Persistent Stochastic Non-Interference

In this paper we present an information flow security property for stochastic, cooperating, processes expressed as terms of the Performance Evaluation Process Algebra (PEPA). We introduce the notion of Persistent Stochastic Non-Interference (PSNI) based on the idea that every state reachable by a process satisfies a basic Stochastic Non-Interference (SNI) property. The structural operational semantics of PEPA allows us to give two characterizations of PSNI: the first involves a single bisimulation-like equivalence check, while the second is formulated in terms of unwinding conditions. The observation equivalence at the base of our definition relies on the notion of lumpability and ensures that, for a secure process P, the steady state probability of observing the system being in a specific state P' is independent from its possible high level interactions.Comment: In Proceedings EXPRESS/SOS 2018, arXiv:1808.0807

Delimited Persistent Stochastic Non-Interference

Non-Interference is an information flow security property which aims to protect confidential data by ensuring the complete absence of any information flow from high level entities to low level ones. However, this requirement is too demanding when dealing with real applications: indeed, no real policy ever guarantees a total absence of information flow. In order to deal with real applications, it is often necessary to allow mechanisms for downgrading or declassifying information such as information filters and channel control. In this paper we generalize the notion of Persistent Stochastic Non-Interference (PSNI) in order to allow information to flow from a higher to a lower security level through a downgrader. We introduce the notion of Delimited Persistent Stochastic Non-Interference (D_PSNI) and provide two characterizations of it, one expressed in terms of bisimulation-like equivalence checks and another one formulated through unwinding conditions. Then we prove some compositionality properties. Finally, we present a decision algorithm and discuss its complexity

Information Flow Security for Stochastic Processes

In this paper we study an information flow security property for systems specified as terms of a quantitative process algebra, namely Performance Evaluation Process Algebra (PEPA). Intuitively, we propose a quantitative extension of the Non-Interference property used to secure systems from the functional point view by assuming that the observers are able to measure also the timing properties of the system, e.g., the response time or the throughput. We introduce the notion of Persistent Stochastic Non-Interference (PSNI) and provide two characterizations of it: one based on a bisimulation-like equivalence relation inducing a lumping on the underlying Markov chain, and another one based on unwinding conditions which demand properties of individual actions. These two different characterizations naturally lead to efficient methods for the verification and construction of secure systems. A decision algorithm for PSNI is presented and an application of PSNI to a queueing system is discussed

Noninterference Analysis of Reversible Systems: An Approach Based on Branching Bisimilarity

The theory of noninterference supports the analysis and the execution of secure computations in multi-level security systems. Classical equivalence-based approaches to noninterference mainly rely on weak bisimulation semantics. We show that this approach is not sufficient to identify potential covert channels in the presence of reversible computations. As illustrated via a database management system example, the activation of backward computations may trigger information flows that are not observable when proceeding in the standard forward direction. To capture the effects of back and forth computations, it is necessary to switch to a more expressive semantics that, in an interleaving framework, has been proven to be branching bisimilarity in a previous work by De Nicola, Montanari, and Vaandrager. In this paper we investigate a taxonomy of noninterference properties based on branching bisimilarity along with their preservation and compositionality features, then we compare it with the classical hierarchy based on weak bisimilarity

Persistent Stochastic Non-Interference

In this paper, we study an information flow security property for systems specified as terms of a quantitative Markovian process algebra, namely the Performance Evaluation Process Algebra (PEPA). We propose a quantitative extension of the Non-Interference property used to secure systems from the functional point view by assuming that the observers are able to measure also the timing properties of the system, e.g., the response time of certain actions or its throughput. We introduce the notion of Persistent Stochastic Non-Interference (PSNI) based on the idea that every state reachable by a process satisfies a basic Stochastic Non-Interference (SNI) property. The structural operational semantics of PEPA allows us to give two characterizations of PSNI: one based on a bisimulation-like equivalence relation inducing a lumping on the underlying Markov chain, and another one based on unwinding conditions which demand properties of individual actions. These two different characterizations naturally lead to efficient methods for the verification and construction of secure systems. A decision algorithm for PSNI is presented and an application of PSNI to a queueing system is discussed

D_PSNI: Delimited persistent stochastic non-interference

Non-Interference is an information flow security property which aims to protect confidential data by ensuring the complete absence of any information flow from high level entities to low level ones. However, this requirement is too demanding when dealing with real applications: indeed, no real policy ever guarantees a total absence of information flow. In order to deal with real applications, it is often necessary to allow mechanisms for downgrading or declassifying information such as information filters and channel control. In this paper we introduce the notion of Delimited Persistent Stochastic Non-Interference (D_PSNI) that allows information to flow from a higher to a lower security level through a downgrader. We provide two algebraic characterizations of D_PSNI and prove some compositionality properties. Finally, we present a decision algorithm and discuss its time complexity

