Abstract
Preventing improper information leaks is a greatest challenge of the modern society. In this paper, we present a technique for measuring the ability of several families of adversaries to set up a covert channel. Our approach relies on a noninterference based formulation of security which can be naturally expressed by semantic models of the program execution. In our analysis the most powerful adversary is measured via a notion of approximate process equivalence. Even if finding the most powerful adversary is in general impractical, we show that this requires only a finite number of checks for a particular family of adversaries which are related to a probabilistic information flow property.
Similar content being viewed by others
References
Aldini A. (2006). Classification of security properties in a linda-like process algebra. Sci. Comput. Program. 63: 16–38
Aldini, A., Bernardo, M.: An integrated view of security analysis and performance evaluation: Trading qos with covert channel bandwidth. In: SAFECOMP’04: Proceedings of the 23rd International Conference on Computer Safety, Reliability and Security, Lecture Notes in Computer Science, vol. 3219, pp. 283–296. Springer (2004)
Aldini, A., Bravetti, M., Di Pierro, A., Gorrieri, R., Hankin, C., Wiklicky, H.: Two formal approaches for approximating noninterference properties. In: Focardi and Gorrieri [18], pp. 1–43
Aldini A., Bravetti M. and Gorrieri R. (2004). A process algebraic approach for the analysis of probabilistic non-inetrference. J. Comput. Security 12(1): 191–245
Aldini, A., Di Pierro, A.: A quantitative approach to noninterference for probabilistic systems. In: Bravetti M., Gorrieri G. (eds.) Proceedings of the MEFISTO Project 2003, Formal Methods for Security and Time, Electronic Notes in Theoretical Computer Science, vol. 99, pp. 155–182. Elsevier (2004)
Aldini, A., Di Pierro, A.: On quantitative analysis of probabilistic protocols. In: Cerone, A., Pierro, A.D. (eds.) QAPL 2004, 2nd Workshop on Quantitative Aspects of Programming Languages, Electronic Notes in Theoretical Computer Science, vol. 112, pp. 131–148. Elsevier (2005)
Aldini, A., Di Pierro, A.: Noninterference and the most powerful probabilistic adversary. In: WITS 2006, 6th International Workshop on Issues in the Theory of Security (2006)
Aldini, A., Gorrieri, R.: Security analysis of a probabilistic non-repudiation protocol. In: PAPM-PROBMIV 2002, 2nd Joint International Workshop on Process Algebra and Performance Modelling, Probabilistic Methods in Verification, Lecture Notes in Computer Science, vol. 2399, pp. 17–36. Springer (2002)
Backes, M.: Quantifying probabilistic information flow in computational reactive systems. In: De Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS ’05: Proceedings of the 10th European Symposium on Research in Computer Security, Lecture Notes in Computer Science, vol. 3679, pp. 336–354. Springer (2005)
Backes, M., Pfitzmann, B., Waidner, M.: A composable yptographic library with nested operations. In: CCS’03: Proceedings of the 10th ACM conference on Computer and Communications Security, pp. 220–230. ACM Press, New York, (2003). doi:10.1145/948109.948140
Baier, C., Hermanns, H.: Weak bisimulation for fully probabilistic processes. In: Proceedings of the 9th International Conference on Computer Aided Verification, Lecture Notes in Computer Science, vol. 1254, pp. 119–130. Springer (1997)
Bravetti M. and Aldini A. (2003). Disete time generative-reactive probabilistic processes with different advancing speeds. Theor. Comput. Sci. 290: 355–406
Canetti R., Cheung L., Kaynar D., Liskov M., Lynch N., Pereira O. and Segala R. (2005). Using probabilistic I/O automata to improve the analysis of cryptographic protocols. ERCIM News 63: 40–41
Deng, Y., Palamidessi, C., Pang, J.: Weak probabilistic anonymity. In: SecCo 2005, 2nd International Workshop on Security Issues in Coordination Models, Languages, and Systems, Electronic Notes in Theoretical Computer Science (2005)
