| This dissertation presents a new model, based on the resource constrained shortest path, for evaluating the security of computer networks. The model is derived from risk analysis principles and intuitive concepts of security. There are three important features of the model. First, the use of the resource constrained shortest path as an integral part of the model ties security evaluation metrics to graph theory, thus providing a mathematical base for the evaluation of network security. Second, the model allows both local (nodal) and overall (network) security considerations to be incorporated into the security evaluation process. Third, the model allows the relationship, if any, between network penetrations to be specified. The usefulness of the model is demonstrated by applying the model to examples from current literature. Applying the model to a generalization of the cascade problem not only yields a new, efficient algorithm (O(N... |
