Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.619189
Title: Modelling multi-layered network and security architectures using mathematical logic
Author: McDonald, Kevin
ISNI:       0000 0004 5357 0197
Awarding Body: University of Aberdeen
Current Institution: University of Aberdeen
Date of Award: 2014
Availability of Full Text:
Access through EThOS:
Full text unavailable from EThOS. Please try the link below.
Access through Institution:
Abstract:
Complex systems, be they natural or synthetic, are ubiquitous. In particular, complex networks of devices and services underpin most of society's operations. By their very nature, such systems are di cult to conceptualize and reason about e ectively. One seemingly natural notion, which helps to manage complexity and which is commonly found in discussions of complex systems, is that of layering: the system is considered to consist of a collection of interconnected layers that have distinct, identi able roles in the overall operations of the system. Noting that graphs are a key formalism in the description of complex systems, this thesis establishes a notion of a layered graph. A logical characterization of this notion of layering using a non-associative, non-commutative substructural, sepa- rating logic is provided. In addition, soundness and completeness results for a class of algebraic models that includes layered graphs are provided, which give a math- ematically substantial semantics to this very weak logic. Examples in information processing and security are used to show the applicability of the logic. The examples given use an informal notion of action. The thesis also presents a discussion of a number of possible languages that could be used to provide a dynamic extension of the logic. The key components of each language are identi ed and the semantics that would be required in the case of a full, theoretical, development are presented. Examples, mainly in access control, are used to illustrate situations where each extension could be applied. The logic is then used to describe a uniform logical framework for reasoning compositionally about access control policy models. The approach takes account of the underlying system architecture, and so provides a way to identify and reason about how vulnerabilities may arise (and be removed) as a result of the architecture of the system. The logic is then used to describe a uniform logical framework for reasoning compositionally about access control policy models. The approach takes account of the underlying system architecture, and so provides a way to identify and reason about how vulnerabilities may arise (and be removed) as a result of the architecture of the system. Using frame rules, it is also considered how local properties of access control policies are maintained as the system architecture evolves.
Supervisor: Not available Sponsor: Engineering and Physical Sciences Research Council ; RCUK Digital Economy Programme
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.619189  DOI: Not available
Keywords: Computer network architectures ; Computer security
Share: