Normally, software development practices concentrate to take all security requirements into account at design-time. Nevertheless, today's software products are intended to be used in mobile, or alternatively, in embedded devices whose environment changes during the application's execution. These kinds of changes occur especially in applications used in smart spaces. This enforces to think security concerns more dynamically. Thus, software has to be aware of its 1) security level in each time, and 2) changes in its environment that can cause security threats. Based on this awareness, software has to change its security mechanisms to fulfil security requirements in the current context. A security measurement is a key factor of this awareness. This work presents a micro-architecture for security adaptation and taxonomy of context information affecting to information security in smart spaces. The security measurement is the essential part of the micro-architecture. In addition, taxonomy describes concepts that have to be monitored in the smart space environment.