Information Technology Reference
In-Depth Information
Input:
-setofrules.
S M - set of minimal goal states, S M ⊆ S G .
Output:
- set of noninterfering rules.
Algorithm:
computeNRS(∆, S M )
P = Q = R =
for each δ ( A, B, C, D )
∈ ∆ do
P = P ∪ A
Q = Q ∪ B
for each s m ∈ S M do
R = R ∪ s m
=
for each δ ( A, B, C, D ) ∈ ∆ do
if C ∩ Q = and D ∩ P = and ( D ∩ R = ) then
= ∪{δ}
return
Fig. 2. Computing the noninterfering rule subset of a ruleset
Input:
seq - a reverse attack path, seq ∈ S .
- set of noninterfering rules.
Output:
A maximal state transition sequence
Algorithm:
findMaximal(seq, ∆)
s = head ( seq )
if A ⊆ s and B ∩ s = for some rule δ ( A, B, C, D ) ∈ ∆ then
s =(( s ∪ C ) − D )
return findMaximal ( s .seq , ∆ −{δ} )
else
return seq
Fig. 3. Computing a maximal state transition sequence using a noninterfering ruleset
3.1 Monotonicity
A ruleset is called monotonic if for all rules δ ( A, B, C, D )
, B and D
are empty. Clearly, if T =(
A,∆,s 0 ,S G )isa state transition rule-system with
monotonic ruleset , then all rules in are noninterfering rules in T . Hence,
from Propositions 3 and 4, monotonic rules may be applied in any order and
findMaximal yields a successful attack path if one exists.
4 Nonmonotonic Rules
We now consider transition rules δ ( A, B, C, D )where A, B, C, D can be arbitrary
sets of attributes. Such rules (called nonmonotonic rules ) can represent actions
Search WWH ::




Custom Search