Quantifying Security for Timed Process Algebras

• Autorzy: Gruska D.P.
• Języki publikacji: EN

Abstrakty

EN

A quantification of process's security by quantification of an amount of information flow is defined and studied in the framework of timed process algebras. The resulting quantified security is compared with other (qualitative) security notions. Unprecise and limited observations are defined and discussed.

Słowa kluczowe

EN

information flow; information theory; opacity; surprisal; uncertainty; security; unprecise and limited observations

• Wydawca: IOS Press
• Czasopismo: Fundamenta Informaticae
• Rocznik: 2009
• Tom: Vol. 93, nr 1-3
• Strony: 155--169
• Opis fizyczny: Bibliogr. 17 poz.

Twórcy

autor

Gruska D.P.

• Institute of Informatics, Comenius University Mlynska dolina, 842 48 Bratislava, Slovakia,

Bibliografia

• [1] Bryans J., M. Koutny and P. Ryan: Modelling non-deducibility using Petri Nets. Proc. of the 2nd International Workshop on Security Issues with Petri Nets and other ComputationalModels, 2004.
• [2] Bryans J., M. Koutny, L. Mazare and P. Ryan: Opacity Generalised to Transition Systems. In Proceedings of the Formal Aspects in Security and Trust, LNCS 3866, Springer, Berlin, 2006.
• [3] Busi N. and R. Gorrieri: Positive Non-interference in Elementary and Trace Nets. Proc. of Application and Theory of Petri Nets 2004, LNCS 3099, Springer, Berlin, 2004.
• [4] Clark D., S. Hunt and P. Malacaria: A Static Analysis for Quantifying the Information Flow in a Simple Imperative Programming Language. The Journal of Computer Security, 15(3). 2007.
• [5] Focardi, R., R. Gorrieri, and F. Martinelli: Information flow analysis in a discrete-time process algebra. Proc. 13th Computer Security FoundationWorkshop, IEEE Computer Society Press, 2000.
• [6] Focardi, R., R. Gorrieri, and F. Martinelli: Real-Time information flow analysis. IEEE Journal on Selected Areas in Communications 21 (2003).
• [7] Focardi, R. and S. Rossi: Information flow security in Dynamic Contexts. Proc. of the IEEE Computer Security Foundations Workshop, 307-319, IEEE Computer Society Press, 2002.
• [8] Glabbeek R. J. van, S. A. Smolka and B. Steffen: Reactive, Generative and Stratified Models of Probabilistic Processes. Information and Computation, 121(1): 59-80, 1995.
• [9] Gorrieri R. and F. Martinelli: A simple framework for real-time cryptographic protocol analysis with compositional proof rules. Science of Computer Programming archive Volume 50, Issue 1-3, 2004.
• [10] Gruska D.P.: Probabilistic information flow security. Fundamenta Informaticae, Vol. 85, No. 1-4, 2008.
• [11] Gruska D.P.: Observation Based System Security. Fundamenta Informaticae, vol 79, Numbers 3-4, 2007.
• [12] Gruska D.P.: Information-Flow Attacks Based on Limited Observations. in Proc. of PSI'06, Springer Verlag, LNCS 4378, Berlin, 2007.
• [13] Gruska D.P.: Information-Flow Security for Restricted Attackers. in Proc. of 8th International Symposium on Systems and Information Security, Sao Jose dos Campos, 2006.
• [14] Gruska D.P.: Information Flow in Timing Attacks. Proceedings CS&P'04, 2004.
• [15] Lowe G.: Quantifying information flow". In Proc. IEEE Computer Security FoundationsWorkshop, 2002.
• [16] Segala R. and N. Lynch: Probabilistic Simulations for Probabilistic Processes. Nord. J. Comput. 2(2): 250-273, 1995.
• [17] Shannon, C. E.: A mathematical theory of communication. Bell System Technical Journal, vol. 27, 1948.