compositionality of secure information flow
play

Compositionality of Secure Information Flow Christelle Braun, Ecole - PowerPoint PPT Presentation

Apr 30, 2023 •200 likes •613 views

Compositionality of Secure Information Flow Christelle Braun, Ecole Polytechnique Kostas Chatzikokolakis, University of Eindhoven Catuscia Palamidessi, INRIA & Ecole Polytechnique Probabilistic Methods for Security Outline Motivations

  1. Compositionality of Secure Information Flow Christelle Braun, Ecole Polytechnique Kostas Chatzikokolakis, University of Eindhoven Catuscia Palamidessi, INRIA & Ecole Polytechnique

  2. Probabilistic Methods for Security Outline • Motivations and goals • Examples of Information-hiding protocols • A general Information-Theoretic model • Degree of Protection - Probability of error • A probabilistic process calculus • Compositionality results • Some applications Braun, Chatzikokolakis, Palamidessi AMAST 2010 2

  3. Probabilistic Methods for Security Motivations • The protection of private / secret / classified information is an important issue in the modern world • We are interested in probabilistic aspects because the protocols for information hiding often use randomization • We are interested in compositionality because the presence of probability and concurrency makes verification difficult Braun, Chatzikokolakis, Palamidessi AMAST 2010 3

  4. Probabilistic Methods for Security Goals • An appropriate notion of information protection • Quantitative - probabilistic • Taking concurrency into account • A probabilistic process calculus • Compositionality results for (some of) the operators • If Pt (P) ≥α and Pt (Q) ≥α then Pt (P op Q) ≥α Braun, Chatzikokolakis, Palamidessi AMAST 2010 4

  5. Probabilistic Methods for Security Outline • Motivations and goals • Examples of information-hiding protocols • The general framework • Degree of protection - Probability of error • A probabilistic process calculus • Compositionality results • Some applications Braun, Chatzikokolakis, Palamidessi AMAST 2010 5

  6. Compositional Methods for Information-Hiding Example: Chaum’s generalized dining cryptographers • A set of cryptographers (nodes) with some communication channels (edges). • They have a dinner. An external entity may select one of them to pay for the bill • The cryptographers want to find out whether one of them is the payer, without getting to know who is he Braun, Chatzikokolakis, Palamidessi AMAST 2010 6

  7. Compositional Methods for Information-Hiding Chaum’s solution to the generalized dining cryptogr. • Associate to each edge a fair coin • Toss the coins • Each cryptograher announces the binary sum of the incident edges. If there is a payer, he adds 1 • Theorem 1: There is a payer iff the total sum is 1 Braun, Chatzikokolakis, Palamidessi AMAST 2010 7

  8. Compositional Methods for Information-Hiding Chaum’s solution to the generalized dining cryptogr. • Associate to each edge a fair coin • Toss the coins • Each cryptograher announces the binary sum of the incident edges. If there is a payer, he adds 1 • Theorem 1: There is a payer iff the total sum is 1 Braun, Chatzikokolakis, Palamidessi AMAST 2010 8

  9. Compositional Methods for Information-Hiding Chaum’s solution to the generalized dining cryptogr. 0 1 • Associate to each edge a fair coin • Toss the coins • Each cryptograher announces the binary sum of the incident edges. If there is a payer, he adds 1 • Theorem 1: There is a payer iff the total sum is 1 Braun, Chatzikokolakis, Palamidessi AMAST 2010 9

  10. Compositional Methods for Information-Hiding Chaum’s solution to the generalized dining cryptogr. 1 1 • Associate to each edge a fair coin • Toss the coins 0 • Each cryptograher announces the binary 1 sum of the incident edges. If there is a 0 payer, he adds 1 • Theorem 1: There is a payer iff the total 0 sum is 1 0 Braun, Chatzikokolakis, Palamidessi AMAST 2010 10

  11. Compositional Methods for Information-Hiding Chaum’s solution to the generalized dining cryptogr. 1 1 • 0 Theorem 2 (Strong anonymity): If the coins are fair, then 1 the a posteriori probability that a 0 certain node be the payer is equal to its a priori probability 0 0 Braun, Chatzikokolakis, Palamidessi AMAST 2010 11

  12. Probabilistic Methods for Security Example: Crowds • A crowd is a group of n nodes • The initiator selects randomly a node (called forwarder) and forwards the request to it • A forwarder: server • With prob. p f selects randomly a new node and forwards the request to him • With prob. 1 -p f sends the request to the server Braun, Chatzikokolakis, Palamidessi AMAST 2010 12

  13. Probabilistic Methods for Security Common features of information-hiding protocols • There is information that we want to keep hidden - the user who pays in D.C. - the user who initiates the request in Crowds • There is information that is revealed (observables) - agree/disagree in D.C. - the users who forward messages to a corrupted user in Crowds • Protocols often use randomization to hide the link between hidden and observable information - coin tossing in D.C. - random forwarding to another user in Crowds Braun, Chatzikokolakis, Palamidessi AMAST 2010 13

