TY - STD TI - Andersson J, de Lemos R, Malek S, Weyns D. Modeling dimensions of self-adaptive software systems In: Cheng BH, de Lemos R, Giese H, Inverardi P, Magee J, editors. Software Engineering for Self-Adaptive Systems. chap 2. Berlin: Springer-Verlag: 2009. p. 27–47. https://doi.org/10.1007/978-3-642-02161-9_2. http://dx.doi.org/10.1007/978-3-642-02161-9_2. UR - http://dx.doi.org/10.1007/978-3-642-02161-9_2 ID - ref1 ER - TY - STD TI - Bailey C, Chadwick DW, de Lemos R. Self-adaptive federated authorization infrastructures. J Comput Syst Sci. 2014; 80(5):935–52. http://dx.doi.org/10.1016/j.jcss.2014.02.003. http://www.sciencedirect.com/science/article/pii/S0022000014000154. UR - http://www.sciencedirect.com/science/article/pii/S0022000014000154 ID - ref2 ER - TY - STD TI - Bailey C, Montrieux L, de Lemos R, Yu Y, Wermelinger M. Run-time generation, transformation, and verification of access control models for self-protection. In: Proceedings of the 9th International Symposium on Software Engineering for Adaptive and Self-Managing Systems. SEAMS. New York: ACM: 2014. p. 135–144. https://doi.org/10.1145/2593929.2593945. http://doi.acm.org/10.1145/2593929.2593945. UR - http://doi.acm.org/10.1145/2593929.2593945 ID - ref3 ER - TY - STD TI - Brun Y, Marzo Serugendo G, Gacek C, Giese H, Kienle H, Litoiu M, Müller H, Pezzè M, Shaw M. Engineering self-adaptive systems through feedback loops In: Cheng BH, de Lemos R, Giese H, Inverardi P, Magee J, editors. Software Engineering for Self-Adaptive Systems, Lecture Notes in Computer Science, vol 5525. Berlin: Springer-Verlag: 2009. p. 48–70. https://doi.org/10.1007/978-3-642-02161-9_3. http://dx.doi.org/10.1007/978-3-642-02161-9_3. UR - http://dx.doi.org/10.1007/978-3-642-02161-9_3 ID - ref4 ER - TY - STD TI - Cappelli DM, Moore AP, Trzeciak RF. The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crime, 1st ed. Addison-Wesley Professional; 2012. ID - ref5 ER - TY - STD TI - Chadwick DW. Federated Identity Management. In: Foundations of Security Analysis and Design V, Lecture Notes in Computer Science, vol 5705. Berlin: Springer: 2009. p. 96–120. https://doi.org/10.1007/978-3-642-03829-7_3. ID - ref6 ER - TY - STD TI - Chadwick DW, et al.PERMIS: A Modular Authorization Infrastructure. Concurr Comput : Pract Exper. 2008; 20(11):1341–57. https://doi.org/10.1002/cpe.v20:11. http://dx.doi.org/10.1002/cpe.v20:11. UR - http://dx.doi.org/10.1002/cpe.v20:11 ID - ref7 ER - TY - STD TI - Cheng PC, Rohatgi P, Keser C, Karger PA, Wagner GM, Reninger AS. Fuzzy multi-level security: An experiment on quantified risk-adaptive access control. In: IEEE Symposium on Security and Privacy (SP ’07): 2007. p. 222–230. https://doi.org/10.1109/SP.2007.21. ID - ref8 ER - TY - STD TI - Clercq JD. Single Sign-On Architectures. London: Springer-Verlag; 2002. pp. 40–58. http://dl.acm.org/citation.cfm?id=647333.722879. UR - http://dl.acm.org/citation.cfm?id=647333.722879 ID - ref9 ER - TY - BOOK AU - Cole, D. E. PY - 2015 DA - 2015// TI - Insider threats and the need fot fast and directed responde PB - SANS Institute InfoSec Reading Room CY - Tech. rep. ID - Cole2015 ER - TY - STD TI - Colwill C. Human factors in information security: The insider threat - who can you trust these days?. Inf Secur Tech Rep. 2009; 14(4):186–96. https://doi.org/10.1016/j.istr.2010.04.004. ID - ref11 ER - TY - STD TI - Dou Z, Khalil I, Khreishah A, Al-Fuqaha A. Robust insider attacks countermeasure for hadoop: Design and implementation. IEEE Syst J. 2018; 12(2):1874–85. https://doi.org/10.1109/JSYST.2017.2669908. ID - ref12 ER - TY - STD TI - Duncan A, Creese S, Goldsmith M. Insider Attacks in Cloud Computing. In: Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on: 2012. p. 857–862. https://doi.org/10.1109/TrustCom.2012.188. ID - ref13 ER - TY - STD TI - Duncan A, et al. Cloud Computing: Insider Attacks on Virtual Machines during Migration. In: Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on: 2013. p. 493–500. https://doi.org/10.1109/TrustCom.2013.62. ID - ref14 ER - TY - STD TI - Feng W, Yan W, Wu S, Liu N. Wavelet transform and unsupervised machine learning to detect insider threat on cloud file-sharing. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI): 2017. p. 155–157. https://doi.org/10.1109/ISI.2017.8004896. ID - ref15 ER - TY - STD TI - Garkoti G, Peddoju S, Balasubramanian R. Detection of Insider Attacks in Cloud Based e-Healthcare Environment. In: Information Technology (ICIT), 2014 International Conference on: 2014. p. 195–200. https://doi.org/10.1109/ICIT.2014.43. ID - ref16 ER - TY - STD TI - Garlan D, Cheng SW, Huang AC, Schmerl B, Steenkiste P. Rainbow: Architecture-based self-adaptation with reusable infrastructure. Computer. 