Abstract
In this paper, we study an information flow security property for systems specified as terms of a quantitative Markovian process algebra, namely the Performance Evaluation Process Algebra (PEPA). We propose a quantitative extension of the Non-Interference property used to secure systems from the functional point view by assuming that the observers are able to measure also the timing properties of the system, e.g., the response time of certain actions or its throughput. We introduce the notion of Persistent Stochastic Non-Interference (PSNI) based on the idea that every state reachable by a process satisfies a basic Stochastic Non-Interference (SNI) property. The structural operational semantics of PEPA allows us to give two characterizations of PSNI: one based on a bisimulation-like equivalence relation inducing a lumping on the underlying Markov chain, and another one based on unwinding conditions which demand properties of individual actions. These two different characterizations naturally lead to efficient methods for the verification and construction of secure systems. A decision algorithm for PSNI is presented and an application of PSNI to a queueing system is discussed.
Highlights
Non-Interference is an information flow security property which aims at protecting sensitive data from undesired accesses
We introduce the notion of Persistent Stochastic Non-Interference (PSNI) based on the idea that every state reachable by a process satisfies a basic Stochastic Non-Interference (SNI) property
It might happen that a system satisfying SNI reaches a state which is not secure. To overcome this problem we introduce the notion of Persistent Stochastic Non-Interference (PSNI) which requires that every state reachable by the system is secure, i.e., P is secure if and only if
Summary
Non-Interference is an information flow security property which aims at protecting sensitive data from undesired accesses. We introduce the notion of Persistent Stochastic Non-Interference (PSNI) based on the idea that every state reachable by a process satisfies a basic Stochastic Non-Interference (SNI) property. Algebra PEPA preserving contextuality and inducing a lumping in the underlying Markov processes Notice that this basic security property, that we call Stochastic Non-Interference (SNI) is not persistent in the sense that it is not preserved during system execution. It might happen that a system satisfying SNI reaches a state which is not secure To overcome this problem we introduce the notion of Persistent Stochastic Non-Interference (PSNI) which requires that every state reachable by the system is secure, i.e., P is secure if and only if. The paper is organized as follows: in Section 2 we introduce the process algebra PEPA, its structural operational semantics, and the observation equivalence named lumpable bisimilarity.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have