Minimizing information leakage is a crucial problem in DRM software development processes, where security information (e.g., device keys and S-BOX of CPRM systems) must be rigorously managed. This paper presents a method to evaluate the risk of information leakage in a software process for security-sensitive applications. A software process is modeled as a series of sub-processes, each of which produces new work products from input products. Since a process is conducted usually by multiple developers, knowledge of work products is shared among the developers. Through the collaboration, a developer may tell others the knowledge of products that are not related to the process. We capture the transfer of such irrelevant product knowledge as the information leakage in a software process. In this paper, we first formulate the problem of information leakage by introducing a formal software process model. Then, we propose a method to derive the probability that each developer d knows each work product p at a given process of software development. The probability reflects the possibility that someone leaked the knowledge of p to d, unless it is equal to 1.0. We also conduct a quantitative case study to demonstrate how the information leakage varies depending on the assignment of developers.
|Cite as: Kanzaki, Y., Igaki, H., Nakamura, M., Monden, A. and Matsumoto, K.-i. (2005). Characterizing Dynamics of Information Leakage in Security-Sensitive Software Process. In Proc. Third Australasian Information Security Workshop (AISW 2005), Newcastle, Australia. CRPIT, 44. Safavi-Naini, R., Montague, P. and Sheppard, N., Eds. ACS. 145-151. |
(local if available)