Gained and Excluded Private Actions by Process Observations

• Autorzy: Gruska D.P.
• Języki publikacji: EN

Abstrakty

EN

Formalisms for description how much information on private actions can be obtained by observing public ones are presented. Two sets of private actions are considered. The set of actions which execution is guaranteed according to observations and the set of actions which execution is excluded according to observations. Since information flows could be realized also by means of different covert channels as time, termination and divergence this possibility is considered as well. Both qualitative and quantitative dimensions of the flow are considered.

Słowa kluczowe

EN

information flow; security; non-interference; termination; divergence; covert channel

• Wydawca: IOS Press
• Czasopismo: Fundamenta Informaticae
• Rocznik: 2011
• Tom: Vol. 109, nr 3
• Strony: 281--295
• Opis fizyczny: Bibliogr. 18 poz.

Twórcy

autor

Gruska D.P.

• Institute of Informatics, Comenius University Mlynska dolina, 842 48 Bratislava, Slovakia,

Bibliografia

• [1] Askarov A., S. Hunt, A. Sabelfeld and D. Sands: Termination-InsensitiveNoninterference LeaksMore Than Just a Bit. Proc. of the 13th European Symposium on Research in Computer Security (ESORICS'2008), LNCS 5283, 2008.
• [2] Clark D., S. Hunt and P. Malacaria: A Static Analysis for Quantifying the Information Flow in a Simple Imperative Programming Language. The Journal of Computer Security, 15(3). 2007.
• [3] Clarkson, M.R., A.C. Myers, F.B. Schneider: Quantifying Information Flow with Beliefs. Journal of Computer Security, to appear, 2009.
• [4] Dhem J.-F., F. Koeune, P.-A. Leroux, P. Mestre, J.-J. Quisquater and J.-L. Willems: A practical implementation of the timing attack. Proc. of the Third Working Conference on Smart Card Research and Advanced Applications (CARDIS 1998), LNCS 1820, Springer, Berlin, 1998.
• [5] Focardi, R., R. Gorrieri, and F. Martinelli: Information flow analysis in a discrete-time process algebra. Proc. 13th Computer Security FoundationWorkshop, IEEE Computer Society Press, 2000.
• [6] Focardi, R., R. Gorrieri, R. Lanotte, A.Maggiolo-Schettini, F. Martinelli, S. Tini and Enrico Tronci: Formal Models of Timing Attacks on Web Privacy. Electr. Notes Theor. Comput. Sci. (ENTCS) 62, 2001.
• [7] Gorrieri R. and F. Martinelli: A simple framework for real-time cryptographic protocol analysis with compositional proof rules. Science of Computer Programming archive Volume 50, Issue 1-3, 2004.
• [8] Groote, J. F.: Transition Systems Specification with Negative Premises. Baeten, J.C.M. and Klop, J.W. (eds.), CONCUR'90, Springer Verlag, Berlin, LNCS 458, 1990.
• [9] Gruska D.P.: Process Algebra Contexts and Security Properties. Fundamenta Informaticae, vol. 102, Number 1, 2010.
• [10] Gruska D.P.: Quantifying Security for Timed ProcessAlgebras, Fundamenta Informaticae, vol. 93, Numbers 1-3, 2009.
• [11] Gruska D.P.: Probabilistic Information Flow Security. Fundamenta Informaticae, vol. 85, Numbers 1-4, 2008.
• [12] Gruska D.P.: Observation Based System Security. Fundamenta Informaticae, vol. 79, Numbers 3-4, 2007.
• [13] Kocher P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS and other systems. Proc. Advances in Cryptology - CRYPTO'96, LNCS 1109, Springer, Berlin, 1996.
• [14] Lowe G.: Quantifying information flow. In Proc. IEEE Computer Security FoundationsWorkshop, 2002.
• [15] Martinelli F. and I. Matteucci: Through Modeling to Synthesis of Security Automata. Proc. of STM 2006, ENTCS Volume 179, 6 July 2007.
• [16] Milner, R.: Communication and concurrency. Prentice-Hall International, New York, 1989.
• [17] Schneider, F. B.: Enforceable Security Policies. ACM Transactions on Information and System Security, Volume 3 Issue 1, Feb. 2000.
• [18] Volpano D. M. and G. Smith: Eliminating Covert Flows with Minimum Typings. In Proc. CSFW, 1997