Concurrent constraint programming
POPL '90 Proceedings of the 17th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The semantic foundations of concurrent constraint programming
POPL '91 Proceedings of the 18th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Bisimulation through probabilistic testing
Information and Computation
Nondeterminism and infinite computations in constraint programming
Selected papers of the workshop on Topology and completion in semantics
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Confinement properties for programming languages
ACM SIGACT News
Verifying secrets and relative secrecy
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Process algebra and non-interference
Journal of Computer Security
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A Per Model of Secure Information Flow in Sequential Programs
ESOP '99 Proceedings of the 8th European Symposium on Programming Languages and Systems
Probabilistic Concurrent Constraint Programming: Towards a Fully Abstract Model
MFCS '98 Proceedings of the 23rd International Symposium on Mathematical Foundations of Computer Science
Towards Quantitative Verification of Probabilistic Transition Systems
ICALP '01 Proceedings of the 28th International Colloquium on Automata, Languages and Programming,
Probabilistic Noninterference in a Concurrent Language
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
An Operational Semantics for Probabilistic Concurrent Constraint Programming
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Non-Interference: Who Needs It?
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Security Analysis of a Probabilistic Non-repudiation Protocol
PAPM-PROBMIV '02 Proceedings of the Second Joint International Workshop on Process Algebra and Probabilistic Methods, Performance Modeling and Verification
Securing Communication in a Concurrent Language
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Analysing Approximate Confinement under Uniform Attacks
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Statically assuring secrecy for dynamic concurrent processes
Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Modeling and detecting the cascade vulnerability problem using soft constraints
Proceedings of the 2004 ACM symposium on Applied computing
A process-algebraic approach for the analysis of probabilistic noninterference
Journal of Computer Security
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
Downgrading policies and relaxed noninterference
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Handling declared information leakage: extended abstract
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Security policy in a declarative style
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Quantitative static analysis of distributed systems
Journal of Functional Programming
Information flow in secure contexts
Journal of Computer Security
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
Secure information flow with random assignment and encryption
Proceedings of the fourth ACM workshop on Formal methods in security
Measuring the confinement of probabilistic systems
Theoretical Computer Science - Theoretical foundations of security analysis and design II
Weakening the perfect encryption assumption in Dolev-Yao adversaries
Theoretical Computer Science - Theoretical foundations of security analysis and design II
What You Lose is What You Leak: Information Leakage in Declassification Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Information flow security in dynamic contexts
Journal of Computer Security
A simulation-based proof technique for dynamic information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
An information-theoretic model for adaptive side-channel attacks
Proceedings of the 14th ACM conference on Computer and communications security
A static analysis for quantifying information flow in a simple imperative language
Journal of Computer Security
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
ACM Transactions on Information and System Security (TISSEC)
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
An Interval-based Abstraction for Quantifying Information Flow
Electronic Notes in Theoretical Computer Science (ENTCS)
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
On declassification and the non-disclosure policy
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Quantified Interference for a While Language
Electronic Notes in Theoretical Computer Science (ENTCS)
Unwinding in Information Flow Security
Electronic Notes in Theoretical Computer Science (ENTCS)
A Quantitative Approach to Noninterference for Probabilistic Systems
Electronic Notes in Theoretical Computer Science (ENTCS)
Approximating Imperfect Cryptography in a Formal Model
Electronic Notes in Theoretical Computer Science (ENTCS)
An intrinsic characterization of approximate probabilistic bisimilarity
FOSSACS'03/ETAPS'03 Proceedings of the 6th International conference on Foundations of Software Science and Computation Structures and joint European conference on Theory and practice of software
More typed assembly languages for confidentiality
APLAS'07 Proceedings of the 5th Asian conference on Programming languages and systems
Adversaries and information leaks (Tutorial)
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Adjoining classified and unclassified information by abstract interpretation
Journal of Computer Security
Non-uniform distributions in quantitative information-flow
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Automatically deriving information-theoretic bounds for adaptive side-channel attacks
Journal of Computer Security
A security-aware refactoring tool for Java programs
Proceedings of the 4th Workshop on Refactoring Tools
On the rôle of abstract non-interference in language-based security
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Non-termination and secure information flow
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Modelling declassification policies using abstract domain completeness
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Towards a formal treatment of secrecy against computational adversaries
GC'04 Proceedings of the 2004 IST/FET international conference on Global Computing
Unwinding conditions for security in imperative languages
LOPSTR'04 Proceedings of the 14th international conference on Logic Based Program Synthesis and Transformation
Quantifying probabilistic information flow in computational reactive systems
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Measuring the speed of information leakage in mobile processes
AMAST'06 Proceedings of the 11th international conference on Algebraic Methodology and Software Technology
Measuring information flow in reactive processes
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
| Hi-index | 0.01 |
We address the problem of characterising the security of a program against unauthorised information flows. Classical approaches are based on non-interference models which depend ultimately on the notion of process equivalence. In these models confidentiality is an absolute property stating the absence of any illegal information flow. We present a model in which the notion of non-interference is approximated in the sense that it allows for some exactly quantified leakage of information. This is characterised via a notion of process similarity which replaces the indistinguishability of processes by a quantitative measure of their behaviouraldifference. Such a quantity is related to the number of statistical tests needed to distinguish two behaviours. We also present two semantics-based analyses of approximate non-interference and we show that one is a correct abstraction of the other.