, 45 4.2.1 Discretionary Access Control (DAC), 46 4.2.2 Mandatory Access Control (MAC), p.46
, 64 5.1.2, p.65
, 76 5.4.4.1 Cluster Implementation Model, p.78
, 81 5.6.1 Delegation Approach, Authorization Policy Enforcement, p.81
, 102 7.1.2 Self-managed Enabling Trade-off between Multiple Concerns, p.102
, 109 7.6.1 Autonomic Adaptation Policies, p.112
, 117 8.1.1 Overview of Implementation Framework 117 8.1.2 VSK Architecture Overview, Control Plane Implementation, p.123
, 124 8.2.1 Authorization Overheads of 124 8.2.2 Authorization Validation and Enforcement Overheads of VSK, Comparison with Microkernel, p.126
, 127 8.2.5 Kernel Occupation Rate, VSK Qualitative Evaluation, p.129
, 136 9.2.1 Platform Overview, p.137
, AutoMate: enabling autonomic applications on the grid, 2003 Autonomic Computing Workshop, pp.48-57, 2003.
DOI : 10.1109/ACW.2003.1210204
, Towards Autonomic Enterprise Security: Self-Defending Platforms, Distributed Detection, and Adaptive Feedback, Intel Technology Journal, vol.10, issue.04, 2006.
DOI : 10.1535/itj.1004.04
, Policy-based Management of Networked Computing Systems. Communication Magazine, IEEE, issue.10, pp.4369-75, 2005.
, Putting together QoS and security in autonomic pervasive systems, Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks, Q2SWinet '10, 2010.
DOI : 10.1145/1868630.1868634
, ASRBAC: A Security Administration Model for Mobile Autonomic Networks (MAutoNets) In Data Privacy Management and Autonomous Spontaneous Security, pp.163-177, 2010.
, Security Kernel Design and Implementation: An Introduction, Computer, vol.16, issue.7, pp.14-22, 1983.
DOI : 10.1109/MC.1983.1654439
, Fundamentals of Computer Security Technology, 1994.
, XACML profile for role based access control (RBAC). OASIS Access Control TC committee, 2004.
, Think: View-Based Support of Non-functional Properties in Embedded Systems, 2009 International Conference on Embedded Software and Systems, 2009.
DOI : 10.1109/ICESS.2009.30
, An XACML-based privacy-centered access control system, Proceedings of the first ACM workshop on Information security governance, WISG '09, pp.49-58, 2009.
DOI : 10.1145/1655168.1655178
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.157.611
, An Integrated Model for Access Control and Information Flow Requirements, Asian Computing Science Conference Focusing on Secure Software and Related Issues (ASIAN), 2007.
DOI : 10.1007/978-3-540-76929-3_12
, Practical Domain and Type Enforcement for UNIX, Proceedings 1995 IEEE Symposium on Security and Privacy, p.66, 1995.
DOI : 10.1109/SECPRI.1995.398923
, Xen and the Art of Virtualization, 9th ACM symposium on Operating Systems Principles, pp.164-177, 2003.
, Module Hot Swapping for Dynamic Update and Reconfiguration in K42, 6th Linux Conference Au, 2005.
, Secure Computer System Unified Exposition and Multics Interpretation, 1976.
, TVDc, ACM SIGOPS Operating Systems Review, vol.42, issue.1, pp.40-47, 2008.
DOI : 10.1145/1341312.1341321
, SPIN, Proceedings of the 6th workshop on ACM SIGOPS European workshop Matching operating systems to application needs, EW 6, 1994.
DOI : 10.1145/504390.504408
, Extensibility Safety and Performance in the SPIN Operating System, 5th ACM Symporium on Operating Systems Principles, pp.267-283, 1995.
, Integrity Considerations for Secure Computer System, 1977.
, Introduction to Computer Security, 2004.
, A Systematic Review and Comparison of Security Ontologies, 2008 Third International Conference on Availability, Reliability and Security, pp.813-820, 2008.
DOI : 10.1109/ARES.2008.33
, Decentralized trust management, Proceedings 1996 IEEE Symposium on Security and Privacy, p.164, 1996.
DOI : 10.1109/SECPRI.1996.502679
, Access Control and Declassification, COMPUTER NETWORK SECURITY Communications in Computer and Information Science, vol.1, pp.85-98, 2007.
DOI : 10.1007/978-3-540-73986-9_7
, Auto-Home: A Framework for Autonomic Pervasive Applications, 2008.
, Autonomic management policy specification in Tune, Proceedings of the 2008 ACM symposium on Applied computing , SAC '08, pp.1658-1663, 2008.
