An Optimization Approach using Soft Constraints for the Cascade Vulnerability Problem

In the discipline of computer security, the field of trust management design is dedicated to the design of trusted systems, in particular trusted networks. One common trusted mechanism used these days is the multi-level security (MLS) mechanism, that allows simultaneous access to systems by users with different levels of security clearance in an interconnected network. Vulnerability arises when an intruder takes advantage of the network connectivity and creates an inappropriate flow of information across the network, leading to the so-called cascade vulnerability problem (CVP). In this article, we extend an existent approach to this problem proposed by Bistarelli et al. [1] that models, detects and properly eliminates the CVP in a network. This particular approach expresses a solution of the problem using constraint programming. We incorporate real-world criteria to consider into this approach, such as the bandwidth, electricity, cost of connections. Considering such features in CVP results in generating a constraint optimization problem.