  14. Probabilistic Methods for Security Outline • Motivations and goals • Examples of information-hiding protocols • The general framework • Degree of protection - Probability of error • A probabilistic process calculus • Compositionality results • Some applications Braun, Chatzikokolakis, Palamidessi AMAST 2010 14

  15. Probabilistic Methods for Security Assumptions • We consider probabilistic protocols • Inputs: elements of a random variable S • Outputs: elements of a random variable O • For each input s, the probability that we obtain an observable o is given by p(o | s) • We assume that the protocol at each session receives exactly one input and produces exactly one output • We want to define the degree of protection independently from the input’s distribution, i.e. the users of the protocol Braun, Chatzikokolakis, Palamidessi AMAST 2010 15

  16. Probabilistic Methods for Security Information Observables to be protected s 1 o 1 Protocol .. .. . . s m o n Input Output General framework: Protocols as Information-Theoretic channels Braun, Chatzikokolakis, Palamidessi AMAST 2010 16

  17. Probabilistic Methods for Security s 1 o 1 .. .. .. . . . s m o n Protocols are noisy channels. Each run has 1 input and 1 output, but: - an input can generate different outputs (randomly choosen) - an output can be generated by different inputs Braun, Chatzikokolakis, Palamidessi AMAST 2010 17

  18. Probabilistic Methods for Security aad C 1 ada C 2 daa C 3 ddd Example: The dining cryptographers Braun, Chatzikokolakis, Palamidessi AMAST 2010 18

  19. Probabilistic Methods for Security p(o 1 |s 1 ) s 1 o 1 .. .. .. . . . p(o n |s 1 ) s m o n The conditional probabilities Braun, Chatzikokolakis, Palamidessi AMAST 2010 19

  20. Probabilistic Methods for Security ... o 1 o n ... s 1 p(o 1 |s 1 ) p(o n |s 1 ) .. .. . . s m p(o 1 |s m ) p(o n |s m ) The channel matrix: the array of conditional probabilities Braun, Chatzikokolakis, Palamidessi AMAST 2010 20

  21. Probabilistic Methods for Security Outline • Motivations and goals • Examples of information-hiding protocols • The general framework • Degree of protection - Probability of error • A probabilistic process calculus • Compositionality results • Some applications Braun, Chatzikokolakis, Palamidessi AMAST 2010 21

  22. Probabilistic Methods for Security Probability of error • Hypothesis testing • Goal: try to guess the true hypothesis (input) once the observable (output) is known • Decision function: f : O → S • Probability of error for an input (a priori) distribution π : the probability of guessing the wrong hypothesis P ( f, M , π ) = ∑ O p ( o ) ( 1 - p ( f ( o ) | o ) ) • From Bayes theorem: Braun, Chatzikokolakis, Palamidessi AMAST 2010 22

  23. Probabilistic Methods for Security The MAP rule • MAP decision function: • Choose the hypothesis which has Maximum Aposteriori Probability, i.e. max p ( f ( o ) | o ) or, equivalently, max p ( o | f ( o )) π f ( o ) • The MAP decision function minimizes the probability of error • The probability of error for the MAP rule is called Bayes risk and it is given by Braun, Chatzikokolakis, Palamidessi AMAST 2010 23

  24. Probabilistic Methods for Security Maximum Likelihood • If we don’t know the input distribution, we can approximate the MAP by selecting the hypothesis with Maximum Likelihood, i.e. max p ( o | f ( o )) • In the case of the ML rule, the probability of error is given by • Abstracting from the input distribution: • It turns out that this is the same as computing the Bayes risk on the uniform input distribution, so in the rest of this talk we will only consider the MAP Braun, Chatzikokolakis, Palamidessi AMAST 2010 24

  25. Probabilistic Methods for Security Outline • Motivations and goals • Examples of information-hiding protocols • The general framework • Degree of protection - Probability of error • A probabilistic process calculus • Compositionality results • Some applications Braun, Chatzikokolakis, Palamidessi AMAST 2010 25

  26. Probabilistic Methods for Security CCSp: A probabilistic Process Calculus Braun, Chatzikokolakis, Palamidessi AMAST 2010 26

  27. Probabilistic Methods for Security The operational semantics • Based on Segala & Lynch Probabilistic Automata • Both probabilistic and nondeterministic behaviors Braun, Chatzikokolakis, Palamidessi AMAST 2010 27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure Information Flow as a Safety Problem Overview Introduction to secure information flow

Secure Information Flow as a Safety Problem Overview Introduction to secure information flow

Secure Information Flow as a Safety Problem Overview Introduction to secure information flow Type-Based approach Self composition Downgrading Self composition with downgrading Type directed transformation

