A Unified Framework for the Analysis of Availability, Reliability and Security, With Applications to Quantum Networks

Major goals of system security comprise confidentiality, integrity, availability, authenticity, and reliability. All of these have seen comprehensive treatment, yielding a vast collection of solutions. Information-theoretic security regarding confidentiality has seen considerable progress recently with the development of commercial quantum cryptographic devices. Solutions for perfectly secure authentication have been around much longer. Achieving perfect security, high availability and reliability, calls for combinations of various approaches. In this study, we propose a simple and uniform framework for the assessment of security, availability, and reliability that arbitrary compositions of security measures can provide. Our methodology facilitates system modeling in a decision-theoretic manner, which makes the models easily understandable even for specialists from fields other than security. At the same time, the models allow for strong assertions and for simple characterizations of the achievable security and safety in a system. We demonstrate the applicability of our results using quantum networks as an example.

[1]  Hai Xu,et al.  A Quantum Network Manager that Supports a One-Time Pad Stream , 2008, Second International Conference on Quantum, Nano and Micro Technologies (ICQNM 2008).

[2]  Radu Marculescu,et al.  Quantum-Like Effects in Network-on-Chip Buffers Behavior , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[3]  K. Srinathan,et al.  On perfectly secure communication over arbitrary networks , 2002, PODC '02.

[4]  Karen A. Scarfone,et al.  A Complete Guide to the Common Vulnerability Scoring System Version 2.0 | NIST , 2007 .

[5]  L M Adleman,et al.  Molecular computation of solutions to combinatorial problems. , 1994, Science.

[6]  Siv Hilde Houmb,et al.  Estimating ToE Risk Level Using CVSS , 2009, 2009 International Conference on Availability, Reliability and Security.

[7]  J. Nash,et al.  NON-COOPERATIVE GAMES , 1951, Classics in Game Theory.

[8]  V. Scarani,et al.  Device-independent security of quantum cryptography against collective attacks. , 2007, Physical review letters.

[9]  Ekert,et al.  Quantum cryptography based on Bell's theorem. , 1991, Physical review letters.

[10]  W. Hoeffding Probability Inequalities for sums of Bounded Random Variables , 1963 .

[11]  Barry O'Sullivan,et al.  Multilevel Security and Quality of Protection , 2006, Quality of Protection.

[12]  Christian P. Robert,et al.  The Bayesian choice , 1994 .

[13]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[14]  Sushil Jajodia,et al.  Topological analysis of network attack vulnerability , 2006, PST.

[15]  Andrew Chi-Chih Yao,et al.  Quantum cryptography with imperfect apparatus , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[16]  Marco Gilli,et al.  Basic concepts of quantum systems versus classical networks , 2004, Int. J. Circuit Theory Appl..

[17]  I. Glicksberg A FURTHER GENERALIZATION OF THE KAKUTANI FIXED POINT THEOREM, WITH APPLICATION TO NASH EQUILIBRIUM POINTS , 1952 .

[18]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[19]  C. Elliott The DARPA Quantum Network , 2004, quant-ph/0412029.

[20]  Yongge Wang,et al.  Perfectly Secure Message Transmission Revisited , 2008, IEEE Trans. Inf. Theory.

[21]  H. Kimble,et al.  Functional Quantum Nodes for Entanglement Distribution over Scalable Quantum Networks , 2007, Science.

[22]  C. Elliott Building the quantum network* , 2002 .

[23]  Marco Gilli,et al.  Basic concepts of quantum systems versus classical networks: Research Articles , 2004 .

[24]  Tsan-Sheng Hsu,et al.  Graph augmentation and related problems: theory and practice , 1993 .

[25]  Hu Hanping,et al.  Network security transmission based on bimatrix game theory , 2008, Wuhan University Journal of Natural Sciences.

[26]  Gary Chartrand,et al.  Introduction to Graph Theory , 2004 .

[27]  Lo,et al.  Unconditional security of quantum key distribution over arbitrarily long distances , 1999, Science.

[28]  M. Fiedler Algebraic connectivity of graphs , 1973 .

[29]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[30]  Chip Elliott,et al.  Current status of the DARPA quantum network (Invited Paper) , 2005, SPIE Defense + Commercial Sensing.

[31]  Tom Caddy,et al.  Common Criteria , 2005, Encyclopedia of Cryptography and Security.

[32]  Peter Schartner,et al.  Game-Theoretic Security Analysis of Quantum Networks , 2009, 2009 Third International Conference on Quantum, Nano and Micro Technologies.

[33]  Salim Hariri,et al.  Impact Analysis of Faults and Attacks in Large-Scale Networks , 2003, IEEE Secur. Priv..

[34]  A. H. de Sousa,et al.  Monitoring, Controlling and Configuring a Wireless Household-Electric Network through LabVIEW Remote Virtual Interface. , 2007 .

[35]  Mehrdad Dianati,et al.  Transport Layer Protocols for the Secoqc Quantum Key Distribution (QKD) Network , 2007 .

[36]  Paul G. Spirakis,et al.  A graph-theoretic network security game , 2008, Int. J. Auton. Adapt. Commun. Syst..

[37]  Shor,et al.  Simple proof of security of the BB84 quantum key distribution protocol , 2000, Physical review letters.

[38]  D. Stoyan,et al.  Statistical Analysis and Modelling of Spatial Point Patterns , 2008 .

[39]  Ruth Breu,et al.  An Empirically Derived Loss Taxonomy Based on Publicly Known Security Incidents , 2009, 2009 International Conference on Availability, Reliability and Security.

[40]  Charles H. Bennett,et al.  WITHDRAWN: Quantum cryptography: Public key distribution and coin tossing , 2011 .

[41]  Noson S. Yanofsky,et al.  Quantum Computing for Computer Scientists , 2008 .

[42]  Momtchil Peev,et al.  The SECOQC Quantum-Key-Distribution network in Vienna , 2008, 2009 Conference on Optical Fiber Communication - incudes post deadline papers.