Opacity Enforcement via Greedy Privately-and-Publicly Known Insertion Functions
This paper investigates the enforcement of (current-state) opacity, an important information-flow security property, via insertion functions. An insertion function is an obfuscation mechanism that inserts fictitious events to the outputs in order to confuse the outside observer (intruder) such that...
Gespeichert in:
Veröffentlicht in: | IEEE transactions on automatic control 2024-04, Vol.69 (4), p.1-8 |
---|---|
Hauptverfasser: | , , , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | This paper investigates the enforcement of (current-state) opacity, an important information-flow security property, via insertion functions. An insertion function is an obfuscation mechanism that inserts fictitious events to the outputs in order to confuse the outside observer (intruder) such that the secret of the system is not revealed. In some situations, the secret may be revealed when the insertion mechanism is (or becomes) publicly known. This leads to the problem of synthesizing private-and-public enforcing (PP-enforcing) insertion functions in the sense that opacity is still enforced even when the mechanism is discovered or published by the designer. Existing works that have investigated this synthesis problem are either only sound or have limited applicability as we show in this work. For this reason, and more importantly, to better solve the synthesis problem, a new approach is proposed upon an improved greedy criterion. We show that the proposed algorithm is both sound and complete, and can be used to completely solve the synthesis problem for the PP-enforcing insertion function. With slight modifications of our algorithm, infinite-step opacity and K-step opacity can also be enforced under publicly-known insertion mechanisms. |
---|---|
ISSN: | 0018-9286 1558-2523 |
DOI: | 10.1109/TAC.2023.3307791 |