Comparison of Measuring Information Leakage for Fully Probabilistic Systems
نویسندگان
چکیده
Quantifying implicit information leakage is important, especially for fully probabilistic systems (FPS). Although many quantitative methods have been proposed (including methods based on mutual information, on α-mutual information, on relative entropy and on pure probability, etc.), there has been little work analyzing their consistency and accuracy. In order to perform this analysis, these methods must be modeled with a uniform approach. In this paper, a light probabilistic process algebra (PPA-Lite) is presented, and some existing quantitative methods are uniformly characterized by using PPA-Lite. Further, their relationships are analyzed by proof and simulation, respectively. The results show that (1) most of methods concur in determining whether information is leaked; (2) the method based on (α-) mutual information is the most accurate if the distribution of the sent information is known. If not, the method based on relative entropy is the most accurate.
منابع مشابه
Quantitative analysis of secure information flow via probabilistic semantics Technical Report: TR-08-08
We present an automatic analyzer for measuring information flow within software systems. In this paper, we quantify leakage in terms of information theory and incorporate this computation into probabilistic semantics. Our semantic functions provide information flow measurement for programs given secure inputs under any probability distribution. The major contribution is a automatically quantita...
متن کاملA Quantitative Approach to Noninterference for Probabilistic Systems
We present a technique for measuring the security of a system which relies on a probabilistic process algebraic formalisation of noninterference. We define a mathematical model for this technique which consists of a linear space of processes and linear transformations on them. In this model the measured quantity corresponds to the norm of a suitably defined linear operator associated to the sys...
متن کاملProbabilistic Contaminant Source Identification in Water Distribution Infrastructure Systems
Large water distribution systems can be highly vulnerable to penetration of contaminant factors caused by different means including deliberate contamination injections. As contaminants quickly spread into a water distribution network, rapid characterization of the pollution source has a high measure of importance for early warning assessment and disaster management. In this paper, a methodology...
متن کاملSecurity Analysis of a Probabilistic Non-repudiation Protocol
Non-interference is a definition of security introduced for the analysis of confidential information flow in computer systems. In this paper, a probabilistic notion of non-interference is used to reveal information leakage which derives from the probabilistic behavior of systems. In particular, as a case study, we model and analyze a non-repudiation protocol which employs a probabilistic algori...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011