A polynomial-time algorithm for the equivalence of probabilistic automata
SIAM Journal on Computing
Stutter-invariant temporal properties are expressible without the next-time operator
Information Processing Letters
On the verification of qualitative properties of probabilistic processes under fairness constraints
Information Processing Letters
Probabilistic noninterference in a concurrent language
Journal of Computer Security
The Design and Analysis of Computer Algorithms
The Design and Analysis of Computer Algorithms
Efficient Algorithms for Verification of Equivalences for Probabilistic Processes
CAV '91 Proceedings of the 3rd International Workshop on Computer Aided Verification
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSP and determinism in security modelling
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Secure Information Flow by Self-Composition
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
A Temporal Logic Characterisation of Oservational Determinism
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Quantitative analysis of leakage for multi-threaded programs
Proceedings of the 2007 workshop on Programming languages and analysis for security
A Type System for Observational Determinism
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Flexible scheduler-independent security
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
On the relation between differential privacy and quantitative information flow
ICALP'11 Proceedings of the 38th international conference on Automata, languages and programming - Volume Part II
Quantitative information flow and applications to differential privacy
Foundations of security analysis and design VI
Language equivalence for probabilistic automata
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Assumptions and Guarantees for Compositional Noninterference
CSF '11 Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium
LTSMIN: distributed and symbolic reachability
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Why waste a perfectly good abstraction?
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Scheduler-specific confidentiality for multi-threaded programs and its logic-based verification
FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
Confidentiality for probabilistic multi-threaded programs and its verification
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Confidentiality for probabilistic multi-threaded programs and its verification
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Effective verification of confidentiality for multi-threaded programs
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
Confidentiality is an important concern in today's information society: electronic payment and personal data should be protected appropriately. This holds in particular for multi-threaded applications, which are generally seen the future of high-performance computing. Multi-threading poses new challenges to data protection, in particular, data races may be exploited in security attacks. Also, the role of the scheduler is seminal in the multi-threaded context. This paper proposes a new notion of confidentiality for probabilistic and non-probabilistic multi-threaded programs, formalized as scheduler-specific probabilistic observational determinism (SSPOD), together with verification methods. Essentially, SSPOD ensures that no information about the private data can be derived either from the public data, or from the probabilities of the public data being changed. Moreover, SSPOD explicitly depends on a given (class of) schedulers. Formally, this is expressed by using two conditions: (i) each publicly visible variable individually behaves deterministically with probability 1, and (ii) for every trace considering all publicly visible variables, there always exists a matching trace with equal probability. We verify these conditions by a clever combination of new and existing algorithms over probabilistic Kripke structures.