48,861 Hits in 4.1 sec

Fast probabilistic simulation, nontermination, and secure information flow

Geoffrey Smith, Rafael Alpízar
2007 Proceedings of the 2007 workshop on Programming languages and analysis for security - PLAS '07  
In secure information flow analysis, the classic Denning restrictions allow a program's termination to be affected by the values of its H variables, resulting in potential information leaks.  ...  As an application, we prove that, under the Denning restrictions, well-typed probabilistic programs are guaranteed to satisfy an approximate probabilistic noninterference property, provided that their  ...  probabilistic simulation (unlike probabilistic bisimulation) has not previously been used in secure information flow.  ... 
doi:10.1145/1255329.1255341 dblp:conf/pldi/SmithA07 fatcat:d2ddk2ovsrfulodhrgwcspx6hi

Quantitative Analysis of Secure Information Flow via Probabilistic Semantics

Chunyan Mu, David Clark
2009 2009 International Conference on Availability, Reliability and Security  
Our semantic functions provide information flow measurement for programs given secure inputs under any probability distribution.  ...  We present an automatic analyzer for measuring information flow within software systems.  ...  ACKNOWLEDGMENT This research is supported in part by the EPSRC grant EP/C009967/1 Quantitative Information Flow.  ... 
doi:10.1109/ares.2009.88 dblp:conf/IEEEares/MuC09 fatcat:dzcr5gmwzngnniwv7gwz4efu4y

The epistemic representation of information flow security in probabilistic systems

P.F. Syverson, J.W. Gray
Proceedings The Eighth IEEE Computer Security Foundations Workshop  
We set out a logic for reasoning about multilevel security of probabilistic systems. This logic includes modalities for time, knowledge, and probability.  ...  One was equivalent to the information-theoretic security criterion for a system to be free of covert channels but was di cult to prove.  ...  For security applications we are concerned with information ow i n to and out of the system rather than with information in the system per se.  ... 
doi:10.1109/csfw.1995.518560 dblp:conf/csfw/SyversonG95 fatcat:5oa7nukjrvfrjjmhny32gsjilu

Information Flow Analysis for Probabilistic Timed Automata [chapter]

Ruggero Lanotte, Andrea Maggiolo-Schettini, Angelo Troina
Formal Aspects in Security and Trust  
Initial studies of information flow analysis were performed by abstracting away from time and probability.  ...  In multilevel systems it is important to avoid unwanted indirect information flow from higher levels to lower levels, namely the so called covert channels.  ...  We could easily give a definition of bisimulation requiring only that the difference of the probabilities in Definition 2 is less than a certain value and use it to give a measure of the security level  ... 
doi:10.1007/0-387-24098-5_2 dblp:conf/ifip1-7/LanotteMT04 fatcat:a242rwox7zh3viibf5ev7llddu

Verifying Weak Probabilistic Noninterference

Ali A., Jaber Karimpour, Ayaz Isazadeh, Shahriar Lotfi
2017 International Journal of Advanced Computer Science and Applications  
a property of secure information flow, e.g., probabilistic noninterference.  ...  It aims to guarantee secure flow of information in the program and ensure that sensitive information does not leak to attackers.  ...  This is where secure information flow comes to the rescue. Secure information flow controls the way information flows throughout a program.  ... 
doi:10.14569/ijacsa.2017.081026 fatcat:mef4uuk6frbvji4d2fegyinfmy

Measuring Information Flow in Reactive Processes [chapter]

Chunyan Mu
2009 Lecture Notes in Computer Science  
This paper outlines an approach for measuring information flow within reactive probabilistic systems.  ...  Second, we present the language and semantics for simple reactive processes, and investigate the quantified information flow analysis over this semantics.  ...  This work is funded by the EPSRC grant EP/C009967/1 Quantitative Information Flow and Royal Society Project Information Flow in Process Algebras.  ... 
doi:10.1007/978-3-642-11145-7_17 fatcat:dak24pddnnapho7vk4dgicoz6q

Probabilistic Information Flow in a Process Algebra [chapter]

Alessandro Aldini
2001 Lecture Notes in Computer Science  
We propose a process algebraic approach that extends the logical information flow analysis of computer systems to the probabilistic setting.  ...  To this end, we define several security properties for the analysis of probabilistic non-interference and we compare them with the classical possibilistic properties, by emphasizing the relationship with  ...  Moreover, the authors of [9] resort to a possibilistic information flow analysis of a Probabilistic Idealised Algol to check for probabilistic interference, whereas in [11] a probabilistic security  ... 
doi:10.1007/3-540-44685-0_11 fatcat:smyunm4atfefvld3p7543ib32y

Program Analysis Probably Counts

A. Di Pierro, C. Hankin, H. Wiklicky
2009 Computer journal  
More recent examples include the estimation of information flows (to enforce security constraints) and estimation of non-functional properties such as timing (to determine worst case execution times in  ...  We will use a simple information flow analysis to exemplify the classical approach.  ...  Information Flow We now turn to an example which is closer to programming language theory and is motivated by language-based security concerns.  ... 
doi:10.1093/comjnl/bxp033 fatcat:35irtbkyjvf4dml3fk2pkwohqy

