Hong Xiang

Semantic Web-based policy interaction detection method with rules in smart home for detecting interactions among user policies

The emerging technologies such as the Internet-of-Things, sensors, communication networks, have been or will be introduced to conventional domotics to provide a wide variety of smart home services to facilitate the household appliances or home cares and improve the lifestyles of people. Currently, smart home system are integrated with different features from product line and equipped with various sensors and actuators to meet the requirements of house occupants by specifying their customised user policies. However, the introduction of features and policies may result in undesired behaviours, and this effect is known as feature interactions. In this study, the authors proposed a Semantic Web-based policy interaction detection method with rules to model smart home services and policies with the aids of ontological analysis in the smart home domain, so as to construct a semantic context for inferring the interaction of policies. The authors focus their work on user policies interaction, which are detected by using the Semantic Web rule language in semantic context. The approach is successfully applied to the smart home system and is able to detect 90 interactions among 32 user policies by automated reasoning with tools support as Protege and Jess.

Semantic modelling and automated reasoning of non-functional requirement conflicts in the context of softgoal interdependencies

Non-functional requirements (NFRs) address important issues in software systems, and are vital in successful software. The NFR problems in a system reflect the complexity of that system. Ideally, NFRs are systematically investigated to determine the aspects that may be harmonious or cause conflicts so that conflicts should be detected as early as possible. The work aims to extend the scopes of the NFRs framework and softgoal interdependency graph (SIG) for modelling and analysing NFRs. A formal ontological approach to modelling NFR interactions is proposed, and a core NFR ontology is developed in the ontology web language. The mechanisms involved in NFR interactions with SIG models (through interdependencies in the softgoals) are investigated and formalised. The NFRs are first analyses using a semantic modelling process to provide evaluation criteria. Next, correlation rules for implicit softgoal interdependencies are proposed from knowledge of the domain, and rules for indirect semantic correlations are proposed by extending the delta evaluation method. Reasonable rules in the semantic web environment are defined to allow conflicts between NFRs in SIG instance models to be detected and analysed. A concepts proof is performed to illustrate tool support of the proposed method, and validate the rules for conflict detection.

Protection profile for the smartphone operating system

With the development of communication industry, the smartphone plays a more important role in people’s lives, providing a rich functionality with a variety of operating system platforms (such as: Symbian, Windows Mobile, Android, etc.). However, since the internet becomes increasingly complex and changeable brought by the cyber threats and vulnerabilities, more and more manufacturers focus on the security evaluation of smartphone operating system to make their product more secure. At present, the international security assessment criteria of information product is the common criteria (CC), which is the foundation of the protection profile (PP) and can provide function requirements and assurance requirements as the basis for security evaluation. In view of this fact, this paper researches the security mechanisms and analyses the risk factors in different smartphone operating systems. Then, this paper determines the security objectives and security requirements used for the common smartphone operating syste...

Approaches to access control policy comparison and the inter-domain role mapping problem

The requirement to develop an organization makes collaboration with other organizations necessary, so the organizations can share resources to perform common tasks. Different organizational domains use different access control models to protect their resources from unauthorized access. Organizational collaboration is an important goal for distributed computing paradigms, but policy inconsistencies between domains will cause problems in a collaboration model that add to the problems involved in constructing the collaboration model itself. These problems provide the two challenges that motivate the research presented here: (1) the construction of a collaboration model across multiple domains protected by different access control models; and (2) ensuring that the access control policy used by a participating domain contains no inconsistencies. We also present our new approach to solving the inter-domain role mapping (IDRM) problem, i.e., to determine the minimal role set that covers requested permissions from a collaborating domain. We also analyse our algorithms, present the results of our tests, and compare our results with the results of existing approaches. DOI: http://dx.doi.org/10.5755/j01.itc.45.3.13187

Improving the Quality of Software Development Process by Introducing a New Methodology–AZ-Model

Quality is the most important factor for software development as it mainly defines customer satisfaction that is directly related to the success of a software project. The software process model is used to ensure software quality, represent a variety of task settings, manage project duration, improve the process and range to execute the process understanding, and to appropriate implicit conjecture for all task settings. Several software processes models exist in software albeit with limited scope. Given this viewpoint, this paper presents a new software development life cycle model, “AZ-Model,” for software development by introducing new activities during software development life cycle. It overcomes the limitations of traditional models and significantly impacts the production of a quality product in a time-box. This paper also presents a comprehensive comparative study and statistical analyses to examine the significance of AZ–Model for software development.