Probability of Data Leakage and Its Impacts on Confidentiality

Abstract

A multi-channel communication architecture featuring distributed fragments of data is presented as a method for improving security available in a communication architecture. However, measuring security remains challenging. The Quality of Secure Service (QoSS) model defines a manner by which the probability of data leakage and the probability of data corruption may be used to estimate security properties for a given communication network. These two probabilities reflect two of the three aspects of the IT security triad, specifically confidentiality and integrity. The probability of data leakage is directly related to the probability of confidentiality and may be estimated based on the probabilities of data interception, decryption, and decoding. The number of listeners who have access to the communication channels influences these probabilities, and unique to the QoSS model, the ability to fragment and distribute data messages across multiple channels between sender and receiver. To simulate the behaviors of various communication architectures and the possibility of malicious interference, the probability of data leakage and its constituent metrics require a thorough analysis. Even if a listener is aware that multiple channels exist, each intermediate node (if any) simply appears to have one input and one output. There may be one or more listeners, and they may or may not be working cooperatively. Even if the listener(s) gains access to more than one channel, there is still the challenge of decrypting, decoding, or reassembling the fragmented data. The analysis presented herein will explore the probability of confidentiality from both the authorized user’s and the adversary’s perspective.