摘要 |
<p>Adapting a security configuration of a data processing application at runtime, comprising: storing a causal network comprising a plurality of nodes and a plurality of incoming and outgoing causal links associated therewith, wherein the nodes of the causal network are associated with application variables and security concerns or requirements that can be affected by any configuration of the security controls; the current value of assets nodes, as well as those of the security concerns that can be affected by monitored contextual factors, are updated; the control nodes corresponding to the security controls are updated according to the security configuration whose utility is evaluated by the causal network; the node corresponding to the at least one variable is updated with the determined current value, which is propagated through the causal network through the causal links associated with the updated lode; the security configuration with the highest utility is selected and replaces the actual configuration by activating and/or deactivating the security functions corresponding to security control nodes enabled/disabled in the selected security configuration.</p> |