To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
Vulnerability Analysis through a Graph-based Protection System |
|
Author |
Mohammad Ebrahim Rafiei, Rasool Jalili, Hamid Mousavi |
| Citation |
Vol. 6 No. 12 pp. 311-319 |
|
Abstract |
Vulnerability analysis is the process of specifying, designing, and implementing a computer system without vulnerabilities, discovering unknown vulnerabilities, and detecting vulnerabilities¡¯ possible exploits. Some approaches to achieve such a process, integrate the concept of vulnerability into an access control model, and use ad hoc ideas to analyze them. Such approaches usually suffer from problems including weak modeling abilities and separation of authorized and unauthorized rules. To overcome such problems, we propose VGBPS as a new graph-based protection system with the main focus on vulnerabilities. Dealing with access rights, vulnerabilities, attributes, and relations similarly and using edge patterns to define rich types of rules, VGBPS adds the concept of vulnerability into a general access control model in a way that no extra effort is needed to handle vulnerabilities. In VGBPS, vulnerability analysis can be done by answering the safety problem. Considering safety problem more thoroughly, it is proven that safety problem, in the general form of VGBPS, is an NP-Complete problem. However, we introduce some simplified cases of the model, such as monotonically increasing systems and systems containing only permanent rules, in which the safety problem can be answered in polynomial time |
|
Keywords |
Vulnerability Analysis, Protection System, Safety Problem, NP-Completeness. |
|
URL |
