Quantifying information flow with beliefs

Journal of Computer Security

Volumn 17, Issue 5, 2009, Pages 655-701

  Clarkson, Michael R ^a   Myers, Andrew C ^a   Schneider, Fred B ^a  

^a Department of Computer Science and School of Operations Research and Information Engineering   (United States)

Author keywords

Accuracy; Belief; Insider; Probabilistic semantics; Quantitative information flow; Security policies

Indexed keywords

ACCURACY; BELIEF; INSIDER; PROBABILISTIC SEMANTICS; QUANTITATIVE INFORMATION FLOW; SECURITY POLICIES;

SECURITY SYSTEMS; SEMANTICS;

METRIC SYSTEM;

EID: 70449455866     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-2009-0353     Document Type: Conference Paper

References (41)

1. M. Abadi and L. Lamport, The existence of refinement mappings, Theoretical Computer Science 82(2) (1991), 253-284.
2. R. Browne, The Turing test and non-information flow, in: Proceedings of the 1991 IEEE Symposium on Security and Privacy, Oakland, CA, 1991, pp. 375-385.
3. D. Clark, S. Hunt and P. Malacaria, Quantified interference: Information theory and information flow, in: Workshop on Issues in the Theory of Security, Barcelona, Spain, April 2004.
4. D. Clark, S. Hunt and P. Malacaria, Quantified interference for a while language, Electronic Notes in Theoretical Computer Science 112 (2005), 149-166.
5. D. Clark, S. Hunt and P. Malacaria, Quantitative information flow, relations and polymorphic types, Journal of Logic and Computation 18(2) (2005), 181-199.
6. M.R. Clarkson, A.C. Myers and F.B. Schneider, Belief in information flow, in Proc. 18th IEEE Computer Security Foundations Workshop, Aix-en-Provence, France, June 2005, pp. 31-45.
7. T.M. Cover and J.A. Thomas, Elements of Information Theory, John Wiley & Sons, New York, NY, 1991.
8. D. Denning, Cryptography and Data Security, Addison-Wesley, Reading, MA, 1982.
9. A. Di Pierro, C. Hankin and H. Wiklicky, Approximate non-interference, Journal of Computer Security 12(1) (2004), 37-81.
10. A. Di Pierro, C. Hankin and H. Wiklicky, Measuring the confinement of probabilistic systems, Theoretical Computer Science 340(1) (2005), 53-56.
11. A. Evfimievski, J. Gehrke and R. Srikant, Limiting privacy breaches in privacy preserving data mining, in: Proc. ACM Symp. on Principles of Database Systems, San Diego, CA, 2003, pp. 211- 222.
12. A. Gelman, J.B. Carlin, H.S. Stern and D.B. Rubin, Bayesian Data Analysis, Chapman and Hall/CRC, Boca Raton, FL, 2004.
13. J.A. Goguen and J. Meseguer, Security policies and security models, in: Proc. IEEE Symp. on Security and Privacy, Oakland, CA, April 1982, pp. 11-20.
14. J.W. Gray III, Toward a mathematical foundation for information flow security, in: Proceedings of the 1991 IEEE Symposium on Security and Privacy, Oakland, CA, 1991, pp. 21-35.
15. J.W. Gray III and P.F. Syverson, A logical approach to multilevel security of probabilistic systems, Distributed Computing 11(2) (1998), 73-90.
16. J. Halpern and K. O'Neill, Secrecy in multiagent systems, in: Proceedings of the 15th IEEE Computer Security Foundations Workshop, Cape Breton, NS, Canada, 2002, pp. 32-46.
17. J. Halpern and K. O'Neill, Anonymity and information hiding inmultiagent systems, in: Proceedings of the 16th IEEE Computer Security Foundations Workshop, Pacific Grove, CA, 2003, pp. 75-88.
18. J.Y. Halpern, Reasoning about Uncertainty, MIT Press, Cambridge, MA, 2003.
19. J.Y. Halpern and M.R. Tuttle, Knowledge, probability, and adversaries, Journal of the ACM 40(4) (1993), 917-962.
20. G.A. Jones and J.M. Jones, Information and Coding Theory, Springer, London, UK, 2000.
21. D. Kahneman and A. Tversky, Subjective probability: A judgment of representativeness, Cognitive Psychology 3 (1972), 430-454.
22. J.J. Koehler, The base rate fallacy reconsidered: Descriptive, normative, and methodological challenges, Behavioral and Brain Sciences 19(1) (1996), 51-53.
23. D. Kozen, Semantics of probabilistic programs, Journal of Computer and System Sciences 22 (1981), 328-350.
24. G. Lowe, Quantifying information flow, in: Proceedings of the 15th IEEE Computer Security Foundations Workshop, Cape Breton, NS, Canada, 2002, pp. 18-31.
25. P. Malacaria, Assessing security threats of looping constructs, in: Proc. 34th ACM Symposium on Principles of Programming Languages, Nice, France, January 2007, pp. 225-235.
26. D. McCullough, Specifications for multi-level security and a hook-up property, in: Proceedings of the 1987 IEEE Symposium on Security and Privacy, Oakland, CA, 1987.
27. A. McIver and C. Morgan, A probabilistic approach to information hiding, in: Programming Methodology, Chapter 20, Springer, New York, NY, 2003, pp. 441-460.
28. A. McIver and C. Morgan, Abstraction, Refinement and Proof for Probabilistic Systems, Springer, New York, NY, 2004.
29. J. McLean, Security models and information flow, in: Proceedings of the 1990 IEEE Symposium on Security and Privacy, Oakland, CA, 1990, pp. 180-189.
30. J. McLean, Proving noninterference and functional correctness using traces, Journal of Computer Security 1(1) (1992), 37-57.
31. J. Millen, Covert channel capacity, in: Proceedings of the 1987 IEEE Symposium on Security and Privacy, Oakland, CA, 1987, pp. 60-66.
32. L.H. Ramshaw, Formalizing the analysis of algorithms, PhD thesis, Stanford University, 1979; available as technical report, XEROX PARC, 1981.
33. A.W. Roscoe, CSP and determinism in security modelling, in: Proc. IEEE Symp. on Security and Privacy, Oakland, CA, 1995, pp. 114-127.
34. D. Sutherland, A model of information, in: Proceedings of the 9th National Computer Security Conference, Washington, DC, September 1986, pp. 175-183.
35. D. Volpano, Secure introduction of one-way functions, in: Proc. 13th IEEE Computer Security Foundations Workshop, Cambridge, UK, 2000, pp. 246-254.
36. D. Volpano and G. Smith, Confinement properties for programming languages, SIGACT News 29(3) (1998), 33-42.
37. D. Volpano and G. Smith, Verifying secrets and relative secrecy, in: Proc. 27th ACM Symposium on Principles of Programming Languages, Boston, MA, 2000, pp. 268-276.
38. D.G. Weber, Quantitative hook-up security for covert channel analysis, in: Proc. First IEEE Computer Security Foundations Workshop, Franconia, NH, 1988, pp. 58-71.
39. G. Winskel, The Formal Semantics of Programming Languages: An Introduction, MIT Press, Cambridge, MA, 1993.
40. J.T. Wittbold and D. Johnson, Information flow in nondeterministic systems, in: Proceedings of the 1990 IEEE Symposium on Security and Privacy, Oakland, CA, 1990, pp. 144-161.
41. S. Zdancewic and A.C. Myers, Observational determinism for concurrent program security, in: Proceedings of the 16th IEEE Computer Security Foundations Workshop, Pacific Grove, CA, 2003, pp. 29-43.