Abstract
We describe a model of computer security that applies results from the statistical properties of graphs to human-computer systems. The model attempts to determine a safe threshold of interconnectivity in a human-computer system by ad hoc network analyses. The results can be applied to physical networks, social networks and networks of clues in a forensic analysis. Access control, intrusions and social engineering can also be discussed as graph- and information-theoretical relationships. Groups of users and shared objects, such as files or conversations, provide communication channels for the spread of both authorized and unauthorized information. We present numerical criteria for measuring the security of such systems and algorithms for finding the vulnerable points.
Similar content being viewed by others
References
Snyder L (1981) Formal models of capability-based protection systems. IEEE Trans Comput 30:172
Moser LE (1987) Graph homomorphisms and the design of secure computer systems. In: Proceedings of the symposium on security and privacy. IEEE Press, New York, p 89
Williams JC (1987) A graph theoretic formulation of multilevel secure distributed systems: an overview. In: Proceedings of the symposium on security and privacy. IEEE Press, New York, p 97
Faloutsos M, Faloutsos P, Faloutsos C (1999) On power-law relationships of the internet topology. Comput Commun Rev 29:251
Barabási AL, Albert R, Jeong H (2000) Scale-free characteristics of random networks: topology of the world-wide web. Physica A 281:69
Barabási AL, Albert R (1999) Emergence of scaling in random networks. Science 286:509
Albert R, Jeong H, Barabási AL (1999) Diameter of the world-wide web. Nature 401:130
Huberman B, Adamic A (1999) Growth dynamics of the world-wide web. Nature 401:131
Albert R, Barabási A (2002) Statistical mechanics of complex networks. Rev Mod Phys 74:47
Kao MY (1996) Data security equals graph connectivity. SIAM J Discrete Math 9:87
Newman MEJ, Strogatz SH, Watts DJ (2001) Random graphs with arbitrary degree distributions and their applications. Phys Rev E 64:026118
Brewer D, Nash M (1989) The chinese wall security policy. In: Proceedings of the IEEE symposium on security and privacy. IEEE Press, New York, p 206
Burgess M (2004) Analytical network and system administration – managing human-computer systems. Wiley, Chichester
Molloy M, Reed B (1998) The size of the giant component of a random graph with a given degree sequence. Combinator Probabil Comput 7:295
Bonacich P (1987) Power and centrality: a family of measures. Am J Sociol 92:1170–1182
Canright G, Weltzien Å (2003) Multiplex structure of the communications network in a small working group. In: Proceedings of the international Sunbelt Social Network conference XXIII, Cancun, Mexico
Canright G, Engø-Monsen K (2004) A natural definition of clusters and roles in undirected graphs. Sci Comput Programm (in press)
Burgess M, Canright G, Hassel Stang T, Pourbayat F, Engo K, Weltzien Å (2003) Archipelago: a network security analysis tool. Iin: Proceedings of the 17th conference on systems administration (LISA XVII), USENIX Association, Berkeley, CA, p 153
Burgess M (2000) Theoretical system administration. In: Proceedings of the 14th conference on systems administration (LISA XIV), USENIX Association, Berkeley, CA, p 1
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Burgess, M., Canright, G. & Engø-Monsen, K. A graph-theoretical model of computer security. IJIS 3, 70–85 (2004). https://doi.org/10.1007/s10207-004-0044-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-004-0044-x