Secret Securing with Multiple Protections and Minimum Costs


Abstract in English

In this paper we study a security problem of protecting secrets with multiple protections and minimum costs. The target system is modeled as a discrete-event system (DES) in which a few states are secrets, and there are multiple subsets of protectable events with different cost levels. We formulate the problem as to ensure that every string that reaches a secret state (from the initial state) contains a specified number of protectable events and the highest cost level of these events is minimum. We first provide a necessary and sufficient condition under which this security problem is solvable, and then propose an algorithm to solve the problem based on the supervisory control theory of DES. The resulting solution is a protection policy which specifies at each state which events to protect and the highest cost level of protecting these events is minimum. Finally, we demonstrate the effectiveness of our solution with a network security example.

Download