A shortest path network security model
Computers and Security
A filtering algorithm for constraints of difference in CSPs
AAAI '94 Proceedings of the twelfth national conference on Artificial intelligence (vol. 1)
Semiring-based constraint satisfaction and optimization
Journal of the ACM (JACM)
Conduit cascades and secure synchronization
Proceedings of the 2000 workshop on New security paradigms
Analysis of Integrity Policies using Soft Constraints
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Towards Automated Negotiation of Access Control Policies
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Constraint Processing
The Complexity and Composability of Secure Interoperation
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
A soft constraint-based approach to the cascade vulnerability problem
Journal of Computer Security - Special issue on security track at ACM symposium on applied computing 2004
Semiring-Based Soft Constraints
Concurrency, Graphs and Models
An overview of AI research in Italy
Artificial intelligence
Hi-index | 0.00 |
The security of a network configuration is based, not just on the security of its individual components and their direct interconnections, but it is also based on the potential for systems to interoperate indirectly across network routes. Such interoperation has been shown to provide the potential for cascading paths that violate security, in a circuitous manner, across a network. In this paper we show how constraint programming provides a natural approach to expressing the necessary constraints to ensure multilevel security across a network configuration. In particular, soft constraints are used to detect and eliminate the cascading network paths that violate security. Taking this approach results in practical advancements over existing solutions to this problem. In particular, constraint satisfaction highlights the set of all cascading paths, upon which we can compute in polynomial time an optimal reconfiguration of the network and ensure security.