scholarly journals Secure Service Composition with Quantitative Information Flow Evaluation in Mobile Computing Environments

Entropy ◽  
2019 ◽  
Vol 21 (8) ◽  
pp. 753
Author(s):  
Xi ◽  
Lv ◽  
Sun ◽  
Ma
Keyword(s):  
Mobile Devices ◽  
Information Flow ◽  
Service Composition ◽  
Heterogeneous Systems ◽  
Quantitative Information ◽  
Mobile Technologies ◽  
Composite Service ◽  
Information Flow Security ◽  
Evaluation Approach ◽  
Quantitative Information Flow

The advances in mobile technologies enable mobile devices to cooperate with each other to perform complex tasks to satisfy users’ composite service requirements. However, data with different sensitivities and heterogeneous systems with diverse security policies pose a great challenge on information flow security during the service composition across multiple mobile devices. The qualitative information flow control mechanism based on non-interference provides a solid security assurance on the propagation of customer’s private data across multiple service participants. However, strict discipline limits the service availability and may cause a high failure rate on service composition. Therefore, we propose a distributed quantitative information flow evaluation approach for service composition across multiple devices in mobile environments. The quantitative approach provides us a more precise way to evaluate the leakage and supports the customized disciplines on information flow security for the diverse requirements of different customers. Considering the limited energy feature on mobile devices, we use a distributed evaluation approach to provide a better balance on consumption on each service participant. Through the experiments and evaluations, the results indicate that our approach can improve the availability of composite service effectively while the security can be ensured.

scholarly journals Distributed Secure Service Composition with Declassification in Mobile Clouds

2017 ◽  
Vol 2017 ◽  
pp. 1-13 ◽  
Author(s):  
Ning Xi ◽  
Di Lu ◽  
Cong Sun ◽  
Jianfeng Ma ◽  
Yulong Shen
Keyword(s):  
Information Flow ◽  
Dynamic Characteristics ◽  
Service Composition ◽  
Composite Service ◽  
Information Flow Security ◽  
Service Components ◽  
Multiple Domains

The regional and dynamic characteristics of mobile clouds pose a great challenge on information flow security during service composition. Although secure verification approaches based on standard noninterference provide a solid assurance on information flow security of composite service, too strict constraints on service components may cause the failure of composition procedure. In order to ensure the availability of composite service, we specify the declassification policies based on cryptographic operations to allow data to be legally declassified. And we propose the improved distributed secure service composition framework and approach, which can realize different cloud platforms in multiple domains, cooperate with each other to complete the declassification, and secure composition procedure. Through the experiment and evaluation, it is indicated that our approach provides a more reliable and efficient way for secure service composition in mobile clouds.

scholarly journals Symbolic quantitative information flow

2012 ◽  
Vol 37 (6) ◽  
pp. 1-5 ◽  
Author(s):  
Quoc-Sang Phan ◽  
Pasquale Malacaria ◽  
Oksana Tkachuk ◽  
Corina S. Păsăreanu
Keyword(s):  
Information Flow ◽  
Quantitative Information ◽  
Quantitative Information Flow

Calculating Quantitative Integrity and Secrecy for Imperative Programs

2015 ◽  
Vol 6 (2) ◽  
pp. 23-46
Author(s):  
Tom Chothia ◽  
Chris Novakovic ◽  
Rajiv Ranjan Singh
Keyword(s):  
Mutual Information ◽  
Information Flow ◽  
Quantitative Information ◽  
Error Correcting Codes ◽  
Conditional Mutual Information ◽  
Program Integrity ◽  
Data Contamination ◽  
Definition Of ◽  
Quantitative Information Flow ◽  
Libor Rate

This paper presents a framework for calculating measures of data integrity for programs in a small imperative language. The authors develop a Markov chain semantics for their language which calculates Clarkson and Schneider's definitions of data contamination, data suppression, program suppression and program transmission. The authors then propose their own definition of program integrity for probabilistic specifications. These definitions are based on conditional mutual information and entropy; they present a result relating them to mutual information, which can be calculated by a number of existing tools. The authors extend a quantitative information flow tool (CH-IMP) to calculate these measures of integrity and demonstrate this tool with examples including error correcting codes, the Dining Cryptographers protocol and the attempts by a number of banks to influence the Libor rate.

Sign in / Sign up

Export Citation Format

Share Document