A Probabilistic Property-Specific Approach to Information Flow [chapter]

Danièle Beauquier, Marie Duflot, Marius Minea
2005 Lecture Notes in Computer Science  
We study probabilistic information flow from a propertyspecific viewpoint.  ...  In this framework, we can express several classical definitions of possibilistic security, as well as giving a more detailed, quantitative measure of information flow.  ...  In addition, for systems that are not secure according to one of these notions, the probabilistic approach allows us to give a quantitative measure of the appearing information flow.  ... 
doi:10.1007/11560326_16 fatcat:dwgftadkgjhgzfzkfqfze4q74e

A Per Model of Secure Information Flow in Sequential Programs [chapter]

Andrei Sabelfeld, David Sands
1999 Lecture Notes in Computer Science  
This paper proposes an extensional semantics-based formal specification of secure information-flow properties in sequential programs based on representing degrees of security by partial equivalence relations  ...  We extend the approach to handle nondeterminism by using powerdomain semantics and show how probabilistic security properties can be formalised by using probabilistic powerdomain semantics. S.D.  ...  The probabilistic nature of an implementation may allow probabilistic information flows for "secure" programs. Consider the program h := h mod 100; (l := h l := rand(99)).  ... 
doi:10.1007/3-540-49099-x_4 fatcat:64obrmgtujaozptj5hjxbazagy

Quantifying Probabilistic Information Flow in Computational Reactive Systems [chapter]

Michael Backes
2005 Lecture Notes in Computer Science  
zero or negligible quantity of information flow is equivalent to perfect or computational probabilistic non-interference, respectively.  ...  Because of the enormous potential to transmit information using probabilistic methods of cryptography, interest has arisen in extending the traditional notions of information flow to fully reactive settings  ...  absence of probabilistic information flow.  ... 
doi:10.1007/11555827_20 fatcat:k4lz4usavjdyzca3bgl24o57ai

Quantitative Security Analysis (Dagstuhl Seminar 12481)

Boris Köpf, Paquale Malacaria, Catuscia Palamidessi, Marc Herbstritt
2013 Dagstuhl Reports  
Under such constraints, the relevant question is not whether a system is secure, but rather how much security it provides.  ...  Quantitative notions of security can express degrees of protection and thus enable reasoning about the trade-off between security and conflicting requirements.  ...  ideas have been investigated for Quantitative Information Flow.  ... 
doi:10.4230/dagrep.2.11.135 dblp:journals/dagstuhl-reports/KopfMP12 fatcat:zlrdsjynqnfv3ehvlybivdnwre

Checking probabilistic noninterference using JOANA

Gregor Snelting, Dennis Giffhorn, Jürgen Graf, Christian Hammer, Martin Hecker, Martin Mohr, Daniel Wasserrab
2014 it - Information Technology  
AbstractJOANA is a tool for software security analysis, checking up to 100 kLOC of full multi-threaded Java. JOANA is based on sophisticated program analysis techniques and thus very precise.  ...  It includes a new algorithm guaranteeing probabilistic noninterference, named RLSOD. JOANA needs few annotations and has a nice GUI. The tool is open source and was applied in several case studies.  ...  JOANA was supported by DFG (including DFG SPP 1496 "Reliably secure software systems") and BMBF in the scope of the software security competence center KASTEL.  ... 
doi:10.1515/itit-2014-1051 fatcat:4co5hezc5vepjbaozpvxm4avny

Secure information flow with random assignment and encryption

Geoffrey Smith
2006 Proceedings of the fourth ACM workshop on Formal methods in security - FMSE '06  
Type systems for secure information flow aim to prevent a program from leaking information from variables classified as H to variables classified as L.  ...  As a part of our proof, we first consider secure information flow in a language with a random assignment operator (but no encryption).  ...  INTRODUCTION Secure information flow analysis aims to prevent untrusted programs from "leaking" the sensitive information that they manipulate.  ... 
doi:10.1145/1180337.1180341 dblp:conf/ccs/Smith06 fatcat:dfkqjejy5fffbo74gyclcbyosa

A Lightweight SDN Fingerprint Attack Defense Mechanism Based on Probabilistic Scrambling and Controller Dynamic Scheduling Strategies

Tao Wang, Hongchang Chen, Jin Cao
2021 Security and Communication Networks  
Attackers can collect fingerprint information (such as network types, controller types, and critical flow rules) by analyzing round-trip time (RTT) distribution of test packets.  ...  In order to defend against the fingerprint attack with limited attack time, we first design a probabilistic scrambling strategy.  ...  Critical Flow Rule Fingerprint Information. SDN flow rules can specifically represent network policies such as forwarding and security.  ... 
doi:10.1155/2021/6688489 fatcat:cep4ul26ijeodmy7jy6gyywr3q
« Previous Showing results 1 — 15 out of 48,861 results