Information-Flow Attacks Based on Limited Observations

Abstract: Abstract. Two formal models for description of timing attacks are presented, studied and compared with other security concepts. The models are based on a timed process algebra and on a concept of observations which make visible only a part of a system behaviour. An intruder tries to deduce some private system activities from this partial information which contains also timing of actions. To obtain realistic security characterizations some limitations on observational power of the intruder are applied. It is as… Show more

“…A weaker form of "probabilistic" opacity developed in the framework of probabilistic timed process algebra has been studied in [10]. The model in which an observer could observe time elapsing between two actions only with limited precision or during a limited time window is studied in [12,13]. In these papers security properties are considered to be qualitative but capabilities of an intruder have some quantitative aspects but his observations are still precise what represents a different approach that one studied here.…”

Quantifying Security for Timed Process Algebras

“…A weaker form of "probabilistic" opacity developed in the framework of probabilistic timed process algebra has been studied in [10]. The model in which an observer could observe time elapsing between two actions only with limited precision or during a limited time window is studied in [12,13]. In these papers security properties are considered to be qualitative but capabilities of an intruder have some quantitative aspects but his observations are still precise what represents a different approach that one studied here.…”

Quantifying Security for Timed Process Algebras