Quantifying Opacity
This work addresses security property quantification for system designers, offering incremental extensions to existing possibilistic opacity frameworks.
The paper tackles the problem of quantifying opacity in probabilistic systems by introducing measures for opacity leakage probability and uncertainty about secret membership, and provides algorithms to compute these measures for regular secrets and observations.
Opacity is a general language-theoretic framework in which several security properties of a system can be expressed. Its parameters are a predicate, given as a subset of runs of the system, and an observation function, from the set of runs into a set of observables. The predicate describes secret information in the system and, in the possibilistic setting, it is opaque if its membership cannot be inferred from observation. In this paper, we propose several notions of quantitative opacity for probabilistic systems, where the predicate and the observation function are seen as random variables. Our aim is to measure (i) the probability of opacity leakage relative to these random variables and (ii) the level of uncertainty about membership of the predicate inferred from observation. We show how these measures extend possibilistic opacity, we give algorithms to compute them for regular secrets and observations, and we apply these computations on several classical examples. We finally partially investigate the non-deterministic setting.