Quantification of Positive and Negative Attacker's Information

• Autorzy: Gruska D.P.
• Języki publikacji: EN

Abstrakty

EN

Different techniques for expressing an amount of information on secrete data which can be obtained by a process observation are presented. They are based on information theory and they express certainty about sets of private actions which execution is guaranteed by a given observation and sets of actions which execution is excluded by a given observation. Moreover, the case when an intruder has same preliminary belief on secrete data is discussed. It is shown how the presented technique could be applied for such case. As regards working formalism, probabilistic process algebra is used for description of systems as well as attacker's belief.

Słowa kluczowe

EN

probabilistic process algebras; information flow; opacity; security; belief

• Wydawca: IOS Press
• Czasopismo: Fundamenta Informaticae
• Rocznik: 2012
• Tom: Vol. 120, nr 3/4
• Strony: 311--324
• Opis fizyczny: Bibliogr. 18 poz.

Twórcy

autor

Gruska D.P.

• Institute of Informatics, Comenius University, Mlynska dolina, 842 48 Bratislava, Slovakia

Bibliografia

• [1] Aldini A., M. Bravetti and R. Gorrieri: A process-algebraic approach for the analysis of probabilistic noninterference, Journal of Computer Security archive Volume 12 , Issue 2, April, 2004.
• [2] Bryans J., M. Koutny and P. Ryan: Modelling non-deducibility using Petri Nets. Proc. of the 2nd International Workshop on Security Issues with Petri Nets and other Computational Models, 2004.
• [3] Bryans J., M. Koutny, L. Mazare and P. Ryan: Opacity Generalised to Transition Systems. In Proceedings of the Formal Aspects in Security and Trust, LNCS 3866, Springer, Berlin, 2006
• [4] Clark D., S. Hunt and P. Malacaria: A Static Analysis for Quantifying the Information Flow in a Simple Imperative Programming Language. The Journal of Computer Security, 15(3). 2007.
• [5] Clarkson, M.R., A.C. Myers, F.B. Schneider: Quantifying Information Flow with Beliefs. Journal of Computer Security, to appear, 2009.
• [6] Focardi, R., R. Gorrieri, and F. Martinelli: Information flow analysis in a discrete-time process algebra. Proc. 13th Computer Security Foundation Workshop, IEEE Computer Society Press, 2000.
• [7] Focardi, R., R. Gorrieri, and F. Martinelli: Real-Time information flow analysis. IEEE Journal on Selected Areas in Communications 21 (2003).
• [8] Focardi, R. and S. Rossi: Information flow security in Dynamic Contexts. Proc. of the IEEE Computer Security Foundations Workshop, 307-319, IEEE Computer Society Press, 2002.
• [9] Glabbeek R. J. van, S. A. Smolka and B. Steffen: Reactive, Generative and Stratified Models of Probabilistic Processes Inf. Comput. 121(1): 59-80, 1995
• [10] Gruska D.P.: Gained and Excluded Private Actions by Process Observations, Fundamenta Informaticae, vol. 109, No. 3, 2011. 281-295
• [11] Gruska D.P.: Quantifying Security for Timed Process Algebras, Fundamenta Informaticae, vol. 93, Numbers 1-3, 2009.
• [12] Gruska D.P.: Probabilistic Information Flow Security. Fundamenta Informaticae, vol. 85, Numbers 1-4, 2008.
• [13] Gruska D.P.: Observation Based System Security. Fundamenta Informaticae, vol. 79, Numbers 3-4, 2007.
• [14] Hansson, H. a B. Jonsson: A Calculus for Communicating Systems with Time and Probabilities. In Proceedings of 11th IEEE Real - Time Systems Symposium, Orlando, 1990.
• [15] López N. and Núñez: An Overview of Probabilistic Process Algebras and their Equivalences. In Validation of Stochastic Systems, LNCS 2925, Springer-Verlag, Berlin, 2004
• [16] Milner, R.: Communication and concurrency. Prentice-Hall International, New York,1989.
• [17] Segala R. and N. Lynch: Probabilistic Simulations for Probabilistic Processes. Nord. J. Comput. 2(2): 250-273, 1995
• [18] Shannon, C. E.: A mathematical theory of communication. Bell System Technical Journal, vol. 27, 1948.