Doctoral thesis (Dissertations and theses)
GAMES AND STRATEGIES IN ANALYSIS OF SECURITY PROPERTIES
Tabatabaei, Masoud
2016
 

Files


Full Text
Thesis.pdf
Author postprint (901.23 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Abstract :
[en] Information security problems typically involve decision makers who choose and adjust their behaviors in the interaction with each other in order to achieve their goals. Consequently, game theoretic models can potentially be a suitable tool for better understanding the challenges that the interaction of participants in information security scenarios bring about. In this dissertation, we employ models and concepts of game theory to study a number of subjects in the field of information security. In the first part, we take a game-theoretic approach to the matter of preventing coercion in elections. Our game models for the election involve an honest election authority that chooses between various protection methods with different levels of resistance and different implementation costs. By analysing these games, it turns out that the society is better off if the security policy is publicly announced, and the authorities commit to it. Our focus in the second part is on the property of noninterference in information flow security. Noninterference is a property that captures confidentiality of actions executed by a given process. However, the property is hard to guarantee in realistic scenarios. We show that the security of a system can be seen as an interplay between functionality requirements and the strategies adopted by users, and based on this we propose a weaker notion of noninterference, which we call strategic noninterference. We also give a characterisation of strategic noninterference through unwinding relations for specific subclasses of goals and for the simplified setting where a strategy is given as a parameter. In the third part, we study the security of information flow based on the consequences of information leakage to the adversary. Models of information flow security commonly prevent any information leakage, regardless of how grave or harmless the consequences the leakage can be. Even in models where each piece of information is classified as either sensitive or insensitive, the classification is “hardwired” and given as a parameter of the analysis, rather than derived from more fundamental features of the system. We suggest that information security is not a goal in itself, but rather a means of preventing potential attackers from compromising the correct behavior of the system. To formalize this, we first show how two information flows can be compared by looking at the adversary’s ability to harm the system. Then, we propose that the information flow in a system is effectively secure if it is as good as its idealized variant based on the classical notion of noninterference. Finally, we shift our focus to the strategic aspect of information security in voting procedures. We argue that the notions of receipt-freeness and coercion resistance are underpinned by existence (or nonexistence) of a suitable strategy for some participants of the voting process. In order toback the argument formally, we provide logical “transcriptions” of the informal intuitions behind coercion-related properties that can be found in the existing literature. The transcriptions are formulatedin the modal game logic ATL*, well known in the area of multi-agent systems.
Disciplines :
Computer science
Author, co-author :
Tabatabaei, Masoud ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Language :
English
Title :
GAMES AND STRATEGIES IN ANALYSIS OF SECURITY PROPERTIES
Defense date :
24 October 2016
Number of pages :
137
Institution :
Unilu - University of Luxembourg, Luxembourg, Luxembourg
Degree :
DOCTEUR DE L’UNIVERSITÉ DU LUXEMBOURG EN INFORMATIQUE
Promotor :
Ryan, Peter 
Jamroga, Wojciech
Jury member :
Teague, Vanessa
Schneider, Steve
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR5884506 - Games And Information Algebras In Analysis Of Voting Systems, 2013 (01/04/2013-31/10/2016) - Masoud Tabatabaei
Name of the research project :
Games and Information Algebras in Analysis of Voting Systems
Funders :
FNR - Fonds National de la Recherche [LU]
Available on ORBilu :
since 25 January 2017

Statistics


Number of views
186 (40 by Unilu)
Number of downloads
585 (25 by Unilu)

Bibliography


Similar publications



Contact ORBilu