The Cascade Vulnerability Problem: the detection problem and a simulated annealing approach for its correction

Abstract The Cascade Vulnerability Problem is a potential problem which must be faced when using the interconnected accredited system approach of the Trusted Network Interpretation. It belongs to a subset of the problem set that addresses the issue of whether the interconnection of secure systems via a secure channel results in a secure distributed system. The Cascade Vulnerability Problem appears when an adversary can take advantage of network connections to compromise information across a range of sensitivity levels that is greater than the accreditation range of any of the component systems s/he must defeat to do so. The general Cascade Vulnerability Problem is presented, the basic properties of the most important detection algorithms are described, a brief comparative analysis is conducted, and a new approach based on simulated annealing for its correction is presented.

[1]  Alfred V. Aho,et al.  The Design and Analysis of Computer Algorithms , 1974 .

[2]  Rajiv Gupta,et al.  On randomization in sequential and distributed algorithms , 1994, CSUR.

[3]  Fred Glover,et al.  Tabu Search - Part II , 1989, INFORMS J. Comput..

[4]  Theodore M. P. Lee Statistical models of trust: TCBs vs. people , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[5]  J. K. Millen,et al.  The cascading problem for interconnected networks , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[6]  Fred W. Glover,et al.  Tabu Search - Part I , 1989, INFORMS J. Comput..

[7]  Bradford G. Nickerson,et al.  The cascade vulnerability problem , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  C. D. Gelatt,et al.  Optimization by Simulated Annealing , 1983, Science.

[9]  D. E. Goldberg,et al.  Genetic Algorithms in Search, Optimization & Machine Learning , 1989 .

[10]  Lance J. Hoffman,et al.  A shortest path network security model , 1993, Comput. Secur..

[11]  Lance J. Hoffman,et al.  On the shortest path to network security , 1993, Proceedings of 9th Annual Computer Security Applications Conference.

[12]  Emile H. L. Aarts,et al.  Simulated Annealing: Theory and Applications , 1987, Mathematics and Its Applications.

[13]  N. Metropolis,et al.  Equation of State Calculations by Fast Computing Machines , 1953, Resonance.

[14]  V. Cerný Thermodynamical approach to the traveling salesman problem: An efficient simulation algorithm , 1985 .