Conference ProceedingsOPEN ACCESS

Understanding and Enforcing Opacity

Proceedings of the Computer Security Foundations Workshop (2015) 2015-September 539-553
DOI: 10.1109/CSF.2015.41
11Citations
Citations of this article
15Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

This paper puts a spotlight on the specification and enforcement of opacity, a security policy for protecting sensitive properties of system behavior. We illustrate the fine granularity of the opacity policy by location privacy and privacy-preserving aggregation scenarios. We present a general framework for opacity and explore its key differences and formal connections with such well-known information-flow models as non-interference, knowledge-based security, and declassification. Our results are machine-checked and parameterized in the observational power of the attacker, including progress-insensitive, progress-sensitive, and timing-sensitive attackers. We present two approaches to enforcing opacity: a whitebox monitor and a blackbox sampling-based enforcement. We report on experiments with prototypes that utilize state-of-the-art Satisfiability Modulo Theories (SMT) solvers and the random testing tool QuickCheck to establish opacity for the location and aggregation-based scenarios.

Author supplied keywords

Cite

CITATION STYLE

APA

Schoepe, D., & Sabelfeld, A. (2015). Understanding and Enforcing Opacity. In Proceedings of the Computer Security Foundations Workshop (Vol. 2015-September, pp. 539–553). IEEE Computer Society. https://doi.org/10.1109/CSF.2015.41

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free