Elements of information theory
Elements of information theory
The formal semantics of programming languages: an introduction
The formal semantics of programming languages: an introduction
A lattice model of secure information flow
Communications of the ACM
BI as an assertion language for mutable data structures
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Syntactic control of interference
POPL '78 Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Cryptography and data security
Cryptography and data security
Separation Logic: A Logic for Shared Mutable Data Structures
LICS '02 Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science
A Type-Based Approach to Program Security
TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Non-Interference: Who Needs It?
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A logical approach to multilevel security of probabilistic systems
Distributed Computing
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Quantitative static analysis of distributed systems
Journal of Functional Programming
Quantitative Information Flow, Relations and Polymorphic Types
Journal of Logic and Computation
Quantified Interference for a While Language
Electronic Notes in Theoretical Computer Science (ENTCS)
IEEE Transactions on Information Theory
Quantitative analysis of leakage for multi-threaded programs
Proceedings of the 2007 workshop on Programming languages and analysis for security
A simulation-based proof technique for dynamic information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
Fast probabilistic simulation, nontermination, and secure information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
A static analysis for quantifying information flow in a simple imperative language
Journal of Computer Security
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Lagrange multipliers and maximum information leakage in different observational models
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Formalized Information-Theoretic Proofs of Privacy Using the HOL4 Theorem-Prover
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection
Transactions on Computational Science IV
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Quantifying maximal loss of anonymity in protocols
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Bounds on the Leakage of the Input's Distribution in Information-Hiding Protocols
Trustworthy Global Computing
Quantifying information leakage in process calculi
Information and Computation
Measuring channel capacity to distinguish undue influence
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Quantitative Notions of Leakage for One-try Attacks
Electronic Notes in Theoretical Computer Science (ENTCS)
Probabilistic and nondeterministic aspects of anonymity
Theoretical Computer Science
An Interval-based Abstraction for Quantifying Information Flow
Electronic Notes in Theoretical Computer Science (ENTCS)
Quantifying information flow with beliefs
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Computationally sound typing for non-interference: the case of deterministic encryption
FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Adversaries and information leaks (Tutorial)
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Risk assessment of security threats for looping constructs
Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
The reachability-bound problem
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Proceedings of the 17th ACM conference on Computer and communications security
Information theory and security: quantitative information flow
SFM'10 Proceedings of the Formal methods for quantitative aspects of programming languages, and 10th international conference on School on formal methods for the design of computer, communication and software systems
The optimum leakage principle for analyzing multi-threaded programs
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
Information flow in interactive systems
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
On bounding problems of quantitative information flow
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Proceedings of the 2010 workshop on New security paradigms
Quantifying information leaks in software
Proceedings of the 26th Annual Computer Security Applications Conference
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Leakage quantification of cryptographic operations
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Quantitative information flow and applications to differential privacy
Foundations of security analysis and design VI
Formalization of entropy measures in HOL
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Formal Verification of Differential Privacy for Interactive Systems (Extended Abstract)
Electronic Notes in Theoretical Computer Science (ENTCS)
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Applied quantitative information flow and statistical databases
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Non-termination and secure information flow
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Quantitative information flow: from theory to practice?
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Calculating bounds on information leakage using two-bit patterns
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Measuring information flow in reactive processes
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Differential privacy: on the trade-off between utility and information leakage
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Symbolic quantitative information flow
ACM SIGSOFT Software Engineering Notes
Proceedings of the 2012 workshop on New security paradigms
Quantitative program dependence graphs
ICFEM'12 Proceedings of the 14th international conference on Formal Engineering Methods: formal methods and software engineering
Quantitative analysis of information flow using theorem proving
ICFEM'12 Proceedings of the 14th international conference on Formal Engineering Methods: formal methods and software engineering
A differentially private mechanism of optimal utility for a region of priors
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
On bounding problems of quantitative information flow
Journal of Computer Security - ESORICS 2010
Quantitative information flow in interactive systems
Journal of Computer Security - ARSPA-WITS'10
| Hi-index | 0.00 |
There is a clear intuitive connection between the notion of leakage of information in a program and concepts from information theory. This intuition has not been satisfactorily pinned down, until now. In particular, previous information-theoretic models of programs are imprecise, due to their overly conservative treatment of looping constructs. In this paper we provide the first precise information-theoretic semantics of looping constructs. Our semantics describes both the amount and rate of leakage; if either is small enough, then a program might be deemed "secure". Using the semantics we provide an investigation and classification of bounded and unbounded covert channels.