Peer-Reviewed Journal Details
Mandatory Fields
Bistarelli, S.a b , Foley, S.N.c , O'Sullivan, B.d
2005
Journal of Computer Security
A soft constraint-based approach to the cascade vulnerability problem
Validated
()
Optional Fields
13
5
699
720
The security of a network configuration is based not just on the security of its individual components and their direct interconnections, but also on the potential for systems to interoperate indirectly across network routes. Such interoperation has been shown to provide the potential for cascading paths that violate security, in a circuitous manner, across a network. In this paper we show how constraint satisfaction provides a natural approach to expressing the necessary constraints to ensure multilevel security across a network configuration. In particular, soft constraints are used to detect and eliminate the cascading network paths that compromise security. Taking this approach results in practical advancements over existing solutions to this problem. In particular, constraint satisfaction highlights the set of all cascading paths, which we can eliminate in polynomial time by breaking a minimal number of system links to ensure security. © 2005 - IOS Press and the authors. All rights reserved.
http://www.scopus.com/inward/record.url?eid=2-s2.0-28844454313&partnerID=40&md5=a54524558e7c9c8cef19f6b6188e6505
Grant Details