Abstract. The observable output of a probabilistic system that processes a secret input might reveal some information about that input. The system can be modelled as an information-theoretic channel that specifies the probability of each output, given each input. Given a prior distribution on those inputs, entropy-like measures can then quantify the amount of information leakage caused by the channel. But it turns out that the conventional channel representation, as a matrix, contains structure that is redundant with respect to that leakage, such as the labeling of columns, and columns that are scalar multiples of each other. We therefore introduce abstract channels by quotienting over those redundancies.A fundamental question for channels is whether one is worse than another, from a leakage point of view. But it is difficult to answer this question robustly, given the multitude of possible prior distributions and leakage measures. Indeed, there is growing recognition that different leakage measures are appropriate in different circumstances, leading to the recently proposed g-leakage measures, which use gain functions g to model the operational scenario in which a channel operates: the strong g-leakage pre-order requires that channel A never leak more than channel B, for any prior and any gain function. Here we show that, on abstract channels, the strong g-leakage pre-order is antisymmetric, and therefore a partial order.It was previously shown [1] that the strong g-leakage ordering is implied by a structural ordering called composition refinement, which requires that A = BR, for some channel R; but the converse was not established in full generality, left open as the so-called Coriaceous Conjecture. Using ideas from [2], we here confirm the Coriaceous Conjecture. Hence the strong g-leakage ordering and composition refinement coincide, giving our partial order both structural-and leakage-testing significance.
We give a sequential model for noninterference security including probability (but not demonic choice), thus supporting reasoning about the likelihood that high-security values might be revealed by observations of low-security activity. Our novel methodological contribution is the definition of a refinement order ( ) and its use to compare security measures between specifications and (their supposed) implementations. This contrasts with the more common practice of evaluating the security of individual programs in isolation.The appropriateness of our model and order is supported by our showing that ( ) is the greatest compositional relation -the compositional closure-with respect to our semantics and an "elementary" order based on Bayes Risk -a security measure already in widespread use. We also relate refinement to other measures such as Shannon Entropy.By applying the approach to a non-trivial example, the anonymousmajority Three-Judges protocol, we demonstrate by example that correctness arguments can be simplified by the sort of layered developments -through levels of increasing detail-that are allowed and encouraged by compositional semantics.We acknowledge the support of the Australian Research Council Grant DP0879529.
A wide-spectrum language integrates specification constructs into a programming language in a manner that treats a specification command just like any other command. The primary contribution of this paper is a semantic model for a wide-spectrum language that supports concurrency and a refinement calculus. A distinguishing feature of the language is that steps of the environment are modelled explicitly, alongside steps of the program. From these two types of steps a rich set of specification commands can be constructed, based on operators for nondeterministic choice, and sequential and parallel composition. We also introduce a novel operator, weak conjunction , which is used extensively to conjoin separate aspects of specifications, allowing us to take a separation-of-concerns approach to subsequent reasoning. We provide a denotational semantics for the language based on traces, which may be terminating, aborting, infeasible, or infinite. To demonstrate the generality and unifying strength of the language, we use it to express a range of concepts from the concurrency literature, including: a refinement theory for rely/guarantee reasoning; an abstract specification of local variables in a concurrent context; specification of an abstract, linearisable data structure; a partial encoding of temporal logic; and defining the relationships between notions of nonblocking programs. The novelty of the paper is that these diverse concepts build on the same theory. In particular, the rely concept from Jones’ rely/guarantee framework, and a stronger demand concept that restricts the environment, are reused across the different domains to express assumptions about the environment. The language and model form an instance of an abstract concurrent program algebra, and this facilitates reasoning about properties of the model at a high level of abstraction.
No abstract
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.