The Optimum Leakage Principle for Analyzing Multi-threaded Programs

Bellman's optimality principle is a method for solving problems where one needs to find best decisions one after another. The principle can be extended to assess the information leakage in multithreaded programs, and is formalized into the optimum leakage principle hereby proposed in this paper. By modeling the state transitions in multithreaded programs, the principle is combined with information theory to assess the leakage in multi-threaded programs, as the result of an optimal policy. This offers a new perspective to measure the information leakage and enables to track the leakage at run-time. Examples are given to demonstrate the analysis process. Finally, efficient implementation of this methodology is also briefly discussed.

[1]  David Sands,et al.  Probabilistic noninterference for multi-threaded programs , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[2]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[3]  Martin L. Puterman,et al.  Markov Decision Processes: Discrete Stochastic Dynamic Programming , 1994 .

[4]  Ian Stark,et al.  Free-Algebra Models for the pi-Calculus , 2005, FoSSaCS.

[5]  Prakash Panangaden,et al.  On the Bayes risk in information-hiding protocols , 2008, J. Comput. Secur..

[6]  Gavin Lowe,et al.  Quantifying information flow , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[7]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[8]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[9]  Geoffrey Smith,et al.  On the Foundations of Quantitative Information Flow , 2009, FoSSaCS.

[10]  John McLean,et al.  Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  David Clark,et al.  A static analysis for quantifying information flow in a simple imperative language , 2007, J. Comput. Secur..

[12]  Michael Backes,et al.  Automatic Discovery and Quantification of Information Leaks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[13]  Pasquale Malacaria,et al.  Quantitative analysis of leakage for multi-threaded programs , 2007, PLAS '07.

[14]  Pasquale Malacaria,et al.  Risk assessment of security threats for looping constructs , 2010, J. Comput. Secur..

[15]  Michael R. Clarkson,et al.  Belief in information flow , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[16]  Pasquale Malacaria,et al.  Lagrange multipliers and maximum information leakage in different observational models , 2008, PLAS '08.

[17]  Pasquale Malacaria,et al.  Assessing security threats of looping constructs , 2007, POPL '07.

[18]  David Clark,et al.  Quantitative Analysis of the Leakage of Confidential Data , 2002, QAPL.

[19]  Prakash Panangaden,et al.  Anonymity protocols as noisy channels , 2008, Inf. Comput..

[20]  Pasquale Malacaria,et al.  Studying Maximum Information Leakage Using Karush-Kuhn-Tucker Conditions , 2009, SECCO.

[21]  Catuscia Palamidessi,et al.  Probabilistic Anonymity , 2005, CONCUR.

[22]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[23]  David Clark,et al.  Quantified Interference for a While Language , 2005, QAPL.

[24]  Chris Hankin,et al.  Measuring the confinement of probabilistic systems , 2005, Theor. Comput. Sci..

[25]  James W. Gray,et al.  Toward a mathematical foundation for information flow security , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[26]  Claude E. Shannon,et al.  The Mathematical Theory of Communication , 1950 .

[27]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[28]  R Bellman,et al.  On the Theory of Dynamic Programming. , 1952, Proceedings of the National Academy of Sciences of the United States of America.

[29]  Vincent Danos,et al.  Transactions in RCCS , 2005, CONCUR.

[30]  Konstantinos Chatzikokolakis Calculating Probabilistic Anonymity from Sampled Data , 2009 .

[31]  Pasquale Malacaria,et al.  Quantifying maximal loss of anonymity in protocols , 2009, ASIACCS '09.

[32]  Catuscia Palamidessi,et al.  Quantitative Notions of Leakage for One-try Attacks , 2009, MFPS.