Possibilistic information flow control in the presence of encrypted communication

Distributed systems make increasing use of encrypted channels to enable confidential communication. While non-interference provides suitable means to investigate the flow of information within distributed systems, it has proved to be rather difficult to capture the notion of encrypted channels in such a framework. In this paper, we extend the framework MAKS for possibilistic information flow in order to distinguish between the information flow due to the fact that a message has been sent and the flow that is due to the actual content of a message. We introduce an equivalence relation on observable events to identify those events an observer cannot distinguish and provide reduction techniques that enable us to prove the security of such systems with the help of exisiting unwinding techniques.