DOI : 10.1145/1363686.1364080
, Measuring the Effectiveness of Self-Healing Autonomic Systems, Second International Conference on Autonomic Computing (ICAC'05), pp.328-329, 2005.
DOI : 10.1109/ICAC.2005.39
, Engineering of component-based systems, Proceedings of ICECCS '96: 2nd IEEE International Conference on Engineering of Complex Computer Systems (held jointly with 6th CSESAW and 4th IEEE RTAW), pp.414-422, 1996.
DOI : 10.1109/ICECCS.1996.558485
, The FRACTAL component model and its support in Java, Software: Practice and Experience Special Issue: Experiences with Auto-adaptive and Reconfigurable Systems, pp.1257-1284, 2006.
DOI : 10.1002/spe.767
, Efficient Attributes for Anonymous Credentials, 15th ACM conference on Computer and Communications Security, pp.345-356, 2008.
DOI : 10.1145/1455770.1455814
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.400.7806
, Autonomous adaptation to dynamic availability using a service-oriented component model, Proceedings. 26th International Conference on Software Engineering, pp.614-623, 2004.
DOI : 10.1109/ICSE.2004.1317483
, Self-TUNe-ing of a J2EE Clustered Application, 2009 Sixth IEEE Conference and Workshops on Engineering of Autonomic and Autonomous Systems, pp.23-31, 2009.
DOI : 10.1109/EASe.2009.16
, Rainbow Architecture-based Self-adaptation with Reusable Infrastructure, 1st International Conference on Autonomic Computing, pp.276-277, 2004.
, Security in an autonomic computing environment, IBM Systems Journal, vol.42, issue.1, pp.107-118, 2003.
DOI : 10.1147/sj.421.0107
, An architecture for dynamically extensible operating systems, Proceedings. Fourth International Conference on Configurable Distributed Systems (Cat. No.98EX159), p.145, 1998.
DOI : 10.1109/CDS.1998.675768
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.53.1772
, Self-protection for Distributed Component-Based Applications, Stabilization, Safety, and Security of Distributed Systems, 2006.
DOI : 10.1007/978-3-540-49823-0_13
URL : https://hal.archives-ouvertes.fr/hal-00689149
, Context Ontology for Secure Interoperability, 2008 Third International Conference on Availability, Reliability and Security, 2008.
DOI : 10.1109/ARES.2008.133
URL : https://hal.archives-ouvertes.fr/hal-00796516
, DYMOS: A Dynamic Modification System, Symposium on High-level debugging, pp.201-202, 1983.
, Generalized Role-Based Access Control for Securing Future Applications, National Information Systems Security Conference, 2000.
, Securing context-aware applications using environment roles, Proceedings of the sixth ACM symposium on Access control models and technologies , SACMAT '01, pp.10-20, 2001.
DOI : 10.1145/373256.373258
, Administrative scope and role hierarchy operations, Proceedings of the seventh ACM symposium on Access control models and technologies , SACMAT '02, pp.145-154, 2002.
DOI : 10.1145/507711.507736
, Administrative scope, ACM Transactions on Information and System Security, vol.6, issue.2, pp.201-231, 2003.
DOI : 10.1145/762476.762478
, Selecting appropriate counter-measures in an intrusion detection framework, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004., p.78, 2004.
DOI : 10.1109/CSFW.2004.1310733
, AdOrBAC An Administration Model for Or-BAC, Computer Systems Science and Engineering, vol.19, 2004.
, An Ontology-based Approach to React to Network Attacks, International Journal of Information and Computer Security, vol.3, issue.34, pp.280-305, 2009.
, The Ponder Policy Specification Language, Workshop on Policies for Distributed Systems and Networks, 2001.
DOI : 10.1007/3-540-44569-2_2
, Policy-based architecture to enable autonomic communications - a position paper, CCNC 2006. 2006 3rd IEEE Consumer Communications and Networking Conference, 2006., 2006.
DOI : 10.1109/CCNC.2006.1593092
, The Intrusion Detection Message Exchange Format, 2006.
DOI : 10.17487/rfc4765
, Enabling automated threat response through the use of a dynamic security policy, Journal in Computer Virology, vol.29, issue.2, pp.195-210, 2007.
DOI : 10.1007/s11416-007-0039-z
URL : https://hal.archives-ouvertes.fr/hal-00439845
, Using Contextual Security Policies for Threat Response, 3rd International Conference on Detection of Intrusions and Malware Vulnerability Assessment, 2006.
DOI : 10.1007/11790754_7
, Domain-specific languages, ACM SIGPLAN Notices, vol.35, issue.6, pp.26-36, 2000.
