Soft Constraints for Security. Bella, G., Bistarelli, S., & Foley, S. N. 2006. doi abstract bibtex Integrity policies and cryptographic protocols have much in common. They allow for a number of participating principals, and consist of sets of rules controlling the actions that principals should or should not perform. They are intended to uphold various security properties, the crucial ones being integrity, confidentiality and authentication. This paper takes a unified view to the analysis of integrity policies and cryptographic protocols: they are artifacts that must be designed to be sufficiently robust to attack given an understood threat model. For example, integrity policy rules provide resilience to the threat of internal fraud, while cryptographic protocols provide resilience to the threat of replay and related attacks. The framework is modelled using (soft) constraints and analysis corresponds to the soft constraint satisfaction problem. Soft constraints facilitate a quantitative approach to analyzing integrity, confidentiality and authentication. Examples will be given: an integrity policy may achieve different levels of integrity under different circumstances; a protocol message may enjoy different levels of confidentiality for different principals; a principal can achieve different levels of authentication with different principals.
@conference{
11391_120854,
author = {Bella, Giampaolo and Bistarelli, Stefano and Foley, SIMON N.},
title = {Soft Constraints for Security},
year = {2006},
publisher = {ELSEVIER},
journal = {ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE},
volume = {142},
booktitle = {Special Issue VODCA},
abstract = {Integrity policies and cryptographic protocols have much in common. They allow for a number of participating principals, and consist of sets of rules controlling the actions that principals should or should not perform. They are intended to uphold various security properties, the crucial ones being integrity, confidentiality and authentication.
This paper takes a unified view to the analysis of integrity policies and cryptographic protocols: they are artifacts that must be designed to be sufficiently robust to attack given an understood threat model. For example, integrity policy rules provide resilience to the threat of internal fraud, while cryptographic protocols provide resilience to the threat of replay and related attacks. The framework is modelled using (soft) constraints and analysis corresponds to the soft constraint satisfaction problem. Soft constraints facilitate a quantitative approach to analyzing integrity, confidentiality and authentication. Examples will be given: an integrity policy may achieve different levels of integrity under different circumstances; a protocol message may enjoy different levels of confidentiality for different principals; a principal can achieve different levels of authentication with different principals.},
keywords = {Constraints; Security Protocols; Integrity Policy},
doi = {10.1016/j.entcs.2005.07.011},
pages = {11--29}
}
Downloads: 0
{"_id":{"_str":"53f475e53d9d602c1a0012cb"},"__v":4,"authorIDs":["5457089d8b01c8193000012f","5a8SaRQZEqQauLeSj","5dec2eeed39dc7de01000059","5defa628706001de01000155","5df0bf368367c8de0100014e","5df7a6a2f3cb28df0100013e","5df8c7c4e6b510df0100018c","5df8e4de877972de0100016c","5df99361c4ada8de01000018","5dfea9342331dfdf01000059","5e012b722e225bde01000053","5e0968c8ade67ddf01000043","5e0b068b3830a1df010000e1","5e10a884cfb06ddf0100002c","5e10fd55d6a01ede01000024","5e142e4b12768ef30100003c","5e1961659eca7cdf01000080","5e1a2ca69fbdddde010000ff","5e1f814208195af3010000a8","5e2b62d96366e2df010000e6","5e2b8ef4f92538df01000011","5e2d73a3556d50df01000041","5e30e7755f9c1cf2010000d7","5e35f2395cd57fde010000c7","5e3a22e3c268d2de01000108","5e3b007c55f0f2df0100011a","5e3e128b4cdb49de0100008a","5e4094bbd668c6de0100007c","5e40f782fd6934df01000169","5e413b68b7d170df01000092","5e42e16aa6f4a6f2010000d1","5e4eddeb2962cadf010000e9","5e54f08fb8e445df01000107","6rZ7TmdCqfG4dxRdT","Q5h43gs9oNpAm4KeK","Zw3hLXQ8Xyab4HobY"],"author_short":["Bella, G.","Bistarelli, S.","Foley, S. N."],"bibbaseid":"bella-bistarelli-foley-softconstraintsforsecurity-2006","bibdata":{"bibtype":"conference","type":"conference","author":[{"propositions":[],"lastnames":["Bella"],"firstnames":["Giampaolo"],"suffixes":[]},{"propositions":[],"lastnames":["Bistarelli"],"firstnames":["Stefano"],"suffixes":[]},{"propositions":[],"lastnames":["Foley"],"firstnames":["SIMON","N."],"suffixes":[]}],"title":"Soft