Quantitative Analysis Of The Integrity Of The Information Flow

In the field of computer security,security is defined as the absence of unauthorized access and control in the system.It is usually expressed as three kinds of security attributes:confidentiality,integrity and availability.Preventing the leakage of confidential information and the contamination of trusted information is very important for computer security.Namely,confidentiality and integrity are two important attributes of computer security.Compared with the confidentiality security model of information flow,the research on the integrity security model is less.However,with the rapid development of internet applications such as e-commerce and social software,the demand for integrity is becoming more and more prominent.Because of the openness and complexity of the network environment,the trusted information will inevitably be changed in the actual computer system,and such changes are tolerable in many actual cases.so it is necessary to quantitatively characterize the integrity of information.The purpose of quantifying integrity is to measure how many changes are tolerable.Clarkson quantifies the integrity of information flow with Shannon entropy by modeling a program as a communication channel.This method can not satisfy intuition in one try.Therefore,this paper uses two new methods of min-entropy and belief min-entropy to quantify the integrity of information flow.The main content of this paper is as follows:In this paper,we firstly focus on the threat model that an attack will modify the trusted information as much as possible in one try.Based on the information integrity model defined by Clarkson,we use the min-entropy to quantify the trusted information.We quantify the contamination and the channel suppression in information integrity.We then analyze the relationship between the contamination and the channel capacity,and consider the integrity in the cascade of the programs.We discuss the negative value case in quantitative information integrity.Secondly,the three kinds of quantitative contamination method about Shannon entropy,min-entropy and belief is compared and analysised by the example.with the presence of the adversary's extra knowledge,we propose an alternative method according to the model of information flow integrity defined by Clarkson.we use the belief min-entropy to quantify the contamination and channel suppression.Compared with the previous methods,this method can be applied to a variety of attack scenarios.In particular,when the adversary's beliefs are compatible with the system,the levels of accuracy for adversary beliefs is identified.