45 4.2.1 Discretionary Access Control (DAC), 46 4.2.2 Mandatory Access Control (MAC), p.46 ,
64 5.1.2, p.65 ,
76 5.4.4.1 Cluster Implementation Model, p.78 ,
81 5.6.1 Delegation Approach, Authorization Policy Enforcement, p.81 ,
102 7.1.2 Self-managed Enabling Trade-off between Multiple Concerns, p.102 ,
109 7.6.1 Autonomic Adaptation Policies, p.112 ,
117 8.1.1 Overview of Implementation Framework 117 8.1.2 VSK Architecture Overview, Control Plane Implementation, p.123 ,
124 8.2.1 Authorization Overheads of 124 8.2.2 Authorization Validation and Enforcement Overheads of VSK, Comparison with Microkernel, p.126 ,
127 8.2.5 Kernel Occupation Rate, VSK Qualitative Evaluation, p.129 ,
136 9.2.1 Platform Overview, p.137 ,
AutoMate: enabling autonomic applications on the grid, 2003 Autonomic Computing Workshop, pp.48-57, 2003. ,
DOI : 10.1109/ACW.2003.1210204
Towards Autonomic Enterprise Security: Self-Defending Platforms, Distributed Detection, and Adaptive Feedback, Intel Technology Journal, vol.10, issue.04, 2006. ,
DOI : 10.1535/itj.1004.04
Policy-based Management of Networked Computing Systems. Communication Magazine, IEEE, issue.10, pp.4369-75, 2005. ,
Putting together QoS and security in autonomic pervasive systems, Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks, Q2SWinet '10, 2010. ,
DOI : 10.1145/1868630.1868634
ASRBAC: A Security Administration Model for Mobile Autonomic Networks (MAutoNets) In Data Privacy Management and Autonomous Spontaneous Security, pp.163-177, 2010. ,
Security Kernel Design and Implementation: An Introduction, Computer, vol.16, issue.7, pp.14-22, 1983. ,
DOI : 10.1109/MC.1983.1654439
Fundamentals of Computer Security Technology, 1994. ,
XACML profile for role based access control (RBAC). OASIS Access Control TC committee, 2004. ,
Think: View-Based Support of Non-functional Properties in Embedded Systems, 2009 International Conference on Embedded Software and Systems, 2009. ,
DOI : 10.1109/ICESS.2009.30
An XACML-based privacy-centered access control system, Proceedings of the first ACM workshop on Information security governance, WISG '09, pp.49-58, 2009. ,
DOI : 10.1145/1655168.1655178
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.157.611
An Integrated Model for Access Control and Information Flow Requirements, Asian Computing Science Conference Focusing on Secure Software and Related Issues (ASIAN), 2007. ,
DOI : 10.1007/978-3-540-76929-3_12
Practical Domain and Type Enforcement for UNIX, Proceedings 1995 IEEE Symposium on Security and Privacy, p.66, 1995. ,
DOI : 10.1109/SECPRI.1995.398923
Xen and the Art of Virtualization, 9th ACM symposium on Operating Systems Principles, pp.164-177, 2003. ,
Module Hot Swapping for Dynamic Update and Reconfiguration in K42, 6th Linux Conference Au, 2005. ,
Secure Computer System Unified Exposition and Multics Interpretation, 1976. ,
TVDc, ACM SIGOPS Operating Systems Review, vol.42, issue.1, pp.40-47, 2008. ,
DOI : 10.1145/1341312.1341321
SPIN, Proceedings of the 6th workshop on ACM SIGOPS European workshop Matching operating systems to application needs, EW 6, 1994. ,
DOI : 10.1145/504390.504408
Extensibility Safety and Performance in the SPIN Operating System, 5th ACM Symporium on Operating Systems Principles, pp.267-283, 1995. ,
Integrity Considerations for Secure Computer System, 1977. ,
Introduction to Computer Security, 2004. ,
A Systematic Review and Comparison of Security Ontologies, 2008 Third International Conference on Availability, Reliability and Security, pp.813-820, 2008. ,
DOI : 10.1109/ARES.2008.33
