Opacity Enforcement via Greedy Privately-and-Publicly Known Insertion Functions

This paper investigates the enforcement of (current-state) opacity, an important information-flow security property, via insertion functions. An insertion function is an obfuscation mechanism that inserts fictitious events to the outputs in order to confuse the outside observer (intruder) such that...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on automatic control 2024-04, Vol.69 (4), p.1-8
Main Authors: Liu, Rongjian, Lu, Jianquan, Liu, Yang, Yin, Xiang, Hadjicostis, Christoforos N.
Format: Article
Language:English
Subjects:
Algorithms
Automata
Behavioral sciences
Complexity theory
Discrete event systems
Information flow
Insertion
Insertion mechanism
Inserts
Mathematics
Observers
Opacity
Opacity enforcement
Publicly known obfuscation
Synthesis
System recovery
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper investigates the enforcement of (current-state) opacity, an important information-flow security property, via insertion functions. An insertion function is an obfuscation mechanism that inserts fictitious events to the outputs in order to confuse the outside observer (intruder) such that the secret of the system is not revealed. In some situations, the secret may be revealed when the insertion mechanism is (or becomes) publicly known. This leads to the problem of synthesizing private-and-public enforcing (PP-enforcing) insertion functions in the sense that opacity is still enforced even when the mechanism is discovered or published by the designer. Existing works that have investigated this synthesis problem are either only sound or have limited applicability as we show in this work. For this reason, and more importantly, to better solve the synthesis problem, a new approach is proposed upon an improved greedy criterion. We show that the proposed algorithm is both sound and complete, and can be used to completely solve the synthesis problem for the PP-enforcing insertion function. With slight modifications of our algorithm, infinite-step opacity and K-step opacity can also be enforced under publicly-known insertion mechanisms.
ISSN:0018-9286
1558-2523
DOI:10.1109/TAC.2023.3307791