Di Pierro A., Hankin C. and Wiklicky H. (2004). Approximate non-interference. J. Comput. Security 12(1): 37–81
Di Pierro A., Hankin C. and Wiklicky H. (2005). Measuring the confinement of probabilistic systems. Theoretical Computer Science 340(1): 3–56
Focardi R. and Gorrieri R. (1995). A classification of security properties. J. Comput. Security 3: 5–33
Focardi, R., Gorrieri, R. (eds.): Lecture Notes in Computer Science, vol. 2946. Springer (2004)
Focardi, R., Gorrieri, R., Martinelli, F.: Classification of security properties (part ii: Network security). In: Focardi and Gorrieri [18], pp. 139–185
Goguen, J., Meseguer, J.: Security policy and security models. In: IEEE Symp. on Security and Privacy (SSP’82), pp. 11–20 (1982)
Guttman, J., Nadel, M.E.: What needs securing. In: 1st IEEE Computer Security Foundations Workshop (CSFW-1 1988), pp. 34–57. New Hampshire, USA (1988)
Howard R. (1971). Dynamic Probabilistic Systems. Wiley, New York
Wittbold, J.T., Johnson, D.J.: Information flow in nondeterministic systems. In: Proceedings of the IEEE Symposium on Security and Privacy (SSP’90), pp. 144–161. IEEE Computer Society (1990)
Kleinrock L. (1975). Queueing Systems. Wiley, New York
Milner R. (1989). Communication and Concurrency. Prentice Hall, New Jersey
Markowitch, O., Roggeman, Y.R.: Probabilistic non-repudiation without trusted third party. In: Conference on Security in Communication Networks (SCN’99) (1999)
Erdös, P., Graham, R.G.: Old and new problems and results in combinatorial number theory. Monographies de L’Enseignement Mathématique 28 (1980)
Ramanathan, A., Mitchell, J.C., Scedrov, A., Teague, V.: Probabilistic bisimulation and equivalence for security analysis of network protocols. In: FoSSaCS 2004, Foundations of Software Science and Computation Structures, Lecture Notes in Computer Science, vol. 2987, pp. 468–483. Springer (2004)
Roscoe, A.: Csp and determinism in security modelling. In: Proceedings of the IEEE Symposium on Security and Privacy (SSP’95), pp. 114–127. IEEE Computer Society (1995)
Ryan, P., Schneider, S.: Process algebra and non-interference. J. Comput. Security 9(1/2), 75–103 (2001). Special Issue on CSFW-12
Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: Proceedings of the 13th IEEE Computer Security Foundations Workshop, pp. 200–214 (2000)
Sanders W.H. and Meyer J.F. (1991). A unified approach for specifying measures of performance, dependability and performability. Dependable Comput. Fault-Tolerant Syst. Dependable Comput. Critical Appl. 4: 215–237
Segala, R.: Modeling and verification of randomized distributed real-time systems. Ph.D. thesis, MIT, Boston (MA) (1995)
Segala R. and Lynch N. (1995). Probabilistic simulations for probabilistic processes. Nordic J. Comput. 2: 250–273
Smith, G.: Probabilistic noninterference through weak probabilistic bisimulation. In: Proceedings of the 16th IEEE Computer Security Foundations Workshop (CSFW-16 2003), pp. 3–13. IEEE Computer Society, Pacific Grove, (2003)
van Glabbeek R., Smolka S. and Steffen B. (1995). Reactive, generative and stratified models of probabilistic processes. Inf. Comput. 121: 59–80
Volpano, D., Smith, G.: Probabilistic noninterference in a concurrent language. In: Proceedings of the 11th IEEE Computer Security Foundations Workshop (CSFW ’98), pp. 34–43. IEEE, Washington (1998)
Wu S., Smolka S. and Stark E. (1997). Composition and behaviors of probabilistic i/o automata. Theor. Comput. Sci. 176: 1–38
Zhu, Y., Bettati, R.: Anonymity vs. information leakage in anonymity systems. In: ICDCS 2005, 25th IEEE International Conference on Distributed Computing Systems, pp. 514–524. IEEE Computer Society (2005)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Aldini, A., Di Pierro, A. Estimating the maximum information leakage. Int. J. Inf. Secur. 7, 219–242 (2008). https://doi.org/10.1007/s10207-007-0050-x
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-007-0050-x