511 views • 22 slides
Information flow control 1 D. Denning and P. Denning Certification of Programs for Secure

Information flow control 1 D. Denning and P. Denning Certification of Programs for Secure

Secure Architecture Principles Information flow control 1 D. Denning and P. Denning Certification of Programs for Secure Information Flow (CACM 1976) Review Access Control Discretionary access control (DAC) Philosophy: users have

321 views • 16 slides
PER-based certification of secure information flow (Work in progress) Andrzej Filinski Ken

PER-based certification of secure information flow (Work in progress) Andrzej Filinski Ken

PER-based certification of secure information flow (Work in progress) Andrzej Filinski Ken Friis Larsen Thomas Jensen University of Copenhagen and INRIA Rennes Workshop on Foundations of Computer Security June 22, 2020 Background and

149 views • 4 slides
Distributional Compositionality Compositionality in DS Raffaella Bernardi University of Trento

Distributional Compositionality Compositionality in DS Raffaella Bernardi University of Trento

Distributional Compositionality Compositionality in DS Raffaella Bernardi University of Trento February 14, 2012 Acknowledgments Credits: Some of the slides of today lecture are based on an earlier DS courses taught by Marco Baroni.

487 views • 37 slides
From Qualitative to Quantitative Program Analysis: Permissive Enforcement of Secure Information

From Qualitative to Quantitative Program Analysis: Permissive Enforcement of Secure Information

Introduction Information Flow Qualitative IF Quantitative IF Conclusion From Qualitative to Quantitative Program Analysis: Permissive Enforcement of Secure Information Flow Mounir Assaf Software Security Lab, CEA LIST, Saclay CIDre,

1.28k views • 95 slides
Quantifying Information is a fundamental issue in computer security: Flow Using Min-Entropy

Quantifying Information is a fundamental issue in computer security: Flow Using Min-Entropy

Secure Information Flow ! Protecting the confidentiality of secret information Quantifying Information is a fundamental issue in computer security: Flow Using Min-Entropy Blood type: AB Birth date: 9/5/46 HIV: positive ! Access control and

399 views • 10 slides
Secure Program Execution via Secure Program Execution via Dynamic Information Flow Dynamic

Secure Program Execution via Secure Program Execution via Dynamic Information Flow Dynamic

Secure Program Execution via Secure Program Execution via Dynamic Information Flow Dynamic Information Flow Tracking Tracking G. Edward Suh Suh, , Jae Jae W. Lee, David W. Lee, David G. Edward Zhang, Srinivas Srinivas Devadas Devadas

547 views • 26 slides
Secure Information Flow Analysis for a Distributed OO Language Martin Pettai University of Tartu

Secure Information Flow Analysis for a Distributed OO Language Martin Pettai University of Tartu

Secure Information Flow Analysis for a Distributed OO Language Martin Pettai University of Tartu / Cybernetica AS October 8, 2011 Introduction We analyze a language with objects, asynchronous method calls and futures We use an

399 views • 20 slides
Lecture 17: Information Flow Basics and background Entropy Nonlattice flow policies

Lecture 17: Information Flow Basics and background Entropy Nonlattice flow policies

Lecture 17: Information Flow Basics and background Entropy Nonlattice flow policies Compiler-based mechanisms Execution-based mechanisms Examples Security Pipeline Interface Secure Network Server Mail Guard February

625 views • 44 slides
Information flow control for the web Prof. Frank PIESSENS Overview The web platform Web

Information flow control for the web Prof. Frank PIESSENS Overview The web platform Web

Information flow control for the web Prof. Frank PIESSENS Overview The web platform Web script security: threats and countermeasures A formal model of web scripts Information flow security Secure multi-execution The

2.25k views • 131 slides
Stack-based and History-based Access Control for Secure Information Flow Anindya Banerjee and

Stack-based and History-based Access Control for Secure Information Flow Anindya Banerjee and

Stack-based and History-based Access Control for Secure Information Flow Anindya Banerjee and David A. Naumann ab@cis.ksu.edu, naumann@cs.stevens-tech.edu Kansas State University and Stevens Institute of Technology CASSIS Workshop 2004-03-11 /

480 views • 29 slides
Gradual Information Flow Typing Tim Disney Cormac Flanagan University of California Santa Cruz

Gradual Information Flow Typing Tim Disney Cormac Flanagan University of California Santa Cruz

Gradual Information Flow Typing Tim Disney Cormac Flanagan University of California Santa Cruz January 29th, 2011 - STOP 2011 Combining gradual typing with information flow Gradual Information + Typing Flow = More secure software

1.1k views • 82 slides
Exploiting multilingual lexical resources to predict the compositionality of MWEs Paul Cook

Exploiting multilingual lexical resources to predict the compositionality of MWEs Paul Cook

