Information Leakage of Non-Terminating Processes

Fabrizio Biondi; Axel Legay; Bo Friis Nielsen; Pasquale Malacaria; Andrzej Wasowski

Information Leakage of Non-Terminating Processes

Fabrizio Biondi, Axel Legay, Bo Friis Nielsen, Pasquale Malacaria, Andrzej Wasowski

Publikation: Artikel i tidsskrift og konference artikel i tidsskrift › Tidsskriftartikel › Forskning › peer review

Abstract

In recent years, quantitative security techniques have been providing effective measures of the security of a system against an attacker. Such techniques usually assume that the system produces a finite amount of observations based on a finite amount of secret bits and terminates, and the attack is based on these observations. By modeling systems with Markov chains, we are able to measure the effectiveness of attacks on non-terminating systems. Such systems do not necessarily produce a finite amount of output and are not necessarily based on a finite amount of secret bits. We provide characterizations and algorithms to define meaningful measures of security for non-terminating systems, and to compute them when possible. We also study the bounded versions of the problems, and show examples of non-terminating programs and how their effectiveness in protecting their secret can be measured.

Originalsprog	Engelsk
Tidsskrift	Leibniz International Proceedings in Informatics
Vol/bind	29
Sider (fra-til)	517-529
ISSN	1868-8969
Status	Udgivet - 2014

Emneord

Quantitative information flow
Markov chain
information leakage
infinite execution

Citationsformater

@article{b9bfb68868f3464ab119b24c476dc846,

title = "Information Leakage of Non-Terminating Processes",

abstract = "In recent years, quantitative security techniques have been providing effective measures of the security of a system against an attacker. Such techniques usually assume that the system produces a finite amount of observations based on a finite amount of secret bits and terminates, and the attack is based on these observations. By modeling systems with Markov chains, we are able to measure the effectiveness of attacks on non-terminating systems. Such systems do not necessarily produce a finite amount of output and are not necessarily based on a finite amount of secret bits. We provide characterizations and algorithms to define meaningful measures of security for non-terminating systems, and to compute them when possible. We also study the bounded versions of the problems, and show examples of non-terminating programs and how their effectiveness in protecting their secret can be measured.",

keywords = "Quantitative information flow, Markov chain, information leakage, infinite execution, Quantitative information flow, Markov chain, information leakage, infinite execution",

author = "Fabrizio Biondi and Axel Legay and Nielsen, {Bo Friis} and Pasquale Malacaria and Andrzej Wasowski",

year = "2014",

language = "English",

volume = "29",

pages = "517--529",

journal = "Leibniz International Proceedings in Informatics",

issn = "1868-8969",

publisher = "Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik GmbH",

}

TY - JOUR

T1 - Information Leakage of Non-Terminating Processes

AU - Biondi, Fabrizio

AU - Legay, Axel

AU - Nielsen, Bo Friis

AU - Malacaria, Pasquale

AU - Wasowski, Andrzej

PY - 2014

Y1 - 2014

N2 - In recent years, quantitative security techniques have been providing effective measures of the security of a system against an attacker. Such techniques usually assume that the system produces a finite amount of observations based on a finite amount of secret bits and terminates, and the attack is based on these observations. By modeling systems with Markov chains, we are able to measure the effectiveness of attacks on non-terminating systems. Such systems do not necessarily produce a finite amount of output and are not necessarily based on a finite amount of secret bits. We provide characterizations and algorithms to define meaningful measures of security for non-terminating systems, and to compute them when possible. We also study the bounded versions of the problems, and show examples of non-terminating programs and how their effectiveness in protecting their secret can be measured.

AB - In recent years, quantitative security techniques have been providing effective measures of the security of a system against an attacker. Such techniques usually assume that the system produces a finite amount of observations based on a finite amount of secret bits and terminates, and the attack is based on these observations. By modeling systems with Markov chains, we are able to measure the effectiveness of attacks on non-terminating systems. Such systems do not necessarily produce a finite amount of output and are not necessarily based on a finite amount of secret bits. We provide characterizations and algorithms to define meaningful measures of security for non-terminating systems, and to compute them when possible. We also study the bounded versions of the problems, and show examples of non-terminating programs and how their effectiveness in protecting their secret can be measured.

KW - Quantitative information flow

KW - Markov chain

KW - information leakage

KW - infinite execution

KW - Quantitative information flow

KW - Markov chain

KW - information leakage

KW - infinite execution

M3 - Journal article

SN - 1868-8969

VL - 29

SP - 517

EP - 529

JO - Leibniz International Proceedings in Informatics

JF - Leibniz International Proceedings in Informatics

ER -

Information Leakage of Non-Terminating Processes

Abstract

Emneord

Fingeraftryk

Citationsformater