A graph-theoretical model of computer security

We describe a model of computer security that applies results from the statistical properties of graphs to human-computer systems. The model attempts to determine a safe threshold of interconnectivity in a human-computer system by ad hoc network analyses. The results can be applied to physical networks, social networks and networks of clues in a forensic analysis. Access control, intrusions and social engineering can also be discussed as graph- and information-theoretical relationships. Groups of users and shared objects, such as files or conversations, provide communication channels for the spread of both authorized and unauthorized information. We present numerical criteria for measuring the security of such systems and algorithms for finding the vulnerable points.

[1]  P. Bonacich Power and Centrality: A Family of Measures , 1987, American Journal of Sociology.

[2]  Lawrence Snyder,et al.  Formal Models of Capability-Based Protection Systems , 1981, IEEE Transactions on Computers.

[3]  Michalis Faloutsos,et al.  On power-law relationships of the Internet topology , 1999, SIGCOMM '99.

[4]  Ming-Yang Kao,et al.  Data Security Equals Graph Connectivity , 1996, SIAM J. Discret. Math..

[5]  A. Barabasi,et al.  Scale-free characteristics of random networks: the topology of the world-wide web , 2000 .

[6]  FaloutsosMichalis,et al.  On power-law relationships of the Internet topology , 1999 .

[7]  Mark Burgess Analytical Network and System Administration: Managing Human-Computer Networks , 2004 .

[8]  Mark Burgess,et al.  Archipelago: A Network Security Analysis Tool , 2003, LISA.

[9]  George W. Dinolt,et al.  A Graph-Theoretic Formulation of Multilevel Secure Distributed Systems: An Overview , 1987, 1987 IEEE Symposium on Security and Privacy.

[10]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[11]  Albert,et al.  Emergence of scaling in random networks , 1999, Science.

[12]  Albert-László Barabási,et al.  Statistical mechanics of complex networks , 2001, ArXiv.

[13]  Albert-László Barabási,et al.  Internet: Diameter of the World-Wide Web , 1999, Nature.

[14]  Louise E. Moser,et al.  Graph Homomorphisms and the Design of Secure Computer Systems , 1987, 1987 IEEE Symposium on Security and Privacy.

[15]  Lada A. Adamic,et al.  Internet: Growth dynamics of the World-Wide Web , 1999, Nature.

[16]  Bruce A. Reed,et al.  The Size of the Giant Component of a Random Graph with a Given Degree Sequence , 1998, Combinatorics, Probability and Computing.

[17]  Geoffrey Canright,et al.  Roles in networks , 2004, Sci. Comput. Program..

[18]  M. Newman,et al.  Random graphs with arbitrary degree distributions and their applications. , 2000, Physical review. E, Statistical, nonlinear, and soft matter physics.

[19]  Mark Burgess,et al.  Theoretical System Administration , 2000, LISA.