Constraints for Security","year":"2006","publisher":"ELSEVIER","journal":"ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE","volume":"142","booktitle":"Special Issue VODCA","abstract":"Integrity policies and cryptographic protocols have much in common. They allow for a number of participating principals, and consist of sets of rules controlling the actions that principals should or should not perform. They are intended to uphold various security properties, the crucial ones being integrity, confidentiality and authentication. This paper takes a unified view to the analysis of integrity policies and cryptographic protocols: they are artifacts that must be designed to be sufficiently robust to attack given an understood threat model. For example, integrity policy rules provide resilience to the threat of internal fraud, while cryptographic protocols provide resilience to the threat of replay and related attacks. The framework is modelled using (soft) constraints and analysis corresponds to the soft constraint satisfaction problem. Soft constraints facilitate a quantitative approach to analyzing integrity, confidentiality and authentication. Examples will be given: an integrity policy may achieve different levels of integrity under different circumstances; a protocol message may enjoy different levels of confidentiality for different principals; a principal can achieve different levels of authentication with different principals.","keywords":"Constraints; Security Protocols; Integrity Policy","doi":"10.1016/j.entcs.2005.07.011","pages":"11–29","bibtex":"@conference{\n\t11391_120854,\n\tauthor = {Bella, Giampaolo and Bistarelli, Stefano and Foley, SIMON N.},\n\ttitle = {Soft Constraints for Security},\n\tyear = {2006},\n\tpublisher = {ELSEVIER},\n\tjournal = {ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE},\n\tvolume = {142},\n\tbooktitle = {Special Issue VODCA},\n\tabstract = {Integrity policies and cryptographic protocols have much in common. They allow for a number of participating principals, and consist of sets of rules controlling the actions that principals should or should not perform. They are intended to uphold various security properties, the crucial ones being integrity, confidentiality and authentication.\r\n\r\nThis paper takes a unified view to the analysis of integrity policies and cryptographic protocols: they are artifacts that must be designed to be sufficiently robust to attack given an understood threat model. For example, integrity policy rules provide resilience to the threat of internal fraud, while cryptographic protocols provide resilience to the threat of replay and related attacks. The framework is modelled using (soft) constraints and analysis corresponds to the soft constraint satisfaction problem. Soft constraints facilitate a quantitative approach to analyzing integrity, confidentiality and authentication. Examples will be given: an integrity policy may achieve different levels of integrity under different circumstances; a protocol message may enjoy different levels of confidentiality for different principals; a principal can achieve different levels of authentication with different principals.},\n\tkeywords = {Constraints; Security Protocols; Integrity Policy},\n\tdoi = {10.1016/j.entcs.2005.07.011},\t\n\tpages = {11--29}\n}\n","author_short":["Bella, G.","Bistarelli, S.","Foley, S. N."],"key":"11391_120854","id":"11391_120854","bibbaseid":"bella-bistarelli-foley-softconstraintsforsecurity-2006","role":"author","urls":{},"keyword":["Constraints; Security Protocols; Integrity Policy"],"metadata":{"authorlinks":{"bistarelli, s":"https://bista.sites.dmi.unipg.it/papers/"}},"downloads":0,"html":""},"bibtype":"conference","biburl":"http://www.dmi.unipg.it/~bista/papers/pubblicazioni.bib","creationDate":"2014-08-20T10:18:13.832Z","downloads":0,"keywords":["constraints; security protocols; integrity policy"],"search_terms":["soft","constraints","security","bella","bistarelli","foley"],"title":"Soft Constraints for Security","year":2006,"dataSources":["T6HLi2LBH4teAezac","GhB5rb8JzW6az3exo"]}