Probability of Data Leakage and its Impacts on Confidentiality
Document Type
Conference Proceeding
Publication Date
6-16-2022
Abstract
A multi-channel communication architecture featuring distributed fragments of data is presented as a method for improving security available in a communication architecture. However, measuring security remains challenging. The Quality of Secure Service (QoSS) model defines a manner by which the probability of data leakage and the probability of data corruption may be used to estimate security properties for a given communication network. These two probabilities reflect two of the three aspects of the IT security triad, specifically confidentiality and integrity. The probability of data leakage is directly related to the probability of confidentiality and may be estimated based on the probabilities of data interception, decryption, and decoding. The number of listeners who have access to the communication channels influences these probabilities, and unique to the QoSS model, the ability to fragment and distribute data messages across multiple channels between sender and receiver. To simulate the behaviors of various communication architectures and the possibility of malicious interference, the probability of data leakage and its constituent metrics require a thorough analysis. Even if a listener is aware that multiple channels exist, each intermediate node (if any) simply appears to have one input and one output. There may be one or more listeners, and they may or may not be working cooperatively. Even if the listener(s) gains access to more than one channel, there is still the challenge of decrypting, decoding, or reassembling the fragmented data. The analysis presented herein will explore the probability of confidentiality from both the authorized user’s and the adversary’s perspective.
Source Publication
21st European Conference on Cyber Warfare and Security, ECCWS 2022
Recommended Citation
Simon, P., & Graham, S. R. (2022). Probability of Data Leakage and its Impacts on Confidentiality. European Conference on Information Warfare and Security, ECCWS, 280–288. doi: 10.34190/eccws.21.1.472
Comments
This open access paper was presented at ECCWS 2022. The "Link to Full Text" on this page will open or save the PDF of the full conference paper, hosted at the conference's publishing partner.
The DOI link below points to the paper's record page at the publisher.
This is an Open Access conference paper published and distributed under the terms of the Creative Commons Attribution-NonCommercial-NoDerivatives License , which permits non-commercial re-use, distribution, and reproduction in any medium, provided the original work is properly cited, and is not altered, transformed, or built upon in any way. CC BY-NC-ND 4.0
Please fully attribute as cited below in any re-use.