TY - JOUR
T1 - On the compositionality of quantitative information flow
AU - Kawamoto, Yusuke
AU - Chatzikokolakis, Konstantinos
AU - Palamidessi, Catuscia
N1 - Publisher Copyright:
© Yusuke Kawamoto, Konstantinos Chatzikokolakis, and Catuscia Palamidessi.
PY - 2017/8/15
Y1 - 2017/8/15
N2 - Information flow is the branch of security that studies the leakage of information due to correlation between secrets and observables. Since in general such correlation cannot be avoided completely, it is important to quantify the leakage. The most followed approaches to defining appropriate measures are those based on information theory. In particular, one of the most successful approaches is the recently proposed g-leakage framework, which encompasses most of the information-theoretic ones. A problem with g-leakage, however, is that it is defined in terms of a minimization problem, which, in the case of large systems, can be computationally rather heavy. In this paper we study the case in which the channel associated to the system can be decomposed into simpler channels, which typically happens when the observables consist of multiple components. Our main contribution is the derivation of bounds on the (multiplicative version of) g-leakage of the whole system in terms of the g-leakages of its components. We also consider the particular cases of min-entropy leakage and of parallel channels, generalizing and systematizing results from the literature. We demonstrate the effectiveness of our method and evaluate the precision of our bounds using examples.
AB - Information flow is the branch of security that studies the leakage of information due to correlation between secrets and observables. Since in general such correlation cannot be avoided completely, it is important to quantify the leakage. The most followed approaches to defining appropriate measures are those based on information theory. In particular, one of the most successful approaches is the recently proposed g-leakage framework, which encompasses most of the information-theoretic ones. A problem with g-leakage, however, is that it is defined in terms of a minimization problem, which, in the case of large systems, can be computationally rather heavy. In this paper we study the case in which the channel associated to the system can be decomposed into simpler channels, which typically happens when the observables consist of multiple components. Our main contribution is the derivation of bounds on the (multiplicative version of) g-leakage of the whole system in terms of the g-leakages of its components. We also consider the particular cases of min-entropy leakage and of parallel channels, generalizing and systematizing results from the literature. We demonstrate the effectiveness of our method and evaluate the precision of our bounds using examples.
KW - Compositionality
KW - G-leakage
KW - Information leakage
KW - Min-entropy leakage
KW - Quantitative information flow
U2 - 10.23638/LMCS-13(3:11)2017
DO - 10.23638/LMCS-13(3:11)2017
M3 - Article
AN - SCOPUS:85041830904
SN - 1860-5974
VL - 13
JO - Logical Methods in Computer Science
JF - Logical Methods in Computer Science
IS - 3
M1 - 11
ER -