Counteraction to conspiracy in discrete dynamical models of computers network

The paper studies the problem of counteracting the collusion of subjects in computer networks. In real world situations the goal of the collusions is to obtain some access rights between two network subjects. Within the proposed model, collusion is considered as a dynamic process taking place at discrete time. An original network is associated with a discrete dynamic system (DDS), in which collusion corresponds to a sequence of transitions between states. Collusion is successful if as a result of a sequence of steps the access rights are transferred from one particular subject to another. A counteraction to such collusion is achieved by deactivating some nodes. In a real network a deactivation corresponds to reducing access level between subjects. Deactivation of several nodes induces a new DDS. A final state of such DDS is a stationary point. If in this point the access rights are not transferred between selected subjects, then deactivation successfully blocked collusion. In the paper we consider a problem of finding minimal deactivating set. It is reduced to Boolean satisfiability problem and solved using state-of-the-art SAT solvers. We use the Take-Grant model of computer security because it is one of the most simple and well-studied models.