Abstract
We introduce a notion of stochastic noninterference aimed at extending the classical approach to information flow analysis with fine-grain information describing the temporal behavior of systems. In particular, we refer to a process algebraic setting that joins durational activities expressing time passing through exponentially distributed random variables, zero duration activities allowing for prioritized/ probabilistic choices, and untimed activities with unspecified duration. In this setting unifying time, priority, probability, and nondeterminism, we highlight the expressive power of stochastic noninterference with respect to the existing definitions of nondeterministic and probabilistic noninterference. From this comparison, we obtain that stochastic noninterference turns out to be very strict and limiting in real-world applications and, therefore, requires the use of relaxation techniques. Among them we advocate performance evaluation as a means for achieving a reasonable balance between security requirements and quality.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aldini, A.: Classification of security properties in a Linda-like process algebra. J. of Science of Computer Programming 63, 16–38 (2006)
Aldini, A., Bernardo, M.: A formal approach to the integrated analysis of security and QoS. J. of Reliability Engineering & System Safety 92, 1503–1520 (2007)
Aldini, A., Bravetti, M., Gorrieri, R.: A process-algebraic approach for the analysis of probabilistic noninterference. J. of Computer Security 12, 191–245 (2004)
Aldini, A., Bravetti, M., Di Pierro, A., Gorrieri, R., Hankin, C., Wiklicky, H.: Two formal approaches for approximating noninterference properties. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2001. LNCS, vol. 2946, pp. 1–43. Springer, Heidelberg (2004)
Bernardo, M., Aldini, A.: Weak Markovian bisimilarity: abstracting from prioritized/weighted internal immediate actions. In: 10th Italian Conf. on Theoretical Computer Science, pp. 39–56. World Scientific, Singapore (2007)
Bravetti, M., Aldini, A.: Discrete time generative-reactive probabilistic processes with different advancing speeds. Theoretical Comp. Science 290, 355–406 (2003)
Di Pierro, A., Wiklicky, H.: Quantifying timing leaks and cost optimisation. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 81–96. Springer, Heidelberg (2008)
Focardi, R., Martinelli, F., Gorrieri, R.: Information flow analysis in a discrete-time process algebra. In: IEEE Computer Security Foundations Workshop, pp. 170–184 (2000)
Focardi, R., Gorrieri, R.: A classification of security properties. J. of Computer Security 3, 5–33 (1995)
van Glabbeek, R.J., Smolka, S.A., Steffen, B.: Reactive, generative and stratified models of probabilistic processes. Information and Comput. 121, 59–80 (1995)
Goguen, J.A., Meseguer, J.: Security policy and security models. In: IEEE Symp. on Security and Privacy, pp. 11–20 (1982)
Lanotte, R., Maggiolo-Schettini, A., Troina, A.: A classification of time and/or probability dependent security properties. In: 3rd Int. Workshop on Quantitative Aspects of Programming Languages. ENTCS, vol. 153, pp. 177–193 (2005)
Mantel, H., Sudbrock, H.: Comparing countermeasures against interrupt-related covert channels in an information-theoretic framework. In: IEEE Computer Security Foundations Symposium, pp. 326–340 (2007)
McLean, J.: Security models and information flow. In: IEEE Symp. on Research in Security and Privacy, pp. 180–187 (1990)
Milner, R.: Communication and Concurrency. Prentice Hall, Englewood Cliffs (1989)
Roscoe, A.W., Reed, G.M., Forster, R.: The successes and failures of behavioural models. Millenial Perspectives in Computer Science (2000)
Ryan, P.Y.A., Schneider, S.A.: Process algebra and non-interference. J. of Computer Security 9, 75–103 (2001)
Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: IEEE Computer Security Foundations Workshop, pp. 200–214 (2000)
Smith, G.: Probabilistic noninterference through weak probabilistic bisimulation. In: IEEE Computer Security Foundations Workshop, pp. 3–13 (2003)
Stewart, W.J.: Introduction to the numerical solution of Markov chains. Princeton University Press, Princeton (1994)
Volpano, D., Smith, G.: Probabilistic noninterference in a concurrent language. In: IEEE Computer Security Foundations Workshop, pp. 34–43 (1998)
Wittbold, J.T., Johnson, D.M.: Information flow in nondeterministic systems. In: IEEE Symp. on Research in Security and Privacy, pp. 144–161 (1990)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Aldini, A., Bernardo, M. (2009). A General Framework for Nondeterministic, Probabilistic, and Stochastic Noninterference. In: Degano, P., Viganò, L. (eds) Foundations and Applications of Security Analysis. ARSPA-WITS 2009. Lecture Notes in Computer Science, vol 5511. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03459-6_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-03459-6_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03458-9
Online ISBN: 978-3-642-03459-6
eBook Packages: Computer ScienceComputer Science (R0)