Monitoring confidentiality by diagnosis techniques | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >2009 European Control Confere...

Monitoring confidentiality by diagnosis techniques

PDF
Jérémy Dubreil; Thierry Jéron; Hervé Marchand
All Authors

Abstract:

We are interested in constructing monitors for the detection of confidential information flow in the context of partially observable discrete event systems. We focus on t...Show More

Metadata

Abstract:

We are interested in constructing monitors for the detection of confidential information flow in the context of partially observable discrete event systems. We focus on the case where the secret information is given as a regular language. We first characterize the set of observations allowing an attacker to infer the secret information. Further, based on the diagnosis of discrete event systems, we provide necessary and sufficient conditions under which detection and prediction of secret information flow can be ensured, and construct a monitor allowing an administrator to detect it.
Published in: 2009 European Control Conference (ECC)
Date of Conference: 23-26 August 2009
Date Added to IEEE Xplore: 02 April 2015
Print ISBN:978-3-9524173-9-3
DOI: 10.23919/ECC.2009.7074795
Conference Location: Budapest, Hungary
Contents

I. Introduction

There has been an increasing interest in research about computer security in the past decades. Indeed, the emergence of web services and the improvements of the possibilities of mobile and embedded systems allow lots of new and interesting features. But some of these services such as online payment, medical information storage or e-voting system may deal with some critical information. In the meantime, having more applications and devices for accessing these services also increases the possibilities for such information to flow. To avoid security breach, using automatic tools based on formal methods for security analysis can be beneficial. In this context, there has been a growing interest in verification [1], [2] and testing of security properties [3] in past years. In order to specify such automatic analysis methods, security properties are generally separated into three different categories: availability (a user can always perform the actions that are allowed by the security policy), integrity (something illegal cannot be performed by a user) and confidentiality (some secret information cannot be inferred by a user) [4].

Contact IEEE to Subscribe
More Like This
Remotely Piloted Aircraft Systems (RPAS) for Extreme Missions in the Arctic and the Monitoring of the Ukraine Crisis by the Organization for Security and Co-Operation in Europe (OS...

2016 49th Hawaii International Conference on System Sciences (HICSS)

Published: 2016

Pedestrian Tracking and Trajectory Analysis for Security Monitoring

2020 IEEE 5th Information Technology and Mechatronics Engineering Conference (ITOEC)

Published: 2020

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.