Hostname: page-component-5d59c44645-lfgmx Total loading time: 0 Render date: 2024-02-22T01:14:07.666Z Has data issue: false hasContentIssue false

Algebraic foundations for quantitative information flow

Published online by Cambridge University Press:  10 November 2014

PASQUALE MALACARIA*
Affiliation:
School of Electronic Engineering and Computer Science, Queen Mary University of London, London, Mile End Road, E1 4NS, United Kingdom Email: pm@eecs.qmul.ac.uk

Abstract

Several mathematical ideas have been investigated for quantitative information flow. Information theory, probability, guessability are the main ideas in most proposals. They aim to quantify how much information is leaked, how likely is to guess the secret and how long does it take to guess the secret respectively. In this work, we investigate the relationship between these ideas in the context of the quantitative analysis of deterministic systems. We propose the lattice of information as a valuable foundation for these approaches; not only it provides an elegant algebraic framework for the ideas, but also to investigate their relationship. In particular, we will use this lattice to prove some results establishing order relation correspondences between the different quantitative approaches. The implications of these results w.r.t. recent work in the community is also investigated. While this work concentrates on the foundational importance of the lattice of information its practical relevance has been recently proven, notably with the quantitative analysis of Linux kernel vulnerabilities. Overall, we believe these works set the case for establishing the lattice of information as one of the main reference structure for quantitative information flow.

Type
Special Issue: Quantitative Information Flow
Copyright
Copyright © Cambridge University Press 2014 

