Quantification of integrity

Proceedings - IEEE Computer Security Foundations Symposium

Volumn , Issue , 2010, Pages 28-43

  Clarkson, Michael R ^a   Schneider, Fred B ^a  

^a Department of Computer Science and School of Operations Research and Information Engineering   (United States)

Author keywords

Database privacy; Information theory; Integrity; Quantitative information flow

Indexed keywords

CHANNEL OUTPUT; DATABASE PRIVACY; IMPLEMENTATION ERROR; INFORMATION FLOWS; INTEGRITY; INTEGRITY MEASURES; NOISY CHANNEL; QUANTITATIVE INFORMATION;

INFORMATION THEORY; SECURITY SYSTEMS;

DATABASE SYSTEMS;

EID: 77957559995     PISSN: 19401434     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2010.10     Document Type: Conference Paper

References (51)

1. D. Denning, Cryptography and Data Security. Reading, Massachusetts: Addison-Wesley, 1982.
2. J. Millen, "Covert channel capacity, " in Proc. IEEE Symposium on Security and Privacy, Apr. 1987, pp. 60-66.
3. V. L. Voydock and S. T. Kent, "Security mechanisms in highlevel network protocols, " Computing Surveys, vol. 15, no. 2, Jun. 1983.
4. D. D. Clark and D. R. Wilson, "A comparison of commercial and military computer security policies, " in Proc. IEEE Symposium on Security and Privacy, Apr. 1987, pp. 184-194.
5. International Organization for Standardization, "Information processing systems: Open systems interconnection-basic reference model, Part 2: Security architecture, ISO 7498-2, " 1989.
6. Commission of the European Communities (ECSC, EEC, EAEC), "Information Technology Security Evaluation Criteria: Provisional harmonised criteria, " Jun. 1991, document COM(90) 314, Version 1.2.
7. National Research Council, Computers at Risk: Safe Computing in the Information Age. Washington, D.C.: National Academy Press, 1991.
8. "Common Criteria for Information Technology Security Evaluation: Part 1: Introduction and general model, " Sep. 2005, cCMB-2006-09-001, Version 3.1, Revision 1. Available from www.commoncriteriaportal.org.
9. L. Wall, T. Christiansen, and R. L. Schwartz, Programming Perl, 2nd ed. Sebastopol, California: O'Reilly, 1996.
10. G. E. Suh, J. W. Lee, D. Zhang, and S. Devedas, "Secure program execution via dynamic information flow tracking, " in Proc. ACM Conference on Architectural Support for Programming Languages and Systems, Oct. 2004, pp. 85-96.
11. V. B. Livshits and M. S. Lam, "Finding security vulnerabilities in Java applications with static analysis, " in Proc. USENIX Security Symposium, Aug. 2005, pp. 271-286.
12. J. Newsome and D. Song, "Dynamic taint analysis for automatic detection, analysis and signature generation of exploits on commodity software, " in Proc. Symposium on Network and Distributed System Security, Feb. 2005, available from http://www.isoc.org/isoc/conferences/ndss/05/proceedings/papers/ taintcheck.pdf.
13. W. Xu, S. Bhatkar, and R. Sekar, "Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks, " in Proc. USENIX Security Symposium, Aug. 2006, pp. 121-136.
14. K. Biba, "Integrity considerations for secure computer systems, " MITRE Corporation, Tech. Rep. MTR-3153, Apr. 1977.
15. D. Clark, S. Hunt, and P. Malacaria, "Quantitative information flow, relations and polymorphic types, " Journal of Logic and Computation, vol. 18, no. 2, pp. 181-199, 2005.
16. M. R. Clarkson, A. C. Myers, and F. B. Schneider, "Quantifying information flow with beliefs, " Journal of Computer Security, vol. 17, no. 5, pp. 655-701, 2009.
17. J. Newsome, S. McCamant, and D. Song, "Measuring channel capacity to distinguish undue influence, " in Proc. ACM Workshop on Programming Languages and Analysis for Security, Jun. 2009, available from http://doi.acm.org/10.1145/1554339.1554349.
