Opacity, as an important property in information-flow security, characterizes
the ability of a system to keep some secret information from an intruder. In
discrete-event systems, based on a standard setting in which an intruder has
the complete knowledge of the system’s structure, the standard versions of
current-state opacity and initial-state opacity cannot perfectly characterize
high-level privacy requirements. To overcome such a limitation, in this paper
we propose two stronger versions of opacity in partially-observed
discrete-event systems, called emph{strong current-state opacity} and
emph{strong initial-state opacity}. Strong current-state opacity describes
that an intruder never makes for sure whether a system is in a secret state at
the current time, that is, if a system satisfies this property, then for each
run of the system ended by a secret state, there exists a non-secret run whose
observation is the same as that of the previous run. Strong initial-state
opacity captures that the visit of a secret state at the initial time cannot be
inferred by an intruder at any instant. Specifically, a system is said to be
strongly initial-state opaque if for each run starting from a secret state,
there exists a non-secret run of the system that has the same observation as
the previous run has. To verify these two properties, we propose two
information structures using a novel concurrent-composition technique, which
has exponential-time complexity
$O(|X|^4|Sigma_o||Sigma_{uo}||Sigma|2^{|X|})$, where $|X|$ (resp.,
$|Sigma|$, $|Sigma_o|$, $|Sigma_{uo}|$) is the number of states (resp.,
events, observable events, unobservable events) of a system.

By admin