2004; 37(10):46–54. https://doi.org/10.1109/MC.2004.175. http://dx.doi.org/10.1109/MC.2004.175. UR - http://dx.doi.org/10.1109/MC.2004.175 ID - ref17 ER - TY - STD TI - George Silowash AM, Cappelli D, et al.Common sense guide to mitigating insider threats. Tech. rep. CERT Carnegie Mellon; 2012. ID - ref18 ER - TY - BOOK AU - Hu, V. C. PY - 2014 DA - 2014// TI - SP 800-162. Guide to Attribute Based Access Control (ABAC) Definitions and Considerations. Tech. rep., National Institute of Standards and Technology PB - McLean and Clifton CY - VA ID - Hu2014 ER - TY - STD TI - Kephart JO, Chess DM. The Vision of Autonomic Computing. IEEE Comput. 2003; 36(1):41–50. http://dx.doi.org/10.1109/MC.2003.1160055. UR - http://dx.doi.org/10.1109/MC.2003.1160055 ID - ref20 ER - TY - STD TI - de Lemos R, Giese H, Müller H, Shaw M, Andersson J, Litoiu M, Schmerl B, Tamura G, Villegas N, Vogel T, Weyns D, Baresi L, Becker B, Bencomo N, Brun Y, Cukic B, Desmarais R, Dustdar S, Engels G, Geihs K, GÃÂűschka K, Gorla A, Grassi V, Inverardi P, Karsai G, Kramer J, Lopes A, Magee J, Malek S, Mankovskii S, Mirandola R, Mylopoulos J, Nierstrasz O, Pezza M, Prehofer C, Schafer W, Schlichting R, Smith D, Sousa J, Tahvildari L, Wong K, Wuttke J. Software engineering for self-adaptive systems: A second research roadmap In: de Lemos R, Giese H, Müller H, Shaw M, editors. Software Engineering for Self-Adaptive Systems II, Lecture Notes in Computer Science, vol 7475. Berlin: Springer: 2013. p. 1–32. https://doi.org/10.1007/978-3-642-35813-5_1. ID - ref21 ER - TY - BOOK AU - McGraw, R. W. PY - 2009 DA - 2009// TI - Risk adaptable access control(radac). Tech. rep. National Institute of Standards and Technology PB - McLean and Clifton CY - VA ID - McGraw2009 ER - TY - BOOK AU - Mell, P. M. AU - Grance, T. PY - 2011 DA - 2011// TI - SP 800-145. The NIST Definition of Cloud Computing. Tech. rep., National Institute of Standards and Technology PB - Gaithersburg CY - MD ID - Mell2011 ER - TY - STD TI - Pasquale L, et al. SecuriTAS: A Tool for Engineering Adaptive Security. In: Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering. FSE ’12. New York: ACM: 2012. p. 19:1–19:4. https://doi.org/10.1145/2393596.2393618. http://doi.acm.org/10.1145/2393596.2393618. UR - http://doi.acm.org/10.1145/2393596.2393618 ID - ref24 ER - TY - STD TI - Qussai Y, Qutaibah A, Brajendra P, Yaser J. Mitigating insider threat in cloud relational databases. Secur Commun Netw. 2016; 9(10):1132–45. https://doi.org/10.1002/sec.1405. ID - ref25 ER - TY - STD TI - Sandhu RS, et al.Role-Based Access Control Models. Computer. 1996; 29(2):38–47. https://doi.org/10.1109/2.485845. http://dx.doi.org/10.1109/2.485845. UR - http://dx.doi.org/10.1109/2.485845 ID - ref26 ER - TY - STD TI - Schmerl B, et al.Architecture-based Self-protection: Composing and Reasoning About Denial-of-service Mitigations. In: Proceedings of the 2014 Symposium and Bootcamp on the Science of Security. HotSoS ’14. New York: ACM: 2014. p. 2:1–2:12. https://doi.org/10.1145/2600176.2600181. http://doi.acm.org/10.1145/2600176.2600181. UR - http://doi.acm.org/10.1145/2600176.2600181 ID - ref27 ER - TY - STD TI - Schultz E. A framework for understanding and predicting insider attacks. Comput Secur. 2002; 21(6):526–31. https://doi.org/10.1016/S0167-4048(02)01009-X. ID - ref28 ER - TY - JOUR AU - Shaikh, R. A. AU - Adi, K. AU - Logrippo, L. PY - 2012 DA - 2012// TI - Dynamic risk-based decision methods for access control systems JO - Comput Secur VL - 31 UR - https://doi.org/10.1016/j.cose.2012.02.006 DO - 10.1016/j.cose.2012.02.006 ID - Shaikh2012 ER - TY - STD TI - Stolfo S, Salem M, Keromytis A. Fog Computing: Mitigating Insider Data Theft Attacks in the Cloud. In: Security and Privacy Workshops (SPW), 2012 IEEE Symposium on: 2012. p. 125–128. https://doi.org/10.1109/SPW.2012.19. ID - ref30 ER - TY - STD TI - Tanzim KM, Shawkat AABM, A WS. Classifying different denial-of-service attacks in cloud computing using rule-based learning. Secur Commun Netw. 2012; 5(11):1235–47. https://doi.org/10.1002/sec.621. ID - ref31 ER - TY - STD TI - Yuan E, Esfahani N, Malek S. A systematic survey of self-protecting software systems. ACM Trans Auton Adapt Syst. 2014; 8(4):17:1–41. https://doi.org/10.1145/2555611. http://doi.acm.org/10.1145/2555611. UR - http://doi.acm.org/10.1145/2555611 ID - ref32 ER -