Abstract
We study probabilistic information flow from a property-specific viewpoint. For a given property of interest, specified as set of traces, we examine whether different low-level observations imply different probabilities for the occurrence of the property. Quantifying over all properties in a given class (e.g., high-level traces, or high-level sequences separated by low-level events) we obtain different notions of information flow. We give characterizations of systems that are secure according to these definitions. We consider both properties that are expressed over whole traces and those that distinguish between past and future given a reference point. In this framework, we can express several classical definitions of possibilistic security, as well as giving a more detailed, quantitative measure of information flow.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Aldini, A., Bravetti, M., Gorrieri, R.: A process-algebraic approach for the analysis of probabilistic noninterference. Journal of Computer Security 12, 191–246 (2004)
Barthe, G., D’Argenio, P.R., Rezk, T.: Secure information flow by self-composition. In: 17th IEEE Computer Security Foundations Workshop, pp. 100–114. IEEE Computer Society, Los Alamitos (2004)
Clark, D., Hunt, S., Malacaria, P.: Quantified interference for a while language. Electronic Notes Theoretical Computer Science 112, 149–166 (2005)
Giacobazzi, R., Mastroeni, I.: Abstract non-interference: parameterizing non-interference by abstract interpretation. In: Proceedings of the 31st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 186–197. ACM, New York (2004)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proc. IEEE Symp. on Security and Privacy, pp. 11–20 (April 1982)
Gray III, J.W.: Toward a mathematical foundation for information flow security. In: Proc. 1991 IEEE Symposium on Security and Privacy, pp. 21–35. IEEE Computer Society Press, Los Alamitos (1991)
Gray III, J.W.: Probabilistic interference. In: Proc. IEEE Symp. on Security and Privacy, pp. 170–179 (May 1990)
Halpern, J.Y., O’Neill, K.R.: Secrecy in multiagent systems. In: Proc. IEEE Computer Security Foundations Workshop (2002)
Lowe, G.: Quantifying information flow. In: Proc. IEEE Computer Security Foundations Workshop, pp. 18–31 (June 2002)
Mantel, H.: Possibilistic definitions of security – An assembly kit. In: Proc. IEEE Computer Security Foundations Workshop, pp. 185–199 (June 2002)
McCullough, D.: Specifications for multi-level security and hook-up property. In: Proc. IEEE Symp. on Security and Privacy, pp. 161–166 (April 1987)
McLean, J.: Security models and information flow. In: Proc. IEEE Symp. on Security and Privacy, pp. 180–187 (May 1990)
McLean, J.: A general theory of composition for trace sets closed under selective interleaving functions. In: Proc. IEEE Symp. on Security and Privacy, pp. 79–93 (May 1994)
O’Halloran, C.: A calculus of information flow. In: Proc. of the European Symposium on Research in Security and Privacy (ESoRiCS 1990), pp. 180–187 (1990)
Di Pierro, A., Hankin, C., Wiklicky, H.: Approximate non-interference. Journal of Computer Security 12, 37–82 (2004)
Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: Proc. IEEE Computer Security Foundations Workshop, pp. 200–214 (July 2000)
Slissenko, A.: On probabilistic modeling of information flow. Talk at a working seminar of LACL (2004)
Zakinthinos, A., Lee, E.S.: A general theory of security properties. In: Proc. IEEE Symp. on Security and Privacy, pp. 74–102. IEEE Computer Society Press, Los Alamitos (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Beauquier, D., Duflot, M., Minea, M. (2005). A Probabilistic Property-Specific Approach to Information Flow. In: Gorodetsky, V., Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2005. Lecture Notes in Computer Science, vol 3685. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560326_16
Download citation
DOI: https://doi.org/10.1007/11560326_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29113-8
Online ISBN: 978-3-540-31998-6
eBook Packages: Computer ScienceComputer Science (R0)