Decentralized trust management, Proceedings 1996 IEEE Symposium on Security and Privacy, p.164, 1996. ,
DOI : 10.1109/SECPRI.1996.502679
Access Control and Declassification, COMPUTER NETWORK SECURITY Communications in Computer and Information Science, vol.1, pp.85-98, 2007. ,
DOI : 10.1007/978-3-540-73986-9_7
Auto-Home: A Framework for Autonomic Pervasive Applications, 2008. ,
Autonomic management policy specification in Tune, Proceedings of the 2008 ACM symposium on Applied computing , SAC '08, pp.1658-1663, 2008. ,
DOI : 10.1145/1363686.1364080
Measuring the Effectiveness of Self-Healing Autonomic Systems, Second International Conference on Autonomic Computing (ICAC'05), pp.328-329, 2005. ,
DOI : 10.1109/ICAC.2005.39
Engineering of component-based systems, Proceedings of ICECCS '96: 2nd IEEE International Conference on Engineering of Complex Computer Systems (held jointly with 6th CSESAW and 4th IEEE RTAW), pp.414-422, 1996. ,
DOI : 10.1109/ICECCS.1996.558485
The FRACTAL component model and its support in Java, Software: Practice and Experience Special Issue: Experiences with Auto-adaptive and Reconfigurable Systems, pp.1257-1284, 2006. ,
DOI : 10.1002/spe.767
Efficient Attributes for Anonymous Credentials, 15th ACM conference on Computer and Communications Security, pp.345-356, 2008. ,
DOI : 10.1145/1455770.1455814
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.400.7806
Autonomous adaptation to dynamic availability using a service-oriented component model, Proceedings. 26th International Conference on Software Engineering, pp.614-623, 2004. ,
DOI : 10.1109/ICSE.2004.1317483
Self-TUNe-ing of a J2EE Clustered Application, 2009 Sixth IEEE Conference and Workshops on Engineering of Autonomic and Autonomous Systems, pp.23-31, 2009. ,
DOI : 10.1109/EASe.2009.16
Rainbow Architecture-based Self-adaptation with Reusable Infrastructure, 1st International Conference on Autonomic Computing, pp.276-277, 2004. ,
Security in an autonomic computing environment, IBM Systems Journal, vol.42, issue.1, pp.107-118, 2003. ,
DOI : 10.1147/sj.421.0107
An architecture for dynamically extensible operating systems, Proceedings. Fourth International Conference on Configurable Distributed Systems (Cat. No.98EX159), p.145, 1998. ,
DOI : 10.1109/CDS.1998.675768
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.53.1772
Self-protection for Distributed Component-Based Applications, Stabilization, Safety, and Security of Distributed Systems, 2006. ,
DOI : 10.1007/978-3-540-49823-0_13
URL : https://hal.archives-ouvertes.fr/hal-00689149
Context Ontology for Secure Interoperability, 2008 Third International Conference on Availability, Reliability and Security, 2008. ,
DOI : 10.1109/ARES.2008.133
URL : https://hal.archives-ouvertes.fr/hal-00796516
DYMOS: A Dynamic Modification System, Symposium on High-level debugging, pp.201-202, 1983. ,
Generalized Role-Based Access Control for Securing Future Applications, National Information Systems Security Conference, 2000. ,
Securing context-aware applications using environment roles, Proceedings of the sixth ACM symposium on Access control models and technologies , SACMAT '01, pp.10-20, 2001. ,
DOI : 10.1145/373256.373258
Administrative scope and role hierarchy operations, Proceedings of the seventh ACM symposium on Access control models and technologies , SACMAT '02, pp.145-154, 2002. ,
DOI : 10.1145/507711.507736
Administrative scope, ACM Transactions on Information and System Security, vol.6, issue.2, pp.201-231, 2003. ,
DOI : 10.1145/762476.762478
