Opacity with powerful attackers

Abstract This paper considers state-based opacity in a setting where attackers of a secret have additional observation capacities allowing them to know which inputs are allowed by a system. We show that regular opacity is decidable in this setting. We then address the question of controlling a system so that it becomes opaque, and solve this question by recasting the problem in a game setting.

[1]  Maciej Koutny,et al.  Opacity Generalised to Transition Systems , 2005, Formal Aspects in Security and Trust.

[2]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[3]  Stéphane Lafortune,et al.  Synthesis of insertion functions for enforcement of opacity security properties , 2014, Autom..

[4]  Hervé Marchand,et al.  Synthesis of opaque systems with static and dynamic masks , 2012, Formal Methods Syst. Des..

[5]  Benoît Caillaud,et al.  Concurrent Secrets , 2007, 2006 8th International Workshop on Discrete Event Systems.

[6]  Raja Sengupta,et al.  Diagnosability of discrete-event systems , 1995, IEEE Trans. Autom. Control..

[7]  Krishnendu Chatterjee,et al.  Games with a Weak Adversary , 2014, ICALP.

[8]  Krishnendu Chatterjee,et al.  The Complexity of Partial-Observation Parity Games , 2010, LPAR.

[9]  Mathieu Sassolas,et al.  Quantifying Opacity , 2010, QEST.