Analysing Approximate Confinement under Uniform Attacks
We are concerned to give certain guarantees about the security of a system. We identify two kinds of attack: the internally scheduled attack (exemplified by Trojan Horse attacks) and externally scheduled attacks (exemplified by timing attacks). In this paper we focus on the latter. We present a semantic framework for studying such attacks in the context of PCCP, a simple process algebra with a constraint store. We show that a measure of the efficacy of an attacker can be determined by considering its observable behaviour over the ” average” store of the system (for some number of steps). We show how to construct an analysis to determine the average store using the technique of probabilistic abstract interpretation.
KeywordsOperational Semantic Analyse Approximate Galois Connection Average Store Abstract Semantic
Unable to display preview. Download preview PDF.
- 1.S. Abramsky and C. Hankin, editors. Abstract Interpretation of Declarative Languages. Ellis-Horwood, Chichester, England, 1987.Google Scholar
- 3.S.L. Campbell and D. Meyer. Generalized Inverse of Linear Transformations. Constable and Company, London, 1979.Google Scholar
- 4.P. Cousot and R. Cousot. Abstract Interpretation and Applications to Logic Programs. Journal of Logic Programming, 13(2–3):103–180, July 1992.Google Scholar
- 6.A. Di Pierro, C. Hankin, and H. Wiklicky. Probabilistic confinement in a declarative framework. In Declarative Programming-Selected Papers from AGP 2000-La Havana, Cuba, volume 48 of Electronic Notes in Theoretical Computer Science, pages 1–23. Elsevier, 2001.Google Scholar
- 7.A. Di Pierro, C. Hankin, and H. Wiklicky. Approximate non-interference. In Iliano Cervesato, editor, CSFW’02 — 15th IEEE Computer Security Foundation Workshop, pages 3–17, Cape Breton, Canada, 24–26 June 2002. IEEE Computer Society Press.Google Scholar
- 8.A. Di Pierro, C. Hankin, and H. Wiklicky. On approximate non-interference. In P. Syverson and J. Guttman, editors, Proceedings of WITS’02-Workshop on Issues in the Theory of Security, 14–15 January, Portland, January 2002. http://www.dsi.unive.it/IFIPWG1_7/WITS2002.
- 9.A. Di Pierro and H. Wiklicky. An operational semantics for Probabilistic Concurrent Constraint Programming. In P. Iyer, Y. Choo, and D. Schmidt, editors, ICCL’98-International Conference on Computer Languages, pages 174–183. IEEE Computer Society Press, 1998.Google Scholar
- 10.A. Di Pierro and H. Wiklicky. Concurrent Constraint Programming: Towards Probabilistic Abstract Interpretation. In M. Gabbrielli and F. Pfenning, editors, Proceedings of PPDP’00-Principles and Practice of Declarative Programming, pages 127–138, Montréal, Canada, September 2000. ACM SIGPLAN, Association of Computing Machinery.Google Scholar
- 11.A. Di Pierro and H. Wiklicky. Measuring the precision of abstract interpretations. In Proceedings of LOPSTR’00-10th International Workshop on Logic-Based Program Synthesis and Transformation, London, UK, volume 2042 of Lecture Notes in Computer Science, pages 147–164, Berlin-New York, 2001. Springer Verlag.Google Scholar
- 12.J. Goguen and J. Meseguer. Security Policies and Security Models. In IEEE Symposium on Security and Privacy, pages 11–20. IEEE Computer Society Press, 1982.Google Scholar
- 13.P.C. Kocher. Cryptanalysis of Diffie-Hellman, RSA, DSS, and other crypto-systems using timing attacks. In D. Coppersmith, editor, Advances in Cryptology, CRYPTO’95: 15th Annual International Cryptology Conference, Santa Barbara, California, USA, August 27–31, 1995, volume 963 of Lecture Notes in Computer Science, pages 171–183, Berlin — Heidelberg — London, 1995. Springer-Verlag.Google Scholar
- 14.P.C. Kocher, J.M. Jaffe, and B Jun. Differential power analysis. In Proc. 19th International Advances in Cryptology Conference-CRYPTO’ 99, pages 388–397, 1999.Google Scholar
- 16.P.Y.A. Ryan, J. McLean, J. Millen, and V. Gilgor. Non-interference, who needs it? In Proceedings of the 14th IEEE Computer Security Foundations Workshop, pages 237–238, Cape Breton, Nova Scotia, Canada, June 2001. IEEE.Google Scholar
- 17.A. Sabelfeld and D. Sands. A per model of secure information flow in sequential programs. In ESOP’99, number 1576 in Lecture Notes in Computer Science, pages 40–58. Springer Verlag, 1999.Google Scholar
- 18.A. Sabelfeld and D. Sands. Probabilistic noninterference for multi-threaded programs. In Proceedings of the 13th IEEE Computer Security Foundations Workshop, pages 200–214, 2000.Google Scholar
- 19.V.A. Saraswat, M. Rinard, and P. Panangaden. Semantics foundations of concurrent constraint programming. In Symposium on Principles of Programming Languages (POPL), pages 333–353. ACM, 1991.Google Scholar
- 20.G. Smith and D. Volpano. Secure information flow in a multi-threaded imperative language. In Symposium on Principles of Programming Languages (POPL’98), pages 355–364, San Diego, California, 1998. ACM.Google Scholar
- 21.G. Smith and D. Volpano. Verifying secrets and relative secrecy. In Symposium on Principles of Programming Languages (POPL’00), pages 368–276, Boston, Massachusetts, 2000. ACM.Google Scholar
- 22.D. Volpano and G. Smith. Probabilistic noninterference in a concurrent language. In Proceedings of the 11th IEEE Computer Security Foundations Workshop (CSFW’98), pages 34–43, Washington-Brussels-Tokyo, June 1998. IEEE.Google Scholar