Selecting appropriate counter-measures in an intrusion detection framework, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004., p.78, 2004. ,
DOI : 10.1109/CSFW.2004.1310733
AdOrBAC An Administration Model for Or-BAC, Computer Systems Science and Engineering, vol.19, 2004. ,
An Ontology-based Approach to React to Network Attacks, International Journal of Information and Computer Security, vol.3, issue.34, pp.280-305, 2009. ,
The Ponder Policy Specification Language, Workshop on Policies for Distributed Systems and Networks, 2001. ,
DOI : 10.1007/3-540-44569-2_2
Policy-based architecture to enable autonomic communications - a position paper, CCNC 2006. 2006 3rd IEEE Consumer Communications and Networking Conference, 2006., 2006. ,
DOI : 10.1109/CCNC.2006.1593092
The Intrusion Detection Message Exchange Format, 2006. ,
DOI : 10.17487/rfc4765
Enabling automated threat response through the use of a dynamic security policy, Journal in Computer Virology, vol.29, issue.2, pp.195-210, 2007. ,
DOI : 10.1007/s11416-007-0039-z
URL : https://hal.archives-ouvertes.fr/hal-00439845
Using Contextual Security Policies for Threat Response, 3rd International Conference on Detection of Intrusions and Malware Vulnerability Assessment, 2006. ,
DOI : 10.1007/11790754_7
Domain-specific languages, ACM SIGPLAN Notices, vol.35, issue.6, pp.26-36, 2000. ,
DOI : 10.1145/352029.352035
A survey of autonomic communications, ACM Transactions on Autonomous and Adaptive Systems, vol.1, issue.2, pp.223-259, 2006. ,
DOI : 10.1145/1186778.1186782
Run-time dynamic linking for reprogramming wireless sensor networks, Proceedings of the 4th international conference on Embedded networked sensor systems , SenSys '06, pp.15-28, 2006. ,
DOI : 10.1145/1182807.1182810
Labels and Event Processes in the Asbestos Operating System, 20th ACM Symposium on Operating Systems Principles, pp.17-30, 2005. ,
Exokernel: an Operating System Architecture for Application-level, 15th ACM Symposium Operating System Principles, pp.251-268, 1995. ,
Reconciling CMW Requirements with Those of X11Applications, 14th Annual National Computer Security Conference, 1991. ,
An Access Control System and Method, A Component-Based Kernel Including It, and Its Use. US Patent Application n 11, 2008. ,
Think: A Software Framework for Component-Based Operating System Kernels, USENIX Annual Technical Conference, pp.73-86, 2002. ,
Proposed NIST standard for role-based access control, ACM Transactions on Information and System Security, vol.4, issue.3, pp.224-274, 2001. ,
DOI : 10.1145/501978.501980
The Flux OSKit A Substrate for Kernel and Language Research, 16th ACM symposium on Operating systems principles, pp.38-51, 1997. ,
The dawning of the autonomic computing era, IBM Systems Journal, vol.42, issue.1, pp.5-18, 2003. ,
DOI : 10.1147/sj.421.0005
MIRAGE: A Management Tool for the Analysis and Deployment of Network Security Policies, 3rd International Workshop on Autonomous and Spontaneous Security, 2010. ,
DOI : 10.1109/2.485845
URL : https://hal.archives-ouvertes.fr/hal-00623634
Separating access control policy, enforcement, and functionality in extensible systems, ACM Transactions on Computer Systems, vol.19, issue.1, pp.36-70, 2001. ,
DOI : 10.1145/367742.367773
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.32.4879
Domain and Type Enforcement for Linux, 4th annual Linux Showcase Conference, pp.15-15, 2000. ,
Ubiquitous security for ubiquitous computing, Information Security Technical Report, vol.12, issue.3, pp.172-178, 2007. ,
DOI : 10.1016/j.istr.2007.05.002
