A soft constraint-based approach to the cascade vulnerability problem

Authors:
Stefano Bistarelli;Simon N. Foley;Barry O'Sullivan
Affiliations:
Istituto di Informatica e Telematica, CNR, Pisa, Italy and Dipartimento di Scienze, Universitá degli Studi "G. D'annunzio", Pescara, Italy;Department of Computer Science, University College Cork, Ireland;Cork Constraint Computation Centre, Department of Computer Science, University College Cork, Ireland
Venue:
Journal of Computer Security - Special issue on security track at ACM symposium on applied computing 2004
Year:
2005

Citing 17
Cited 1

Algorithms for constraint-satisfaction problems: a survey

AI Magazine
Possibilistic constraint satisfaction problems or “how to handle soft constraints?”

UAI '92 Proceedings of the eighth conference on Uncertainty in Artificial Intelligence
A shortest path network security model

Computers and Security
A filtering algorithm for constraints of difference in CSPs

AAAI '94 Proceedings of the twelfth national conference on Artificial intelligence (vol. 1)
A tight analysis of the greedy algorithm for set cover

STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Semiring-based constraint satisfaction and optimization

Journal of the ACM (JACM)
Conduit cascades and secure synchronization

Proceedings of the 2000 workshop on New security paradigms
Semiring-Based CSPs and Valued CSPs: Frameworks, Properties,and Comparison

Constraints
Analysis of Integrity Policies using Soft Constraints

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Towards Automated Negotiation of Access Control Policies

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Constraint Processing

Constraint Processing
The Complexity and Composability of Secure Interoperation

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Modeling and detecting the cascade vulnerability problem using soft constraints

Proceedings of the 2004 ACM symposium on Applied computing
Semirings for Soft Constraint Solving and Programming (LECTURE NOTES IN COMPUTER SCIENCE)

Semirings for Soft Constraint Solving and Programming (LECTURE NOTES IN COMPUTER SCIENCE)
Soft constraint programming to analysing security protocols

Theory and Practice of Logic Programming
Detecting and eliminating the cascade vulnerability problem from multilevel security networks using soft constraints

IAAI'04 Proceedings of the 16th conference on Innovative applications of artifical intelligence
Discovery of minimal unsatisfiable subsets of constraints using hitting set dualization

PADL'05 Proceedings of the 7th international conference on Practical Aspects of Declarative Languages

Semiring-Based Soft Constraints

Concurrency, Graphs and Models

Quantified Score

Hi-index	0.00

Visualization

Abstract

The security of a network configuration is based not just on the security of its individual components and their direct interconnections, but also on the potential for systems to interoperate indirectly across network routes. Such interoperation has been shown to provide the potential for cascading paths that violate security, in a circuitous manner, across a network. In this paper we show how constraint satisfaction provides a natural approach to expressing the necessary constraints to ensure multilevel security across a network configuration. In particular, soft constraints are used to detect and eliminate the cascading network paths that compromise security. Taking this approach results in practical advancements over existing solutions to this problem. In particular, constraint satisfaction highlights the set of all cascading paths, which we can eliminate in polynomial time by breaking a minimal number of system links to ensure security.