Open Access Dissertation
Date of Award
Electrical and Computer Engineering
The exchange of sensitive information in many systems over a network can be manipulated
by unauthorized access. Opacity is a property to investigate security and
privacy problems in such systems. Opacity characterizes whether a secret information
of a system can be inferred by an unauthorized user. One approach to verify security
and privacy properties using opacity problem is to model the system that may leak confidential
information as a discrete event system. The problem that has not investigated
intensively is the enforcement of opacity properties by supervisory control. In other
words, constructing a minimally restrictive supervisor to limit the system's behavior so
an unauthorized user cannot discover or infer the secret information.
We describe and analyze the complexity of opacity in systems that are modeled as
a discrete event system with partial observation mapping. We define three types of
opacity: strong opacity, weak opacity, and no opacity. Strong Opacity describes the
inability for the system's observer to know what happened in a system. On the other
hand, No-opacity refers to the condition where there is no ambiguity in the system
behavior. The definitions introduce properties of opacity and its effects on the system
behavior. Strong opacity can be used to study security related problems while no opacity
can be used to study fault, detection and diagnosis, among many other applications. In
this dissertation, we investigate the largest opaque sublanguages and smallest opaque
superlanguages of a language if the language is not opaque. We studied how to ensure
strong opacity, weak opacity and no opacity by supervisory control. If strong opacity,
weak opacity or no opacity is not satisfied, then we can restrict the system's behavior by a
supervisor so that strong opacity, weak opacity or no opacity is satisfied. We investigate
the strong opacity control problem (SOCP), the weak opacity control problem (WOCP),
and no opacity control problem (NOCP).
As illustrated by examples in the dissertation, the above properties of opacity can
be used to characterize the security requirements in many applications, as anonymity
requirements in protocols for web browsing. Solutions to SOCP in terms of the largest
sublanguage that is controllable, observable (or normal), and strongly opaque were characterized.
Similar characterization is available for solutions to NOCP.
Ben Kalefa, Majed Mohamed, "Opacity Of Discrete Event Systems: Analysis And Control" (2013). Wayne State University Dissertations. 830.