An OS Architecture for Device Self-protection, 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems, 2009. ,
A Policy Management Framework for Selfprotection of Pervasive Systems, 6th International Conference on Autonomic and Autonomous Systems, pp.104-109, 2010. ,
Virtual Security Kernel: A Component-Based OS Architecture for Self-Protection, 2010 10th IEEE International Conference on Computer and Information Technology, 2010. ,
DOI : 10.1109/CIT.2010.160
MMLite, Proceedings of the 8th ACM SIGOPS European workshop on Support for composing distributed applications , EW 8, pp.96-103, 1998. ,
DOI : 10.1145/319195.319210
Self-managing systems: a control theory foundation, 29th Annual IEEE International Conference on Local Computer Networks, 2004. ,
DOI : 10.1109/LCN.2004.112
A survey of autonomic computing???degrees, models, and applications, ACM Computing Surveys, vol.40, issue.3, 2008. ,
DOI : 10.1145/1380584.1380585
The Future of Software: Adaptation and Dependability, Software Engineering, vol.116, issue.3, pp.1-31, 2009. ,
DOI : 10.1007/11663430_14
A logical language for expressing authorizations, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097), pp.31-42, 1997. ,
DOI : 10.1109/SECPRI.1997.601312
Organization based access control, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks, 2003. ,
DOI : 10.1109/POLICY.2003.1206966
URL : https://hal.archives-ouvertes.fr/hal-01483818
The vision of autonomic computing, Computer, vol.36, issue.1, pp.41-50, 2003. ,
DOI : 10.1109/MC.2003.1160055
An artificial intelligence perspective on autonomic computing policies, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004., pp.3-12, 2004. ,
DOI : 10.1109/POLICY.2004.1309145
Security Ontology for Annotating Resources, International Conference on Ontologies, Databases, and Application of Semantics (ODBASE), 2005. ,
DOI : 10.1007/11575801_34
CAmkES: A component model for secure microkernel-based embedded systems, Journal of Systems and Software, vol.80, issue.5, pp.687-699, 2006. ,
DOI : 10.1016/j.jss.2006.08.039
A component-based policy-neutral architecture for kernel-level access control, annals of telecommunications - annales des t??l??communications, vol.25, issue.4, pp.121-146, 2009. ,
DOI : 10.1007/s12243-008-0071-0
Evaluating Confidence in Context for Context-Aware Security, Ambient Intelligence, pp.211-229, 2007. ,
DOI : 10.1007/978-3-540-76652-0_13
Protection, ACM SIGOPS Operating Systems Review, vol.8, issue.1, pp.18-24, 1974. ,
DOI : 10.1145/775265.775268
A Flexible Attribute Based Access Control Method for Grid Computing, Journal of Grid Computing, vol.19, issue.2, pp.169-180, 2009. ,
DOI : 10.1007/s10723-008-9112-1
Capability- and Object-Based System Concepts, Capability-based Computer System, p.250, 1984. ,
DOI : 10.1016/B978-0-932376-22-0.50006-5
Policy Evolution with Grammatical Evolution, Simulated Evolution and Learning, pp.71-80, 2008. ,
DOI : 10.1007/3-540-36599-0_37
Non-discretionary Controls for Commercial Applications, IEEE Symposium on Security and Privacy, pp.2-10, 1982. ,
Hierarchical Model-based Autonomic Control of Software Systems, Workshop on the Design and Evolution of Autonomic Application Software, pp.1-7, 2005. ,
Optimizing Component-Based Embedded Software, 2009 33rd Annual IEEE International Computer Software and Applications Conference, pp.491-496, 2009. ,
DOI : 10.1109/COMPSAC.2009.181
URL : https://hal.archives-ouvertes.fr/hal-00670192
Integrating Flexible Support for Security Policies into the Linux Operating System, USENIX Annual Technical Conference, pp.29-42, 2001. ,