DOI : 10.1145/352029.352035
, A survey of autonomic communications, ACM Transactions on Autonomous and Adaptive Systems, vol.1, issue.2, pp.223-259, 2006.
DOI : 10.1145/1186778.1186782
, Run-time dynamic linking for reprogramming wireless sensor networks, Proceedings of the 4th international conference on Embedded networked sensor systems , SenSys '06, pp.15-28, 2006.
DOI : 10.1145/1182807.1182810
, Labels and Event Processes in the Asbestos Operating System, 20th ACM Symposium on Operating Systems Principles, pp.17-30, 2005.
, Exokernel: an Operating System Architecture for Application-level, 15th ACM Symposium Operating System Principles, pp.251-268, 1995.
, Reconciling CMW Requirements with Those of X11Applications, 14th Annual National Computer Security Conference, 1991.
, An Access Control System and Method, A Component-Based Kernel Including It, and Its Use. US Patent Application n 11, 2008.
, Think: A Software Framework for Component-Based Operating System Kernels, USENIX Annual Technical Conference, pp.73-86, 2002.
, Proposed NIST standard for role-based access control, ACM Transactions on Information and System Security, vol.4, issue.3, pp.224-274, 2001.
DOI : 10.1145/501978.501980
, The Flux OSKit A Substrate for Kernel and Language Research, 16th ACM symposium on Operating systems principles, pp.38-51, 1997.
, The dawning of the autonomic computing era, IBM Systems Journal, vol.42, issue.1, pp.5-18, 2003.
DOI : 10.1147/sj.421.0005
, MIRAGE: A Management Tool for the Analysis and Deployment of Network Security Policies, 3rd International Workshop on Autonomous and Spontaneous Security, 2010.
DOI : 10.1109/2.485845
URL : https://hal.archives-ouvertes.fr/hal-00623634
, Separating access control policy, enforcement, and functionality in extensible systems, ACM Transactions on Computer Systems, vol.19, issue.1, pp.36-70, 2001.
DOI : 10.1145/367742.367773
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.32.4879
, Domain and Type Enforcement for Linux, 4th annual Linux Showcase Conference, pp.15-15, 2000.
, Ubiquitous security for ubiquitous computing, Information Security Technical Report, vol.12, issue.3, pp.172-178, 2007.
DOI : 10.1016/j.istr.2007.05.002
, An OS Architecture for Device Self-protection, 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems, 2009.
, A Policy Management Framework for Selfprotection of Pervasive Systems, 6th International Conference on Autonomic and Autonomous Systems, pp.104-109, 2010.
, Virtual Security Kernel: A Component-Based OS Architecture for Self-Protection, 2010 10th IEEE International Conference on Computer and Information Technology, 2010.
DOI : 10.1109/CIT.2010.160
, MMLite, Proceedings of the 8th ACM SIGOPS European workshop on Support for composing distributed applications , EW 8, pp.96-103, 1998.
DOI : 10.1145/319195.319210
, Self-managing systems: a control theory foundation, 29th Annual IEEE International Conference on Local Computer Networks, 2004.
DOI : 10.1109/LCN.2004.112
, A survey of autonomic computing???degrees, models, and applications, ACM Computing Surveys, vol.40, issue.3, 2008.
DOI : 10.1145/1380584.1380585
, The Future of Software: Adaptation and Dependability, Software Engineering, vol.116, issue.3, pp.1-31, 2009.
DOI : 10.1007/11663430_14
, A logical language for expressing authorizations, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097), pp.31-42, 1997.
DOI : 10.1109/SECPRI.1997.601312
, Organization based access control, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks, 2003.
DOI : 10.1109/POLICY.2003.1206966
URL : https://hal.archives-ouvertes.fr/hal-01483818
, The vision of autonomic computing, Computer, vol.36, issue.1, pp.41-50, 2003.
DOI : 10.1109/MC.2003.1160055
, An artificial intelligence perspective on autonomic computing policies, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004., pp.3-12, 2004.
DOI : 10.1109/POLICY.2004.1309145
, Security Ontology for Annotating Resources, International Conference on Ontologies, Databases, and Application of Semantics (ODBASE), 2005.
DOI : 10.1007/11575801_34
, CAmkES: A component model for secure microkernel-based embedded systems, Journal of Systems and Software, vol.80, issue.5, pp.687-699, 2006.
DOI : 10.1016/j.jss.2006.08.039
, A component-based policy-neutral architecture for kernel-level access control, annals of telecommunications - annales des t??l??communications, vol.25, issue.4, pp.121-146, 2009.
DOI : 10.1007/s12243-008-0071-0
, Evaluating Confidence in Context for Context-Aware Security, Ambient Intelligence, pp.211-229, 2007.
