to be adaptive for the continuous satisfaction of the software systems' security goals. Whilst the existing research on self-adaptive security has made notable advancement towards designing and engineering self-adaptive security solutions, there exists little work on the taxonomic analysis of the architectures of the reported research and its applicability for open and ultra-large environments. We propose an architecture-centric taxonomy for mapping and comparing the current research and identifying the future research directions in this field. The proposed taxonomy has been used to review the representative work on the architectural characteristics that self-adaptive security systems must maintain for their effective application in large-scale open environments. We reflect on the findings from the taxonomic analysis and discuss the design principles, research challenges and limitations reported in the state of the art and practice. We outline the directions for the future research on architectural level support for self-adaptive security systems for large-scale open environments.