Opacity - Further Insights on an Information Flow Property

In [1], [2], [3] Bryans et al define a security property known as opacity. In this paper, we investigate possible relationships between opacity and several existing definitions for information flow, namely noninterference [8], [9], non-inference [15], nondeducibility [20] and nonleakage [21]. We show that non-interference implies opacity, and that non-inference is equivalent to opacity. We also show that the remaining two properties can be cast directly as opacity. Here, we refer to suitably defined forms of opacity. This work indicates the potential flexibility of opacity, and establishes its distinct characteristics. © 2006 University of Newcastle upon Tyne. Printed and published by the University of Newcastle upon Tyne, Computing Science, Claremont Tower, Claremont Road, Newcastle upon Tyne, NE1 7RU, England. Bibliographical details RYAN, P. Y. A., PEACOCK, T.. Opacity Further Insights on an Information Flow Property [By] P. Y. A. Ryan, T. Peacock. Newcastle upon Tyne: University of Newcastle upon Tyne: Computing Science, 2006. (University of Newcastle upon Tyne, Computing Science, Technical Report Series, No. CS-TR-958)

[1]  Maciej Koutny,et al.  Opacity generalised to transition systems , 2005, International Journal of Information Security.

[2]  John McLean,et al.  A general theory of composition for trace sets closed under selective interleaving functions , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Joshua D. Guttman,et al.  What Needs Securing , 1988, CSFW.

[4]  David von Oheimb Information Flow Control Revisited: Noninfluence = Noninterference + Nonleakage , 2004, ESORICS.

[5]  Richard J. Feiertag A Technique for Proving Specifications are Multilevel Secure , 1980 .

[6]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[7]  Ellis S. Cohen Information transmission in computational systems , 1977, SOSP '77.

[8]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[9]  Maciej Koutny,et al.  Modelling Dynamic Opacity Using Petri Nets with Silent Actions , 2004, Formal Aspects in Security and Trust.

[10]  Roberto Gorrieri,et al.  Classification of Security Properties (Part I: Information Flow) , 2000, FOSAD.

[11]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[12]  Colin O'Halloran,et al.  A Calculus of Information Flow , 1990, ESORICS.

[13]  P. Ryan,et al.  Coercion-resistance as Opacity in Voting Systems , 2006 .

[14]  Peter Y. A. Ryan,et al.  Process algebra and non-interference , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[15]  José Meseguer,et al.  Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.

[16]  Maciej Koutny,et al.  Modelling Opacity Using Petri Nets , 2005, WISP@ICATPN.

[17]  Vitaly Shmatikov,et al.  Information Hiding, Anonymity and Privacy: a Modular Approach , 2004, J. Comput. Secur..

[18]  Frédéric Cuppens,et al.  A definition of secure dependencies using the logic of security , 1991, Proceedings Computer Security Foundations Workshop IV.

[19]  Peter Y. A. Ryan,et al.  A CSP formulation of non-interference and unwinding , 1991 .

[20]  Peter Y. A. Ryan,et al.  Mathematical Models of Computer Security , 2000, FOSAD.