ABSTRACT
There is a clear intuitive connection between the notion of leakage of information in a program and concepts from information theory. This intuition has not been satisfactorily pinned down, until now. In particular, previous information-theoretic models of programs are imprecise, due to their overly conservative treatment of looping constructs. In this paper we provide the first precise information-theoretic semantics of looping constructs. Our semantics describes both the amount and rate of leakage; if either is small enough, then a program might be deemed "secure". Using the semantics we provide an investigation and classification of bounded and unbounded covert channels.
- D. Bell and L. LaPadula, "Secure computer systems: Unified exposition and Multics interpretation", Technical Report MTR-2997, MITRE Corp, 1997.Google Scholar
- D. Clark and S. Hunt and P. Malacaria "Quantitative Analysis of the Leakage of Confidential Data" Electronic Notes in Theoretical Computer Science volume 59, issue 3, Elsevier, 2002.Google Scholar
- D. Clark and S. Hunt and P. Malacaria, "Quantified Interference for a While Language", Elsevier, Electronic Notes in Theoretical Computer Science 112, pages 149--166, 2005. Google Scholar
Digital Library
- D. Clark and S. Hunt and P. Malacaria, "Quantitative Information Flow, Relations and Polymorphic Types", Journal of Logic and Computation, Special Issue on Lambda-calculus, type theory and natural language, 2005, volume 18, number 2, pages 181--199. Google Scholar
Digital Library
- M. R. Clarkson and A. C. Myers and F. B. Schneider, "Belief in Information Flow", Proc. 18th IEEE Computer Security Foundations Workshop (CSFW 18), IEEE Computer Society Press, 2005. Google Scholar
Digital Library
- T. M. Cover and J. A. Thomas, "Elements of Information Theory", 1991, Wiley Interscience. Google Scholar
Digital Library
- D. E. R. Denning, "A Lattice Model of Secure Information Flow", Communications of the ACM, volume 19, number 5, May 1976. Google Scholar
Digital Library
- D. E. R. Denning, "Cryptography and Data Security", 1982, Addison-Wesley. Google Scholar
Digital Library
- A. Di Pierro and C. Hankin and H. Wiklicky, "Probabilistic confinement in a declarative framework", Electronic Notes in Theoretical Computer Science, volume 48, Elsevier 2001.Google Scholar
Cross Ref
- A. Di Pierro and C. Hankin and H. Wiklicky, "Quantitative static analysis of distributed systems", Journal of Functional Programming, 2005. Google Scholar
Digital Library
- J. Goguen and J. Meseguer, "Security Policies and Security Models", IEEE Symposium on Security and Privacy, pages 11--20, IEEE Computer Society Press, 1982.Google Scholar
Cross Ref
- J. W. Gray III and P. F. Syverson, "A Logical Approach to Multilevel Security of Probabilistic Systems", Distributed Computing, volume 11, number 2, 1998, pages 73--90. Google Scholar
Digital Library
- W. Gray, III, James, "Toward a Mathematical Foundation for Information Flow Security", Proc. 1991 IEEE Symposium on Security and Privacy, Oakland, CA, May 1991, pages 21--34.Google Scholar
Cross Ref
- S. Isthiaq and P.W. O'Hearn, "BI as an assertion language for mutable data structures", pages = "14--26", 28th POPL London 2001. Google Scholar
Digital Library
- G. Lowe, "Quantifying Information Flow", Proceedings of the Workshop on Automated Verification of Critical Systems, 2001.Google Scholar
- D.Malone and W. Sullivan, "Guesswork and entropy", IEEE Transactions on Information Theory, volume 50, number 3, March 2004. Google Scholar
Digital Library
- J. L. Massey, "Guessing and entropy", Proc. IEEE International Symposium on Information Theory, 1994, Trondheim, Norway.Google Scholar
- J. McLean, "Security models and information flow", Proceedings of the 1990 IEEE Symposium on Security and Privacy, 1990, Oakland, California.Google Scholar
Cross Ref
- J. Millen, "Covert channel capacity", Proc. 1987 IEEE Symposium on Research in Security and Privacy, IEEE Computer Society Press, 1987.Google Scholar
- J. C. Reynolds, "Syntactic control of interference", Conf. Record 5th ACM Symp. on Principles of Programming Languages 1978. Google Scholar
Digital Library
- J. Reynolds, "Separation logic: a logic for shared mutable data structures", Invited Paper, LICS'02, 2002. Google Scholar
Digital Library
- P. Y. A. Ryan and J. McLean and J. Millen and V. Gilgor, "Non-interference, who needs it?", Proceedings of the 14th IEEE Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June 2001. Google Scholar
Digital Library
- C. Shannon, "A mathematical theory of communication", The Bell System Technical Journal, volume 27, July and October, 1948, pages 379--423 and 623--656.Google Scholar
- D. Volpano and G. Smith, "A Type-Based Approach to Program Security", Proceedings of TAPSOFT '97 (Colloquium on Formal Approaches in Software Engineering), April 1997, Lecture Notes in Computer Science, number 1214, pages 607--621. Google Scholar
Digital Library
- D. G. Weber, "Quantitative Hookup security for covert channel analysis", Proceedings of the 1988 Workshop on the Foundations of Computer Security, 1988, Fanconia, New Hampshire, U.S.A.Google Scholar
- G. Winskel, "The formal semantics of programming languages: an introduction", MIT Press 1993. Google Scholar
Digital Library
- T. Wittbold, "Network of Covert Channels", Proceedings of the 1990 Workshop on the Foundations of Computer Security, 1990.Google Scholar
Index Terms
Assessing security threats of looping constructs
Recommendations
Assessing security threats of looping constructs
Proceedings of the 2007 POPL ConferenceThere is a clear intuitive connection between the notion of leakage of information in a program and concepts from information theory. This intuition has not been satisfactorily pinned down, until now. In particular, previous information-theoretic models ...
Risk assessment of security threats for looping constructs
Security Issues in Concurrency (SecCo'07)There is a clear intuitive connection between the notion of leakage of information in a program and concepts from Information Theory. We explore this connection by interpreting Information Theory as a security risk assessment of programs. Information ...
Emerging Security Threats and Countermeasures in IoT
ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications SecurityIoT (Internet of Things) diversifies the future Internet, and has drawn much attention. As more and more gadgets (i.e. Things) connected to the Internet, the huge amount of data exchanged has reached an unprecedented level. As sensitive and private ...






Comments