Probabilistic confidentiality properties based on indistinguishability
Abstract
This paper motivates three confidentiality properties based on the notion of indistinguishable behavior induced by adversary observations of nondeterministic and probabilistic systems. Concealed behavior is a possibilistic property, whereas ensured entropy and bounded risk are probabilistic properties. In contrast to noninterferencelike information flow properties, these properties do not primarily aim at restricting information flow, but on keeping the differences between indistinguishable behavior confidential. To support the probabilistic definitions, the concept of the probability of a trace given an observation is clarified for systems permitting external, nondeterministic, and probabilistic choice.
Full Text: PDF