Modelling and detecting the cascade vulnerability problem using soft constraints.pdfVIP

Modelling and Detecting the Cascade Vulnerability Problem using Soft Constraints Stefano Bistarelli Simon N. Foley and Barry O’Sullivan Dipartimento di Scienze Department of Computer Science Universita di Chieti-Pescara, Italy University College Cork ` Istituto di Informatica e Telematica, C.N.R. Ireland Pisa, Italy {s.foley,b.osullivan}@cs.ucc.ie stefano.bistarelli@iit.cnr.it ABSTRACT its security policy) if it is not possible for a subject to gain unauthorised access. Establishing network security is based not just on the se- curity of its component systems but also on how they are The composition of secure systems is not necessarily se- configured to interoperate. In this paper we consider how cure. A user may be able to gain unauthorised access to soft constraints provide an approach to detecting the cas- an object by taking a circuitous access route across indi- cade vulnerability problem: whether system interoperation vidually secure but interoperating systems [16, 15]1 . Deter- provides circuitous or cascading routes across the network mining security is based not just on the individual system that increase the risk of violation of multilevel security. Tak- authorisation mechanisms but also on how the systems ar