Guest Editors' Introduction: Autonomic Computing, IEEE Internet Computing, vol.11, issue.1, pp.18-21, 2007. ,
DOI : 10.1109/MIC.2007.11
When and how to develop domain-specific languages, ACM Computing Surveys, vol.37, issue.4, pp.316-344, 2005. ,
DOI : 10.1145/1118890.1118892
Service-Oriented Operating System: A Key Element in Improving Service Availability, 4th International Symposium on Service Availability, pp.31-42, 2007. ,
DOI : 10.1007/978-3-540-72736-1_4
Visibility of control in adaptive systems, Proceedings of the 2nd international workshop on Ultra-large-scale software-intensive systems , ULSSIS '08, pp.23-26, 2008. ,
DOI : 10.1145/1370700.1370707
Autonomic Computing Now You See It, Now You Don???t, Software Engineering/ Design and Evolution of Autonomic Software Science, pp.32-54, 2009. ,
DOI : 10.1145/310930.310984
Weaving Executability into Object-Oriented Meta-languages, 8th International Conference on Medel Driven Engineering Languages and Systems, pp.264-278, 2005. ,
DOI : 10.1007/11557432_19
URL : https://hal.archives-ouvertes.fr/hal-00795095
An effective role administration model using organization structure, ACM Transactions on Information and System Security, vol.9, issue.2, pp.113-137, 2006. ,
DOI : 10.1145/1151414.1151415
SRBAC: A Spatial Role-Based Access Control Model for Mobile Systems, 7th Nordic Workshop on Secure IT Systems, pp.129-141, 2003. ,
Configuring role-based access control to enforce mandatory and discretionary access control policies, ACM Transactions on Information and System Security, vol.3, issue.2, pp.85-106, 2000. ,
DOI : 10.1145/354876.354878
Towards usage control models: beyond traditional access control, Proceedings of the seventh ACM symposium on Access control models and technologies , SACMAT '02, pp.57-64, 2002. ,
DOI : 10.1145/507711.507722
Architecting reconfigurable component-based operating systems, Journal of Systems Architecture, vol.54, issue.6, 2008. ,
DOI : 10.1016/j.sysarc.2007.12.005
Self-organization in communication networks: principles and design paradigms, IEEE Communications Magazine, vol.43, issue.7, pp.78-85, 2005. ,
DOI : 10.1109/MCOM.2005.1470824
Protection dans les architectures de systmes flexibles, 2004. ,
Hey, You, Get Off of My Cloud Exploring Information Leakage in Third-Party Compute Clouds.pdf, 16th ACM conference on Computer and Communications Security, pp.199-212, 2009. ,
Autonomic Live Adaptation of Virtual Computational Environments in a Multi-Domain Infrastructure, 2006 IEEE International Conference on Autonomic Computing, pp.5-14, 2006. ,
DOI : 10.1109/ICAC.2006.1662376
The Qubes OS Architecture, 2010. ,
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor, 21st Annual Computer Security Applications Conference (ACSAC'05), pp.276-285, 2005. ,
DOI : 10.1109/CSAC.2005.13
Lattice-based access control models, Computer, vol.26, issue.11, pp.9-19, 1993. ,
DOI : 10.1109/2.241422
The ARBAC97 model for role-based administration of roles, ACM Transactions on Information and System Security, vol.2, issue.1, pp.105-135, 1999. ,
DOI : 10.1145/300830.300839
Role-based access control models, Computer, vol.29, issue.2, pp.38-47, 1996. ,
DOI : 10.1109/2.485845
A Software Framework for Autonomic Security in Pervasive Environments, Information System Security, pp.91-109, 2007. ,
DOI : 10.1007/978-3-540-77086-2_8
Trust and Reputation Policy-Based Mechanisms for Self-protection in Autonomic Communications, 6th Internation Confernece on Autonomic and Trusted Computing, pp.249-267, 2009. ,
DOI : 10.4135/9781452243610.n9
