Assessing security threats of looping constructs
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An information-theoretic model for adaptive side-channel attacks
Proceedings of the 14th ACM conference on Computer and communications security
Formalized Information-Theoretic Proofs of Privacy Using the HOL4 Theorem-Prover
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Quantifying Timing Leaks and Cost Optimisation
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Quantifying information leakage in process calculi
Information and Computation
Quantitative Notions of Leakage for One-try Attacks
Electronic Notes in Theoretical Computer Science (ENTCS)
Measure software - and its evolution - using information content
Proceedings of the joint international and annual ERCIM workshops on Principles of software evolution (IWPSE) and software evolution (Evol) workshops
An Interval-based Abstraction for Quantifying Information Flow
Electronic Notes in Theoretical Computer Science (ENTCS)
Quantifying information flow with beliefs
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Adversaries and information leaks (Tutorial)
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Risk assessment of security threats for looping constructs
Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
Information theory and security: quantitative information flow
SFM'10 Proceedings of the Formal methods for quantitative aspects of programming languages, and 10th international conference on School on formal methods for the design of computer, communication and software systems
Compositionality of secure information flow
MPC'10 Proceedings of the 10th international conference on Mathematics of program construction
Quantifying information leaks in software
Proceedings of the 26th Annual Computer Security Applications Conference
Non-uniform distributions in quantitative information-flow
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Automatically deriving information-theoretic bounds for adaptive side-channel attacks
Journal of Computer Security
Studying software evolution using artefacts' shared information content
Science of Computer Programming
Quantitative information flow and applications to differential privacy
Foundations of security analysis and design VI
Applied quantitative information flow and statistical databases
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Quantitative information flow: from theory to practice?
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Timing-sensitive information flow analysis for synchronous systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Calculating bounds on information leakage using two-bit patterns
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Computing the leakage of information-hiding systems
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Differential privacy: on the trade-off between utility and information leakage
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Min-Entropy leakage of channels in cascade
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
A differentially private mechanism of optimal utility for a region of priors
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Dynamic enforcement of knowledge-based security policies using probabilistic abstract interpretation
Journal of Computer Security
| Hi-index | 0.00 |
This paper uses Shannon's information theory to give a quantitative definition of information flow in systems that transform inputs to outputs. For deterministic systems, the definition is shown to specialize to a simpler form when the information source and the known inputs jointly determine all inputs uniquely. For this special case, the definition is related to the classical security condition of non-interference and an equivalence is established between non-interference and independence of random variables. Quantitative information flow for deterministic systems is then presented in relational form. With this presentation, it is shown how relational parametricity can be used to derive upper and lower bounds on information flows through families of functions defined in the second-order lambda calculus.