Algebraic foundations for quantitative information flow

Several mathematical ideas have been investigated for quantitative information flow. Information theory, probability, guessability are the main ideas in most proposals. They aim to quantify how much information is leaked, how likely is to guess the secret and how long does it take to guess the secret respectively. In this work, we investigate the relationship between these ideas in the context of the quantitative analysis of deterministic systems. We propose the lattice of information as a valuable foundation for these approaches; not only it provides an elegant algebraic framework for the ideas, but also to investigate their relationship. In particular, we will use this lattice to prove some results establishing order relation correspondences between the different quantitative approaches. The implications of these results w.r.t. recent work in the community is also investigated. While this work concentrates on the foundational importance of the lattice of information its practical relevance has been recently proven, notably with the quantitative analysis of Linux kernel vulnerabilities. Overall, we believe these works set the case for establishing the lattice of information as one of the main reference structure for quantitative information flow.

[1]  Mário S. Alvim,et al.  Probabilistic Information Flow , 2010, 2010 25th Annual IEEE Symposium on Logic in Computer Science.

[2]  Pasquale Malacaria,et al.  Lagrange multipliers and maximum information leakage in different observational models , 2008, PLAS '08.

[3]  David Clark,et al.  A static analysis for quantifying information flow in a simple imperative language , 2007, J. Comput. Secur..

[4]  Alexander Aiken,et al.  Secure Information Flow as a Safety Problem , 2005, SAS.

[5]  J. Massey Guessing and entropy , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[6]  Pasquale Malacaria,et al.  Information Theory and Security: Quantitative Information Flow , 2010, SFM.

[7]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[8]  Yatsuka Nakamura Entropy and semivaluations on semilattices , 1970 .

[9]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[10]  Roberto Giacobazzi,et al.  Abstract non-interference: parameterizing non-interference by abstract interpretation , 2004, POPL.

[11]  Prakash Panangaden,et al.  Anonymity protocols as noisy channels , 2008, Inf. Comput..

[12]  Catuscia Palamidessi,et al.  Quantitative Notions of Leakage for One-try Attacks , 2009, MFPS.

[13]  David Clark,et al.  An Interval-based Abstraction for Quantifying Information Flow , 2009, QAPL.

[14]  James W. Gray,et al.  Toward a mathematical foundation for information flow security , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[15]  Hirotoshi Yasuoka,et al.  Quantitative Information Flow - Verification Hardness and Possibilities , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[16]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[17]  Carroll Morgan The Shadow Knows: Refinement and security in sequential programs , 2009, Sci. Comput. Program..

[18]  Pedro R. D'Argenio,et al.  Secure information flow by self-composition , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[19]  Pasquale Malacaria,et al.  Assessing security threats of looping constructs , 2007, POPL '07.

[20]  David Clark,et al.  Quantitative Analysis of the Leakage of Confidential Data , 2002, QAPL.

[21]  Anna Philippou,et al.  Tools and Algorithms for the Construction and Analysis of Systems , 2018, Lecture Notes in Computer Science.

[22]  G. Winskel The formal semantics of programming languages , 1993 .

[23]  Daniel Kroening,et al.  A Tool for Checking ANSI-C Programs , 2004, TACAS.

[24]  Pasquale Malacaria,et al.  Risk assessment of security threats for looping constructs , 2010, J. Comput. Secur..

[25]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[26]  Gavin Lowe,et al.  Quantifying information flow , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[27]  Geoffrey Smith,et al.  Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[28]  Annabelle McIver,et al.  A probabilistic approach to information hiding , 2003 .

[29]  Michael R. Clarkson,et al.  Quantifying information flow with beliefs , 2009, J. Comput. Secur..

[30]  Pasquale Malacaria,et al.  Applied Quantitative Information Flow and Statistical Databases , 2009, Formal Aspects in Security and Trust.

[31]  Pasquale Malacaria,et al.  Quantitative analysis of leakage for multi-threaded programs , 2007, PLAS '07.

[32]  Pasquale Malacaria,et al.  Quantifying information leaks in software , 2010, ACSAC '10.

[33]  Mário S. Alvim,et al.  Information Flow in Interactive Systems , 2010, CONCUR.

[34]  Carroll Morgan The Shadow Knows: Refinement of Ignorance in Sequential Programs , 2006, MPC.

[35]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[36]  Claude E. Shannon,et al.  The lattice theory of information , 1953, Trans. IRE Prof. Group Inf. Theory.

[37]  Geoffrey Smith,et al.  On the Foundations of Quantitative Information Flow , 2009, FoSSaCS.

[38]  David Clark,et al.  Quantitative Information Flow, Relations and Polymorphic Types , 2005, J. Log. Comput..

[39]  John McLean,et al.  Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[40]  D. Clark,et al.  An Abstraction Quantifying Information Flow over Probabilistic Semantics , 2009 .

[41]  Hirotoshi Yasuoka,et al.  On Bounding Problems of Quantitative Information Flow , 2010, ESORICS.

[42]  Michael Backes,et al.  Automatic Discovery and Quantification of Information Leaks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[43]  Pasquale Malacaria,et al.  Quantifying maximal loss of anonymity in protocols , 2009, ASIACCS '09.

[44]  David A. Basin,et al.  An information-theoretic model for adaptive side-channel attacks , 2007, CCS '07.

[45]  Jaisook Landauer,et al.  A lattice of information , 1993, [1993] Proceedings Computer Security Foundations Workshop VI.

[46]  Annabelle McIver,et al.  Programming Methodology , 1974, Lecture Notes in Computer Science.