DOI : 10.1007/978-3-540-76652-0_13
, Protection, ACM SIGOPS Operating Systems Review, vol.8, issue.1, pp.18-24, 1974.
DOI : 10.1145/775265.775268
, A Flexible Attribute Based Access Control Method for Grid Computing, Journal of Grid Computing, vol.19, issue.2, pp.169-180, 2009.
DOI : 10.1007/s10723-008-9112-1
, Capability- and Object-Based System Concepts, Capability-based Computer System, p.250, 1984.
DOI : 10.1016/B978-0-932376-22-0.50006-5
, Policy Evolution with Grammatical Evolution, Simulated Evolution and Learning, pp.71-80, 2008.
DOI : 10.1007/3-540-36599-0_37
, Non-discretionary Controls for Commercial Applications, IEEE Symposium on Security and Privacy, pp.2-10, 1982.
, Hierarchical Model-based Autonomic Control of Software Systems, Workshop on the Design and Evolution of Autonomic Application Software, pp.1-7, 2005.
, Optimizing Component-Based Embedded Software, 2009 33rd Annual IEEE International Computer Software and Applications Conference, pp.491-496, 2009.
DOI : 10.1109/COMPSAC.2009.181
URL : https://hal.archives-ouvertes.fr/hal-00670192
, Integrating Flexible Support for Security Policies into the Linux Operating System, USENIX Annual Technical Conference, pp.29-42, 2001.
, Guest Editors' Introduction: Autonomic Computing, IEEE Internet Computing, vol.11, issue.1, pp.18-21, 2007.
DOI : 10.1109/MIC.2007.11
, When and how to develop domain-specific languages, ACM Computing Surveys, vol.37, issue.4, pp.316-344, 2005.
DOI : 10.1145/1118890.1118892
, Service-Oriented Operating System: A Key Element in Improving Service Availability, 4th International Symposium on Service Availability, pp.31-42, 2007.
DOI : 10.1007/978-3-540-72736-1_4
, Visibility of control in adaptive systems, Proceedings of the 2nd international workshop on Ultra-large-scale software-intensive systems , ULSSIS '08, pp.23-26, 2008.
DOI : 10.1145/1370700.1370707
, Autonomic Computing Now You See It, Now You Don???t, Software Engineering/ Design and Evolution of Autonomic Software Science, pp.32-54, 2009.
DOI : 10.1145/310930.310984
, Weaving Executability into Object-Oriented Meta-languages, 8th International Conference on Medel Driven Engineering Languages and Systems, pp.264-278, 2005.
DOI : 10.1007/11557432_19
URL : https://hal.archives-ouvertes.fr/hal-00795095
, An effective role administration model using organization structure, ACM Transactions on Information and System Security, vol.9, issue.2, pp.113-137, 2006.
DOI : 10.1145/1151414.1151415
, SRBAC: A Spatial Role-Based Access Control Model for Mobile Systems, 7th Nordic Workshop on Secure IT Systems, pp.129-141, 2003.
, Configuring role-based access control to enforce mandatory and discretionary access control policies, ACM Transactions on Information and System Security, vol.3, issue.2, pp.85-106, 2000.
DOI : 10.1145/354876.354878
, Towards usage control models: beyond traditional access control, Proceedings of the seventh ACM symposium on Access control models and technologies , SACMAT '02, pp.57-64, 2002.
DOI : 10.1145/507711.507722
, Architecting reconfigurable component-based operating systems, Journal of Systems Architecture, vol.54, issue.6, 2008.
DOI : 10.1016/j.sysarc.2007.12.005
, Self-organization in communication networks: principles and design paradigms, IEEE Communications Magazine, vol.43, issue.7, pp.78-85, 2005.
DOI : 10.1109/MCOM.2005.1470824
, Protection dans les architectures de systmes flexibles, 2004.
, Hey, You, Get Off of My Cloud Exploring Information Leakage in Third-Party Compute Clouds.pdf, 16th ACM conference on Computer and Communications Security, pp.199-212, 2009.
, Autonomic Live Adaptation of Virtual Computational Environments in a Multi-Domain Infrastructure, 2006 IEEE International Conference on Autonomic Computing, pp.5-14, 2006.
DOI : 10.1109/ICAC.2006.1662376
, The Qubes OS Architecture, 2010.
, Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor, 21st Annual Computer Security Applications Conference (ACSAC'05), pp.276-285, 2005.
DOI : 10.1109/CSAC.2005.13
, Lattice-based access control models, Computer, vol.26, issue.11, pp.9-19, 1993.
