Skip to main content
SpringerLink
Log in

Analysing Approximate Confinement under Uniform Attacks

  • Conference paper
  • First Online:
Static Analysis (SAS 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2477))

Included in the following conference series:

Abstract

We are concerned to give certain guarantees about the security of a system. We identify two kinds of attack: the internally scheduled attack (exemplified by Trojan Horse attacks) and externally scheduled attacks (exemplified by timing attacks). In this paper we focus on the latter. We present a semantic framework for studying such attacks in the context of PCCP, a simple process algebra with a constraint store. We show that a measure of the efficacy of an attacker can be determined by considering its observable behaviour over the ” average” store of the system (for some number of steps). We show how to construct an analysis to determine the average store using the technique of probabilistic abstract interpretation.

Chris Hankin is partly funded by the EU FET open project SecSafe.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. S. Abramsky and C. Hankin, editors. Abstract Interpretation of Declarative Languages. Ellis-Horwood, Chichester, England, 1987.

    Google Scholar 

  2. F. J. Beutler. The operator theory of the pseudo-inverse. Journal of Mathematical Analysis and Applications, 10:451–470, 471–493, 1965.

    Article  MathSciNet  Google Scholar 

  3. S.L. Campbell and D. Meyer. Generalized Inverse of Linear Transformations. Constable and Company, London, 1979.

    Google Scholar 

  4. P. Cousot and R. Cousot. Abstract Interpretation and Applications to Logic Programs. Journal of Logic Programming, 13(2–3):103–180, July 1992.

    Google Scholar 

  5. F.S. de Boer, A. Di Pierro, and C. Palamidessi. Nondeterminism and Infinite Computations in Constraint Programming. Theoretical Computer Science, 151(1):37–78, 1995.

    Article  MATH  MathSciNet  Google Scholar 

  6. A. Di Pierro, C. Hankin, and H. Wiklicky. Probabilistic confinement in a declarative framework. In Declarative Programming-Selected Papers from AGP 2000-La Havana, Cuba, volume 48 of Electronic Notes in Theoretical Computer Science, pages 1–23. Elsevier, 2001.

    Google Scholar 

  7. A. Di Pierro, C. Hankin, and H. Wiklicky. Approximate non-interference. In Iliano Cervesato, editor, CSFW’02 — 15th IEEE Computer Security Foundation Workshop, pages 3–17, Cape Breton, Canada, 24–26 June 2002. IEEE Computer Society Press.

    Google Scholar 

  8. A. Di Pierro, C. Hankin, and H. Wiklicky. On approximate non-interference. In P. Syverson and J. Guttman, editors, Proceedings of WITS’02-Workshop on Issues in the Theory of Security, 14–15 January, Portland, January 2002. http://www.dsi.unive.it/IFIPWG1_7/WITS2002.

  9. A. Di Pierro and H. Wiklicky. An operational semantics for Probabilistic Concurrent Constraint Programming. In P. Iyer, Y. Choo, and D. Schmidt, editors, ICCL’98-International Conference on Computer Languages, pages 174–183. IEEE Computer Society Press, 1998.

    Google Scholar 

  10. A. Di Pierro and H. Wiklicky. Concurrent Constraint Programming: Towards Probabilistic Abstract Interpretation. In M. Gabbrielli and F. Pfenning, editors, Proceedings of PPDP’00-Principles and Practice of Declarative Programming, pages 127–138, Montréal, Canada, September 2000. ACM SIGPLAN, Association of Computing Machinery.

    Google Scholar 

  11. A. Di Pierro and H. Wiklicky. Measuring the precision of abstract interpretations. In Proceedings of LOPSTR’00-10th International Workshop on Logic-Based Program Synthesis and Transformation, London, UK, volume 2042 of Lecture Notes in Computer Science, pages 147–164, Berlin-New York, 2001. Springer Verlag.

    Google Scholar 

  12. J. Goguen and J. Meseguer. Security Policies and Security Models. In IEEE Symposium on Security and Privacy, pages 11–20. IEEE Computer Society Press, 1982.

    Google Scholar 

  13. P.C. Kocher. Cryptanalysis of Diffie-Hellman, RSA, DSS, and other crypto-systems using timing attacks. In D. Coppersmith, editor, Advances in Cryptology, CRYPTO’95: 15th Annual International Cryptology Conference, Santa Barbara, California, USA, August 27–31, 1995, volume 963 of Lecture Notes in Computer Science, pages 171–183, Berlin — Heidelberg — London, 1995. Springer-Verlag.

    Google Scholar 

  14. P.C. Kocher, J.M. Jaffe, and B Jun. Differential power analysis. In Proc. 19th International Advances in Cryptology Conference-CRYPTO’ 99, pages 388–397, 1999.

    Google Scholar 

  15. F. Nielson, H. Riis Nielson, and C. Hankin. Principles of Program Analysis. Springer Verlag, Berlin-Heidelberg, 1999.

    MATH  Google Scholar 

  16. P.Y.A. Ryan, J. McLean, J. Millen, and V. Gilgor. Non-interference, who needs it? In Proceedings of the 14th IEEE Computer Security Foundations Workshop, pages 237–238, Cape Breton, Nova Scotia, Canada, June 2001. IEEE.

    Google Scholar 

  17. A. Sabelfeld and D. Sands. A per model of secure information flow in sequential programs. In ESOP’99, number 1576 in Lecture Notes in Computer Science, pages 40–58. Springer Verlag, 1999.

    Google Scholar 

  18. A. Sabelfeld and D. Sands. Probabilistic noninterference for multi-threaded programs. In Proceedings of the 13th IEEE Computer Security Foundations Workshop, pages 200–214, 2000.

    Google Scholar 

  19. V.A. Saraswat, M. Rinard, and P. Panangaden. Semantics foundations of concurrent constraint programming. In Symposium on Principles of Programming Languages (POPL), pages 333–353. ACM, 1991.

    Google Scholar 

  20. G. Smith and D. Volpano. Secure information flow in a multi-threaded imperative language. In Symposium on Principles of Programming Languages (POPL’98), pages 355–364, San Diego, California, 1998. ACM.

    Google Scholar 

  21. G. Smith and D. Volpano. Verifying secrets and relative secrecy. In Symposium on Principles of Programming Languages (POPL’00), pages 368–276, Boston, Massachusetts, 2000. ACM.

    Google Scholar 

  22. D. Volpano and G. Smith. Probabilistic noninterference in a concurrent language. In Proceedings of the 11th IEEE Computer Security Foundations Workshop (CSFW’98), pages 34–43, Washington-Brussels-Tokyo, June 1998. IEEE.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Informatica, Universitá di Pisa, Italy

    Alessandra Di Pierro

  2. Department of Computing, Imperial College, London, UK

    Chris Hankin & Herbert Wiklicky

Authors
  1. Alessandra Di Pierro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chris Hankin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Herbert Wiklicky
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science Facultad de Informática, Technical University of Madrid, Campus de Montegancedo, 28660, Boadilla del Monte, Madrid, Spain

    Manuel V. Hermenegildo  & Germán Puebla  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Di Pierro, A., Hankin, C., Wiklicky, H. (2002). Analysing Approximate Confinement under Uniform Attacks. In: Hermenegildo, M.V., Puebla, G. (eds) Static Analysis. SAS 2002. Lecture Notes in Computer Science, vol 2477. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45789-5_23

Download citation

  • DOI: https://doi.org/10.1007/3-540-45789-5_23

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44235-6

  • Online ISBN: 978-3-540-45789-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation