A Classification of Time and/or Probability Dependent Security Properties

Abstract

In multilevel systems it is important to avoid unwanted indirect information flow from higher levels to lower levels, namely the so called covert channels. Initial studies of information flow analysis were performed by abstracting away from time and probability. It is already known that systems that are considered to be secure may turn out to be insecure when time or probability are considered. Recently, work has been done in order to consider also aspects either of time or of probability, but not both. In this paper we propose a general framework, based on Probabilistic Timed Automata, where both probabilistic and timing covert channels can be studied. We define a Non-Interference security property that allows one to express information flow in a timed and probabilistic setting, and we compare the property with analogous properties defined in settings where either time or probability or none of them are taken into account. This allows to classify properties depending on their discerning power. © 2006 Elsevier B.V. All rights reserved.