Partial constraint satisfaction
Artificial Intelligence - Special volume on constraint-based reasoning
Possibilistic constraint satisfaction problems or “how to handle soft constraints?”
UAI '92 Proceedings of the eighth conference on Uncertainty in Artificial Intelligence
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Semiring-based constraint satisfaction and optimization
Journal of the ACM (JACM)
Proceedings of the 1998 workshop on New security paradigms
Dependability: Basic Concepts and Terminology
Dependability: Basic Concepts and Terminology
Soft Concurrent Constraint Programming
ESOP '02 Proceedings of the 11th European Symposium on Programming Languages and Systems
Uncertainty in Constraint Satisfaction Problems: a Probalistic Approach
ECSQARU '93 Proceedings of the European Conference on Symbolic and Quantitative Approaches to Reasoning and Uncertainty
Analysis of Integrity Policies using Soft Constraints
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Semirings for Soft Constraint Solving and Programming (LECTURE NOTES IN COMPUTER SCIENCE)
Semirings for Soft Constraint Solving and Programming (LECTURE NOTES IN COMPUTER SCIENCE)
Soft constraint programming to analysing security protocols
Theory and Practice of Logic Programming
Constraint solving over semirings
IJCAI'95 Proceedings of the 14th international joint conference on Artificial intelligence - Volume 1
Valued constraint satisfaction problems: hard and easy problems
IJCAI'95 Proceedings of the 14th international joint conference on Artificial intelligence - Volume 1
A nonfunctional approach to system integrity
IEEE Journal on Selected Areas in Communications
On Relating and Integrating Two Trust Management Frameworks
Electronic Notes in Theoretical Computer Science (ENTCS)
A Uniform Framework for Security and Trust Modeling and Analysis with Crypto-CCS
Electronic Notes in Theoretical Computer Science (ENTCS)
Hi-index | 0.00 |
Integrity policies and cryptographic protocols have much in common. They allow for a number of participating principals, and consist of sets of rules controlling the actions that principals should or should not perform. They are intended to uphold various security properties, the crucial ones being integrity, confidentiality and authentication. This paper takes a unified view to the analysis of integrity policies and cryptographic protocols: they are artifacts that must be designed to be sufficiently robust to attack given an understood threat model. For example, integrity policy rules provide resilience to the threat of internal fraud, while cryptographic protocols provide resilience to the threat of replay and related attacks. The framework is modelled using (soft) constraints and analysis corresponds to the soft constraint satisfaction problem. Soft constraints facilitate a quantitative approach to analyzing integrity, confidentiality and authentication. Examples will be given: an integrity policy may achieve different levels of integrity under different circumstances; a protocol message may enjoy different levels of confidentiality for different principals; a principal can achieve different levels of authentication with different principals.