A Flexible Approach Towards Security Validation

Validating security properties of complex distributed systems is a challenging problem by itself, let alone when the work needs to be performed under tight budget and time constraints on prototype systems with components at various maturity levels. This paper described a tailored approach to security evaluations involving a strategic combination of model-based quantification, emulation, and logical argumentation. By customizing the evaluation to fit existing budget and timelines, validators can achieve the most appropriate validation process, trading off fidelity with coverage across a number of different defense components and different maturity levels. We successfully applied this process to the validation of an overlay proxy network, analyzing the impact of five different defense attributes (together with combinations thereof) on access path establishment and anonymity.