DOI : 10.1109/2.241422
, The ARBAC97 model for role-based administration of roles, ACM Transactions on Information and System Security, vol.2, issue.1, pp.105-135, 1999.
DOI : 10.1145/300830.300839
, Role-based access control models, Computer, vol.29, issue.2, pp.38-47, 1996.
DOI : 10.1109/2.485845
, A Software Framework for Autonomic Security in Pervasive Environments, Information System Security, pp.91-109, 2007.
DOI : 10.1007/978-3-540-77086-2_8
, Trust and Reputation Policy-Based Mechanisms for Self-protection in Autonomic Communications, 6th Internation Confernece on Autonomic and Trusted Computing, pp.249-267, 2009.
DOI : 10.4135/9781452243610.n9
, Trust and Reputation Poicy-based Mechanisms for Self-protection in Autonomic Communications, 6th International Conference on Autonomic and Trusted Computing, pp.249-267, 2009.
, EROS, ACM SIGOPS Operating Systems Review, vol.33, issue.5, pp.170-185, 1999.
DOI : 10.1145/319344.319163
, Policy-based access control in peer-to-peer grid systems, The 6th IEEE/ACM International Workshop on Grid Computing, 2005., pp.107-113, 2005.
DOI : 10.1109/GRID.2005.1542731
, An Ontology for Network Security Attacks, 2nd Asian Applied Computing Conference, pp.317-323, 2004.
DOI : 10.1007/978-3-540-30176-9_41
, Structuring the kernel as a toolkit of extensible, reusable components, Proceedings of International Workshop on Object Orientation in Operating Systems, pp.134-137, 1995.
DOI : 10.1109/IWOOS.1995.470567
, An Overview of Virtual Machine Architectures, 2004.
, The Flask Security Architecture System Support for Diverse Security Policies, 8th USENIX Security Symposium, pp.123-139, 1999.
, Towards Formal Specification and Generation of Autonomic Policies, Embedded and Ubiquitous Computing, pp.1245-1254, 2005.
DOI : 10.1007/11596042_126
, Policy-based Network Management: Solutions for the Next Generation, 2003.
, The Design of a New Context-Aware Policy Model for Autonomic Networking, 2008 International Conference on Autonomic Computing, 2008.
DOI : 10.1109/ICAC.2008.36
, Autonomic Management for Grid Applications, 16th Euromicro Conference on Parallel, Distributed and Network-Based Processing (PDP 2008), pp.79-86, 2008.
DOI : 10.1109/PDP.2008.39
, Growing systems in emergent organizations, Communications of the ACM, vol.42, issue.8, pp.117-123, 1999.
DOI : 10.1145/310930.310984
, Ponder2: A Policy System for Autonomous Pervasive Environments, 5th International Conference on Autonomic and Autonomous Systems, 2009.
, Modeling Computer Attacks: An Ontology for Intrusion Detection, 6th International Symposium on Recent Advances in Intrusion Detection, pp.113-135, 2003.
DOI : 10.1007/978-3-540-45248-5_7
, A State Transition Model for Policy Specification, 2009.
, Wireless Sensor Network Security: A Survey, Security in Distributed, Grid, and Pervasive Computing, 2006.
, WiFly: Experimenting with Wireless Sensor Networks and Virtual Coordinates, 2008.
URL : https://hal.archives-ouvertes.fr/inria-00263534
, century, ACM SIGMOBILE Mobile Computing and Communications Review, vol.3, issue.3, pp.3-11, 1999.
DOI : 10.1145/329124.329126
, An architectural approach to autonomic computing, International Conference on Autonomic Computing, 2004. Proceedings., 2004.
DOI : 10.1109/ICAC.2004.1301340
, Agent-based software engineering, IEEE Proceedings on Software Engineering, pp.26-37, 1997.
DOI : 10.1049/ip-sen:19971026
, Linux security modules: general security support for the linux kernel, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems], pp.17-31, 2002.
DOI : 10.1109/FITS.2003.1264934
, Towards a VMM-based usage control framework for OS kernel integrity protection, Proceedings of the 12th ACM symposium on Access control models and technologies , SACMAT '07, pp.71-80, 2007.
DOI : 10.1145/1266840.1266852
, A Framework for Policy-based Admission Control, International RFC, 2000.
DOI : 10.17487/rfc2753
, Making information flow explicit in HiStar, 7th USENIX Symposium on Operating Systems Design and Implementation, p.19, 2006.
DOI : 10.1145/2018396.2018419
, Dynamic context-aware access control for grid applications, Proceedings. First Latin American Web Congress, p.101, 2003.
DOI : 10.1109/GRID.2003.1261704