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Alvim, M., Andrés, M. and Palamidessi, C. (2010a) Information flow in interactive systems. In: Proceedings CONCUR 2010 102–116.Google Scholar
Alvim, M., Andrés, M. and Palamidessi, C. (2010b) Probabilistic information flow. In: Proceedings LICS 2010 314–321.Google Scholar
Backes, M., Köpf, B. and Rybalchenko, P. (2009) Automatic discovery and quantification of information leaks. In: Proceeding of the 30th IEEE Symposium on Security and Privacy 141–153.Google Scholar
Barthe, G., D'Argenio, P. and Rezk, T. (2004) Secure information flow by self-composition. In: CSFW'04: Proceedings of the 17th IEEE workshop on Computer Security Foundations 100–114.Google Scholar
Birkhoff, G. (1948) Lattice Theory, American Mathematical Society Colloquium Publications, volume 25, revised edition, American Mathematical Society, New York.Google Scholar
Braun, C., Chatzikokolakis, K. and Palamidessi, C. (2009) Quantitative notions of leakage for one-try attacks. In: Proceeding of the 25th Conference on Mathematical Foundations of Programming Semantics (MFPS 2009). Elsevier Electronic Notes in Theoretical Computer Science 249 7591.Google Scholar
Chatzikokolakis, K., Palamidessi, C. and Panangaden, P. (2008) Anonymity protocols as noisy channels. Information and Computation 206 (2–4)378401.Google Scholar
Chen, H. and Malacaria, P. (2007) Quantitative analysis of leakage for multi-threaded programs. In: Proceedings ACM Workshop on Programming Languages and Analysis for Security (PLAS'07) 31–40.Google Scholar
Chen, H. and Malacaria, P. (2009) Quantifying maximal loss of anonymity in protocols. In: Proceedings ACM Symposium on Information, Computer and Communication Security (ASIACCS) 206–217.Google Scholar
Clark, D., Hunt, S. and Malacaria, P. (2002) Quantitative analysis of the leakage of confidential data. In: QAPL'01, Quantitative Aspects of Programming Languages. Electronic Notes in Theoretical Computer Science 59 (3)238251.Google Scholar
Clark, D., Hunt, S. and Malacaria, P. (2005) Quantitative information flow, relations and polymorphic types. Journal of Logic and Computation 18 (2)181199.Google Scholar
Clark, D., Hunt, S. and Malacaria, P. (2007) A static analysis for quantifying information flow in a simple imperative language. Journal of Computer Security 15 (3)321371.Google Scholar
Clarke, E., Kroening, D. and Lerda, F. (2004) A tool for checking ANSI-C programs. Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2004) Springer 988168176.Google Scholar
Clarkson, M., Myers, A. and Schneider, F. (2009) Quantifying information flow with beliefs. Journal of Computer and Security 17 (5)655701.Google Scholar
Cover, T. and Thomas, J. (1991) Elements of Information Theory, John Wiley.Google Scholar
Denning, D. (1976) A lattice model of secure information flow. Communication of the ACM 19 (5)236243 ACM, New York, NY, USA.Google Scholar
Giacobazzi, R. and Mastroeni, I. (2004) Abstract non-interference: Parameterizing non-interference by abstract interpretation. In: 31st Annual Symposium on Principles of Programming Languages (POPL'04), ACM, Venice, Italy186197.Google Scholar
Gray, J. W. III (1991) Toward a mathematical foundation for information flow security. In: Proceeding of the 1991 IEEE Symposium on Security and Privacy Oakland, CA 2134.CrossRefGoogle Scholar
Heusser, J. and Malacaria, P. (2009) Quantifying loop leakage using a lattice of partitions. In: Proceedings of the 1st Workshop on Quantitative Analysis of Software (QA'09) 17–26.Google Scholar
Heusser, J. and Malacaria, P. (2010) Quantifying information leaks in software. In: Proceedings ACM Annual Computer Security Applications Conference, ACSAC 2010, Austin, Texas. ACM 216219.Google Scholar
Köpf, B. and Basin, D. (2007) An information-theoretic model for adaptive side-channel attacks. In: Proceedings ACM conference on Computer and Communications Security 286–296.Google Scholar
Köpf, B. and Smith, G. (2010) Vulnerability bounds and leakage resilience of blinded cryptography under timing attacks. CSF 2010 44–56.Google Scholar
Landauer, J. and Redmond, T. (1993) A lattice of information. In: Proceeding of the IEEE Computer Security Foundations Workshop, IEEE Computer Society Press 6570.Google Scholar
Lowe, G. (2002) Quantifying information flow. In: 15th IEEE Computer Security Foundations Workshop (CSFW 2002), Nova Scotia Canada, IEEE Computer Society 1831.Google Scholar
Malacaria, P. (2007) Assessing security threats of looping constructs. In: Proceeding of the ACM Symposium on Principles of Programming Language (POPL'07) 225–235.Google Scholar
Malacaria, P. (2010) Risk assessment of security threats for looping constructs. Journal Of Computer Security 18 (2)191228.Google Scholar
Malacaria, P. and Chen, H. (2008) Lagrange multipliers and maximum information leakage in different observational models. ACM Workshop on Programming Languages and Analysis for Security 135–146.Google Scholar
Malacaria, P. and Heusser, J. (2010) Information theory and security: Quantitative information flow. In: 10th International School on Formal Methods for the Design of Computer, Communication and Software Systems, SFM 2010. Springer Lecture Notes in Computer Science Bertinoro 6154 87134.Google Scholar
Massey, J. (1994) Guessing and entropy. In: Proceedings of the 1994 IEEE International Symposium on Information Theory 204.Google Scholar
Mclean, J. (1990) Security models and information flow. In: Proceedings of the IEEE Symposium on Security and Privacy, IEEE Computer Society Press 180187.Google Scholar
McIver, A. and Morgan, C. (2003) A probabilistic approach to information hiding. Programming Methodology, Springer, New York, NY, USA441460.Google Scholar
Millen, J. K. (1987) Covert channel capacity. IEEE Symposium on Security and Privacy 600, 15407993 IEEE Computer Society, Los Alamitos, CA, USA.Google Scholar
Morgan, C. C. (2009) The shadow knows: Refinement of ignorance in sequential programs. Science of Computer Programming Elsevier 74 (8)629653.Google Scholar
Mu, C. and Clark, D. (2009) An abstraction quantifying information flow over probabilistic semantics. In: Workshop on Quantitative Aspects of Programming Languages (QAPL). ENTCS 253 (3)119141.Google Scholar
Nakamura, Y. (1970) Entropy and semivaluations on semilattices. Kodai Mathematical Seminar Reports 22 443468.Google Scholar
Rényi, A. (1960) On measures of information and entropy. In: Proceedings of the 4th Berkeley Symposium on Mathematics, Statistics and Probability 547–561.Google Scholar
Shannon, C. (1948) A mathematical theory of communication. Bell Systems Technical Journal 27 (3)379423.Google Scholar
Shannon, C. (1953) The lattice theory of information. IEEE Transactions on Information Theory 1 105107.Google Scholar
Smith, G. (2009) On the foundations of quantitative information flow. In: Proceeding of the FOSSACS 2009: 12th International Conference on Foundations of Software Science and Computation Structures. Lecture Notes in Computer Science 5504288302York, UK.Google Scholar
Terauchi, T. and Aiken, A. (2005) Secure information flow as a safety problem. In: SAS. Lecture Notes in Computer Science 3672 352367.Google Scholar
Yasuoka, H. and Terauchi, T. (2010a) Quantitative information flow - verification hardness and possibilities. In: Proceedings CSF 15–27.Google Scholar
Yasuoka, H. and Terauchi, T. (2010b) On bounding problems of quantitative information flow. In: Proceedings ESORICS 357–372.CrossRefGoogle Scholar
Winskel, G. (1993) The Formal Semantics of Programming Languages, The MIT Press.Google Scholar