|
Posted by Walter Roberson on January 11, 2006, 8:02 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>I am looking for a theoretical models which can allow me to model
>network security (just as we use ~rsndom graphs to model Internet
>topology, I want to get a model where I could model basic security
>stuff). I would be grateful for any info about such papers...
It appears to me that you are using two different meanings for 'model'.
A "theoretical model" is a description of how something is postulated
to work, or of how it is postulated to be calculable, or of how
one could build a framework that would describe the item given
parameters.
To use random graphs to "model" internet topologies is to engage
in the simulation of the behaviour of a particular topology.
When you say that you want to "model network security", it isn't
clear whether you are trying to
a) find or construct a description of how network security generally works
(or can fail to work); or
b) find or construct a description of how network security works (or
doesn't) given particular parameters (e.g., think of applying queueing
theory to a particular situation); or
c) undertake simulations of some aspects of network security.
When the question was asked a few days ago, the respondants interpretted
"model" in the sense of descriptive frameworks, and referred off
to Orange Book and Common Criteria and similar.
Your reference to random graphs this time suggests you are thinking
along rather different lines.
What kind of simulation were you thinking of? Something along the
lines of "generate a random configuration of hosts and IPs and
connectivity, and routers and NAT devices and firewalls, and decide
whether that particular configuration has any security holes" ?
Firewall configures get big quickly, and the task becomes much
like the task of proving program correctness (because redirection or
looping of packets is legal... and necessary for e.g., proxy or
hub-and-spoke systems.)
| 
XML site map