Trust and Reputation Poicy-based Mechanisms for Self-protection in Autonomic Communications, 6th International Conference on Autonomic and Trusted Computing, pp.249-267, 2009. ,
EROS, ACM SIGOPS Operating Systems Review, vol.33, issue.5, pp.170-185, 1999. ,
DOI : 10.1145/319344.319163
Policy-based access control in peer-to-peer grid systems, The 6th IEEE/ACM International Workshop on Grid Computing, 2005., pp.107-113, 2005. ,
DOI : 10.1109/GRID.2005.1542731
An Ontology for Network Security Attacks, 2nd Asian Applied Computing Conference, pp.317-323, 2004. ,
DOI : 10.1007/978-3-540-30176-9_41
Structuring the kernel as a toolkit of extensible, reusable components, Proceedings of International Workshop on Object Orientation in Operating Systems, pp.134-137, 1995. ,
DOI : 10.1109/IWOOS.1995.470567
An Overview of Virtual Machine Architectures, 2004. ,
The Flask Security Architecture System Support for Diverse Security Policies, 8th USENIX Security Symposium, pp.123-139, 1999. ,
Towards Formal Specification and Generation of Autonomic Policies, Embedded and Ubiquitous Computing, pp.1245-1254, 2005. ,
DOI : 10.1007/11596042_126
Policy-based Network Management: Solutions for the Next Generation, 2003. ,
The Design of a New Context-Aware Policy Model for Autonomic Networking, 2008 International Conference on Autonomic Computing, 2008. ,
DOI : 10.1109/ICAC.2008.36
Autonomic Management for Grid Applications, 16th Euromicro Conference on Parallel, Distributed and Network-Based Processing (PDP 2008), pp.79-86, 2008. ,
DOI : 10.1109/PDP.2008.39
Growing systems in emergent organizations, Communications of the ACM, vol.42, issue.8, pp.117-123, 1999. ,
DOI : 10.1145/310930.310984
Ponder2: A Policy System for Autonomous Pervasive Environments, 5th International Conference on Autonomic and Autonomous Systems, 2009. ,
Modeling Computer Attacks: An Ontology for Intrusion Detection, 6th International Symposium on Recent Advances in Intrusion Detection, pp.113-135, 2003. ,
DOI : 10.1007/978-3-540-45248-5_7
A State Transition Model for Policy Specification, 2009. ,
Wireless Sensor Network Security: A Survey, Security in Distributed, Grid, and Pervasive Computing, 2006. ,
WiFly: Experimenting with Wireless Sensor Networks and Virtual Coordinates, 2008. ,
URL : https://hal.archives-ouvertes.fr/inria-00263534
century, ACM SIGMOBILE Mobile Computing and Communications Review, vol.3, issue.3, pp.3-11, 1999. ,
DOI : 10.1145/329124.329126
An architectural approach to autonomic computing, International Conference on Autonomic Computing, 2004. Proceedings., 2004. ,
DOI : 10.1109/ICAC.2004.1301340
Agent-based software engineering, IEEE Proceedings on Software Engineering, pp.26-37, 1997. ,
DOI : 10.1049/ip-sen:19971026
Linux security modules: general security support for the linux kernel, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems], pp.17-31, 2002. ,
DOI : 10.1109/FITS.2003.1264934
Towards a VMM-based usage control framework for OS kernel integrity protection, Proceedings of the 12th ACM symposium on Access control models and technologies , SACMAT '07, pp.71-80, 2007. ,
DOI : 10.1145/1266840.1266852
A Framework for Policy-based Admission Control, International RFC, 2000. ,
DOI : 10.17487/rfc2753
Making information flow explicit in HiStar, 7th USENIX Symposium on Operating Systems Design and Implementation, p.19, 2006. ,
DOI : 10.1145/2018396.2018419
Dynamic context-aware access control for grid applications, Proceedings. First Latin American Web Congress, p.101, 2003. ,
DOI : 10.1109/GRID.2003.1261704