A Quantale of Information
Paper in proceeding, 2021

Information flow properties are the semantic cornerstone of a wide range of program transformations, program analyses, and security properties. The variety of information that can be transmitted from inputs to outputs in a deterministic system can be captured by representing information as equivalence relations over the sets of possible values, using an equivalence relation on the input domain to model what may be learned, and an equivalence relation on the output to model what may be observed. The set of equivalence relations over a given set of values form a lattice, where the partial order models containment of information, and lattice join models the effect of combining information. This elegant and general structure is sometimes referred to as the lattice of information.In this paper we identify an abstraction of information flow which has not been studied previously, namely disjunctive dependency (depending on x or y, as distinct from depending on both x and y). We argue that this refines the space of semantic models for dependency in a way which is both interesting in its own right and which has applications in security settings of practical interest (in particular, where so-called “Chinese wall policies” are in effect).To model disjunctive dependency we introduce a nontrivial generalisation of the lattice of information in the form of a richer structure, built on sets of equivalence relations closed under a novel condition called tiling-closure. This structure forms a quantale - a lattice equipped with a tensor operation - in which lattice join corresponds to disjunctive combination of information, and tensor corresponds to conjunctive combination. Using this we generalise the definition of information flow properties, and show that the definition has the key properties needed to support compositional reasoning about programs.

security policy

nonin- terference

dependency analysis

information flow

Author

Leo Sebastian Hunt

City University

David Sands

Computing Science

Proceedings - IEEE Computer Security Foundations Symposium

19401434 (ISSN)

94-108
978-1-7281-7607-9 (ISBN)

IEEE 34th Computer Security Foundations Symposium (CSF)
, ,

WebSec: Securing Web-driven Systems

Swedish Foundation for Strategic Research (SSF) (RIT17-0011), 2018-03-01 -- 2023-02-28.

Perspex: Flexible and Transparent Local Differential Privacy

Swedish Research Council (VR) (2018-04230), 2019-01-01 -- 2022-12-31.

Areas of Advance

Information and Communication Technology

Roots

Basic sciences

Subject Categories

Computer Science

DOI

10.1109/CSF51468.2021.00031

ISBN

9781728176079

More information

Latest update

3/21/2023