Computing the Leakage of Information-Hiding Systems

We address the problem of computing the information leakage of a system in an efficient way. We propose two methods: one based on reducing the problem to reachability, and the other based on techniques from quantitative counterexample generation. The second approach can be used either for exact or approximate computation, and provides feedback for debugging. These methods can be applied also in the case in which the input distribution is unknown. We then consider the interactive case and we point out that the definition of associated channel proposed in literature is not sound. We show however that the leakage can still be defined consistently, and that our methods extend smoothly.

[1]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[2]  Zhiming Liu,et al.  Theoretical Aspects of Computing - ICTAC 2004, First International Colloquium, Guiyang, China, September 20-24, 2004, Revised Selected Papers , 2005, ICTAC.

[3]  Pedro R. D'Argenio,et al.  Significant Diagnostic Counterexamples in Probabilistic Model Checking , 2008, Haifa Verification Conference.

[4]  Jun Pang,et al.  Measuring Anonymity with Relative Entropy , 2006, Formal Aspects in Security and Trust.

[5]  Roberto Segala,et al.  Modeling and verification of randomized distributed real-time systems , 1996 .

[6]  Ian Stark,et al.  Free-Algebra Models for the pi-Calculus , 2005, FoSSaCS.

[7]  J. Cheney,et al.  A sequent calculus for nominal logic , 2004, LICS 2004.

[8]  Catuscia Palamidessi,et al.  Quantitative Notions of Leakage for One-try Attacks , 2009, MFPS.

[9]  Prakash Panangaden,et al.  Anonymity protocols as noisy channels , 2006, Inf. Comput..

[10]  Husain Aljazzar,et al.  Debugging of Dependability Models Using Interactive Visualization of Counterexamples , 2008, 2008 Fifth International Conference on Quantitative Evaluation of Systems.

[11]  Thomas M. Cover,et al.  Elements of information theory (2. ed.) , 2006 .

[12]  David Clark,et al.  Quantitative Information Flow, Relations and Polymorphic Types , 2005, J. Log. Comput..

[13]  Geoffrey Smith,et al.  On the Foundations of Quantitative Information Flow , 2009, FoSSaCS.

[14]  Theo Dimitrakos,et al.  Formal Aspects in Security and Trust, Fourth International Workshop, FAST 2006, Hamilton, Ontario, Canada, August 26-27, 2006, Revised Selected Papers , 2007, Formal Aspects in Security and Trust.

[15]  Ira S. Moskowitz,et al.  Covert channels and anonymizing networks , 2003, WPES '03.

[16]  Conrado Daws Symbolic and Parametric Model Checking of Discrete-Time Markov Chains , 2004, ICTAC.

[17]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[18]  Radha Jagadeesan,et al.  The metric analogue of weak bisimulation for probabilistic processes , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[19]  Joost-Pieter Katoen,et al.  Regular Expressions for PCTL Counterexamples , 2008, 2008 Fifth International Conference on Quantitative Evaluation of Systems.

[20]  David King ER , 2008, BMJ : British Medical Journal.

[21]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[22]  Michael R. Clarkson,et al.  Belief in information flow , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).