Approximate non-interference
- 25 June 2003
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
We address the problem of characterising the security of a program against unauthorised information flows. Classical approaches are based on non-interference models which depend ultimately on the notion of process equivalence. In these models confidentiality is an absolute property stating the absence of any illegal information flow. We present a model in which the notion of non-interference is approximated in the sense that it allows for some exactly quantified leakage of information. This is characterised via a notion of process similarity which replaces the indistinguishability of processes by a quantitative measure of their behavioural difference. Such a quantity is related to the number of statistical tests needed to distinguish two behaviours. We also present two semantics-based analyses of approximate noninterference and we show that one is a correct abstraction of the other.Keywords
This publication has 18 references indexed in Scilit:
- Non-interference, who needs it?Published by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- An operational semantics for probabilistic concurrent constraint programmingPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Probabilistic noninterference for multi-threaded programsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Process algebra and non-interferenceJournal of Computer Security, 2001
- A Per Model of Secure Information Flow in Sequential ProgramsPublished by Springer Nature ,1999
- A probabilistic poly-time framework for protocol analysisPublished by Association for Computing Machinery (ACM) ,1998
- Nondeterminism and infinite computations in constraint programmingTheoretical Computer Science, 1995
- Bisimulation through probabilistic testingInformation and Computation, 1991
- Concurrent constraint programmingPublished by Association for Computing Machinery (ACM) ,1990
- Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpointsPublished by Association for Computing Machinery (ACM) ,1977