Exploiting multilingual lexical resources to predict the compositionality of MWEs Paul Cook University of New Brunswick Compositionality Many MWEs exhibit semantic idiomaticity Compositionality: The extent to which the meaning of an MWE

599 views • 38 slides
Flow-Secure Access Controls Integration of Simple flow controls into the access control

Flow-Secure Access Controls Integration of Simple flow controls into the access control

Flow-Secure Access Controls Integration of Simple flow controls into the access control mechanisms of say operating systems. General: p can read from x1,. . . , xm and write into Y1, . . . . Yn only if This automatically

1.06k views • 36 slides
ENFORCING SECURE DATA SHARING IN WEB APP FRAMEWORKS Susheel S, Naren N and THROUGH INFORMATION

ENFORCING SECURE DATA SHARING IN WEB APP FRAMEWORKS Susheel S, Naren N and THROUGH INFORMATION

ENFORCING SECURE DATA SHARING IN WEB APP FRAMEWORKS Susheel S, Naren N and THROUGH INFORMATION FLOW Prof. R.K Shyamasundar CONTROL Todays Talk Background and Motivation. Possible attack in a system without IFC. Our solution using

381 views • 16 slides
May 15: Information Flow and Confinement Information flow for integrity policies Examples

May 15: Information Flow and Confinement Information flow for integrity policies Examples

May 15: Information Flow and Confinement Information flow for integrity policies Examples of information flow controls Android phone Firewalls Confinement Virtual machines May 15, 2017 ECS 235B Spring Quarter 2017 Slide

487 views • 32 slides
Lecture 11: Architecture & Design 2015-06-22 Prof. Dr. Andreas Podelski, Dr. Bernd Westphal

Lecture 11: Architecture & Design 2015-06-22 Prof. Dr. Andreas Podelski, Dr. Bernd Westphal

Softwaretechnik / Software-Engineering Lecture 11: Architecture & Design 2015-06-22 Prof. Dr. Andreas Podelski, Dr. Bernd Westphal 11 2015-06-22 main Albert-Ludwigs-Universit at Freiburg, Germany Contents of the Block

914 views • 47 slides
Object-Oriented Design Method for designing computer programs Classes Consider

Object-Oriented Design Method for designing computer programs Classes Consider

Object-Oriented Design Method for designing computer programs Classes Consider objects interacting in the program Example: a zoo, a gradebook OOD Goals OOD Principles Robustness Abstraction Gracefully handle

426 views • 3 slides
Darrell Bethea May 24, 2011 Midterm Thursday SN014 Program 3 due 5/31 Dont

Darrell Bethea May 24, 2011 Midterm Thursday SN014 Program 3 due 5/31 Dont

Darrell Bethea May 24, 2011 Midterm Thursday SN014 Program 3 due 5/31 Dont forget about JarChecker.java 2 3 More about methods public/private Information hiding and encapsulation 4 Parameters are used to hold

660 views • 28 slides
Information hiding Information hiding Notice how a user of a service being provided by an

Information hiding Information hiding Notice how a user of a service being provided by an

Information hiding Information hiding Notice how a user of a service being provided by an object, need only know the name of the messages that the object will accept. They need not have any idea how the actions performed in response to

474 views • 34 slides
Modules, Makeles, Editors, Git Modules, Makeles, Editors, Git Creating large programs

Modules, Makeles, Editors, Git Modules, Makeles, Editors, Git Creating large programs

Modules, Makeles, Editors, Git Modules, Makeles, Editors, Git Creating large programs Creating large programs K08 A large program might contain

226 views • 10 slides
TDDE45 - Lecture 3: Design Principles Martin Sjlund Department of Computer and Information

TDDE45 - Lecture 3: Design Principles Martin Sjlund Department of Computer and Information

1 / 44 TDDE45 - Lecture 3: Design Principles Martin Sjlund Department of Computer and Information Science Linkping University 2020-09-09 2 / 44 Part I Single Responsibility Principle 3 / 44 Single Responsibility Principle - History

2.24k views • 44 slides
Java: Learning to Program with Robots Chapter 11: Building Quality Software Chapter Objectives

Java: Learning to Program with Robots Chapter 11: Building Quality Software Chapter Objectives

Java: Learning to Program with Robots Chapter 11: Building Quality Software Chapter Objectives After studying this chapter, you should be able to: Identify characteristics of quality software, both from the users and programmers

500 views • 23 slides
Chapter 6 Problem Solving and Algorithm Design Hofstra University Overview of 9/19/06

Chapter 6 Problem Solving and Algorithm Design Hofstra University Overview of 9/19/06

Chapter 6 Problem Solving and Algorithm Design Hofstra University Overview of 9/19/06 Computer Science, CSC005 1 Layers of a Computing System Communication Application Operating System Programming Hardware Information Hofstra

545 views • 37 slides

More recommend