Measuring Information Flow in Reactive Processes

This paper outlines an approach for measuring information flow within reactive probabilistic systems. First, we present the probabilistic model of reactive labelled transition system with input-output actions. Second, we present the language and semantics for simple reactive processes, and investigate the quantified information flow analysis over this semantics. Third, we define a metric over the semantics and then present a method to compute the leakage in reactive processes. The metric we considered is the square root of the Jensen-Shannon divergence: the quantitative information is contained in the distance between state transformations given by a process metric. Finally, we show that there is a connection between our leakage definition and mutual information in the framework of information theory.

[1]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[2]  Jianhua Lin,et al.  Divergence measures based on the Shannon entropy , 1991, IEEE Trans. Inf. Theory.

[3]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Chris Hankin,et al.  Approximate non-interference , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[5]  Charles F. Hockett,et al.  A mathematical theory of communication , 1948, MOCO.

[6]  I. Grosse,et al.  Analysis of symbolic sequences using the Jensen-Shannon divergence. , 2002, Physical review. E, Statistical, nonlinear, and soft matter physics.

[7]  Pasquale Malacaria,et al.  Assessing security threats of looping constructs , 2007, POPL '07.

[8]  David Clark,et al.  Quantitative Analysis of the Leakage of Confidential Data , 2002, QAPL.

[9]  David Clark,et al.  Quantitative Analysis of Secure Information Flow via Probabilistic Semantics , 2009, 2009 International Conference on Availability, Reliability and Security.

[10]  Gavin Lowe,et al.  Quantifying information flow , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[11]  J. W. de Bakker,et al.  Processes and the Denotational Semantics of Concurrency , 1982, Inf. Control..

[12]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[13]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[14]  Michele Boreale,et al.  Quantifying information leakage in process calculi , 2006, Inf. Comput..

[15]  Marta Z. Kwiatkowska,et al.  Probabilistic Metric Semantics for a Simple Language with Recursion , 1996, MFCS.

[16]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[17]  G. Norman METRIC SEMANTICS FOR REACTIVE PROBABILISTIC PROCESSES , 1998 .

[18]  Kim G. Larsen,et al.  Bisimulation through probabilistic testing (preliminary report) , 1989, POPL '89.

[19]  Andrzej M. Borzyszkowski,et al.  Mathematical Foundations of Computer Science 1996 , 1996, Lecture Notes in Computer Science.