D_PSNI: Delimited persistent stochastic non-interference

Non-Interference is an information flow security property which aims to protect confidential data by ensuring the complete absence of any information flow from high level entities to low level ones. However, this requirement is too demanding when dealing with real applications: indeed, no real policy ever guarantees a total absence of information flow. In order to deal with real applications, it is often necessary to allow mechanisms for downgrading or declassifying information such as information filters and channel control. In this paper we introduce the notion of Delimited Persistent Stochastic Non-Interference (D_PSNI) that allows information to flow from a higher to a lower security level through a downgrader. We provide two algebraic characterizations of D_PSNI and prove some compositionality properties. Finally, we present a decision algorithm and discuss its time complexity

A process algebra for (delimited) persistent stochastic non-interference

In this paper, we consider the information flow security properties named Persistent Stochastic Non-Interference (PSNI) and Delimited Persistent Stochastic Non-Interference (D_PSNI) for stochastic cooperating processes described as terms of the Performance Evaluation Process Algebra (PEPA). A PEPA process P that satisfies (D)_PSNI admits only controlled information flows from the high, private, level of confidentiality to the low, public, one. In particular, the downgrading/declassification of information is permitted only when performed by a trusted component. Once a process has been defined one can only check whether it satisfies (D)_PSNI or not. In this work, we contribute to the verification and construction of secure processes in two respects: (i) first we prove new compositionality properties for (D)_PSNI and then (ii) we exploit them in order to introduce a new process algebra which allows the definition of processes which are secure by construction, thus avoiding any further check

Preface to the Proceedings of the 34th Italian Conference on Computational Logic (CILC 2019)

The 34th edition of the Italian Convention of Computational Logic (CILC 2019), the annual meeting of GULP (Gruppo ricercatori e Utenti Logic Programming), was hosted by the University of Trieste from June 19th to June 21st, 2019. CILC was originally meant to be a forum for exchanging ideas and experiences between Italian researchers in the field of computational logic, however, in recent years, it has broadened its topics of interest also to a wide set of related areas spacing from verification of formal systems to knowledge representation. The technical program of CILC 2019 features 37 presentations of as many high-quality papers; 27 of them are included in these proceedings and the remaining ones appeared or were submitted to other conferences, workshops or journals. Each of the submitted papers was evaluated by three reviewers and, according to their judgments, was either accepted or rejected for the presentation and publication in the proceedings. The contributions address different topics related to computational logic, including verification and validation, temporal reasoning, description logics, formal methods in AI, knowledge representation, and constraint logic programming. The program was also enriched by an ambassador talk \u201cDigForASP: A European Cooperation Network for Logic-based AI in Digital Forensics\u201d by Stefania Costantini, Francesca Alessandra Lisi, and Raffaele Olivieri and 3 tutorials: \u2013 The SATisfiability problem and its impact Agostino Dovier, Universit\ue0 degli Studi di Udine \u2013 Multiagent Epistemic Planning Enrico Pontelli, New Mexico State University \u2013 Model checking: The interval way Angelo Montanari, Universit\ue0 degli Studi di Udine The following works were presented at CILC 2019, but are not included in this proceedings: \u2013 Epistemic Answer Set Programming: a new perspective Ezgi Iraz Su \u2013 Extending ALC with the power-set construct Laura Giordano and Alberto Policriti \u2013 Accountable Protocols in Abductive Logic Programming Marco Gavanelli, Marco Alberti, and Evelina Lamma \u2013 Model Completeness, Covers and Superposition (Abridged Version) Diego Calvanese, Silvio Ghilardi, Alessandro Gianola, Marco Montali, and Andrey Rivkin \u2013 Proving Properties of Sorting Programs: A Case Study in Horn Clause Verification Emanuele De Angelis, Fabio Fioravanti, Alberto Pettorossi, and Maurizio Proietti \u2013 An Ontology to Improve the First Aid Service Quality Lorenzo De Lauretis and Stefania Costantini \u2013 An ASP-based Approach for Optimizing DLV Evaluation Carlo Allocca, Francesco Calimeri, Roberta Costabile, Alessio Fiorentino, Nicola Leone, Marco Manna, Simona Perri, and Jessica Zangari \u2013 Large Scale DLV: Preliminary Results Nicola Leone, Carlo Allocca, Mario Alviano, Francesco Calimeri, Cristina Civili, Roberta Costabile, Bernardo Cuteri, Alessio Fiorentino, Davide Fusc`a, Stefano Germano, Giovanni Laboccetta, Marco Manna, Simona Perri, Kristian Reale, Francesco Ricca, Pierfrancesco Veltri, and Jessica Zangari \u2013 A Process Algebra for (Delimited) Persistent Stochastic Non-Interference Andrea Marin, Carla Piazza, and Sabina Rossi \u2013 Accountability, Responsibility, and Robustness in Agent Organizations Matteo Baldoni, Cristina Baroglio, and Roberto Micalizio We would like to thank all the people who have contributed to the success of CILC 2019: the authors, the invited speakers, the program committee, the reviewers, and the participants. Special thanks go to both the President and the former President of GULP, Stefania Costantini and Agostino Dovier, and to the secretary of GULP, Fabio Fioravanti, for their support in the organization of the event