18. C. E. Shannon, "A mathematical theory of communication, " Bell System Technical Journal, vol. 27, pp. 379-423, 623- 656, 1948.
19. M. R. Clarkson and F. B. Schneider, "Quantification of integrity, " Cornell University Computing and Information Science Technical Report, http://hdl.handle.net/1813/14470May 2010.
20. D. S. Jones, Elementary Information Theory. Oxford: Clarendon Press, 1979.
21. T. M. Cover and J. A. Thomas, Elements of Information Theory. New York: John Wiley & Sons, 1991.
22. D. Clark, S. Hunt, and P. Malacaria, "A static analysis for quantifying information flow in a simple imperative language, " Journal of Computer Security, vol. 15, no. 3, pp. 321-371, 2007.
23. D. Kozen, "Semantics of probabilistic programs, " Journal of Computer and System Sciences, vol. 22, pp. 328-350, 1981.
24. F. B. Schneider, "Enforceable security policies, " ACM Transactions on Information and System Security, vol. 3, no. 1, pp. 30-50, 2000.
25. J. Adámek, Foundations of Coding. New York: John Wiley and Sons, 1991.
26. M. Rinard, C. Cadar, D. Dumitran, D. M. Roy, T. Leu, and W. S. Beebee, Jr., "Enhancing server availability and security through failure-oblivious computing, " in Proc. USENIX Symposium on Operating System Design and Implementation, Dec. 2004, pp. 303-316.
27. M. R. Clarkson, A. C. Myers, and F. B. Schneider, "Belief in information flow, " in Proc. IEEE Computer Security Foundations Workshop, Jun. 2005, pp. 31-45.
28. L. Sweeney, "Achieving k-anonymity privacy protection using generalization and suppression, " International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, vol. 10, no. 5, pp. 571-588, 2002.
29. A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam, " E-diversity: Privacy beyond k-anonymity, " ACM Transactions on Knowledge Discovery from Data, vol. 1, no. 1, 2007.
30. R. Murphy, "An analysis of the distribution of birthdays in a calendar year, " http://www.panix.com/∼murphy/bday.html, accessed Dec. 29, 2009.
31. A. Øhrn and L. Ohno-Machado, "Using Boolean reasoning to anonymize databases, " Artificial Intelligence in Medicine, vol. 15, no. 3, pp. 235-254, 1999.
32. D. Kifer and J. Gehrke, "Injecting utility into anonymized datasets, " in Proc. ACM Conference on Management of Data, Jun. 2006, pp. 217-228.
33. J. W. Gray, III, "Toward a mathematical foundation for information flow security, " in Proc. IEEE Symposium on Security and Privacy, May 1991, pp. 21-35.
34. G. Lowe, "Quantifying information flow, " in Proc. IEEE Computer Security Foundations Workshop, Jun. 2002, pp. 18- 31.
35. D. Clark, S. Hunt, and P. Malacaria, "Quantified interference for a while language, " Electronic Notes in Theoretical Computer Science, vol. 112, pp. 149-166, Jan. 2005.
36. S. McCamant and M. D. Ernst, "Quantitative information flow as network capacity, " in Proc. ACM Conference on Programming Language Design and Implementation, Jun. 2008, pp. 193-205.
37. M. Backes, B. Köpf, and A. Rybalchenko, "Automated discovery and quantification of information leaks, " in Proc. IEEE Symposium on Security and Privacy, May 2009, pp. 141-153.
38. J. Heusser and P. Malacaria, "Applied quantitative information flow and statistical databases, " in Workshop on Formal Aspects in Security and Trust, Nov. 2009.
39. D. E. Bell and L. J. LaPadula, "Secure computer systems: Mathematical foundations, " MITRE Corporation, Tech. Rep. 2547, Volume1, Mar. 1973.
40. A. C. Myers, "JFlow: Practical mostly-static information flow control, " in Proc. ACM Symposium on Principles of Programming Languages, 1999, pp. 228-241.
41. F. Pottier and V. Simonet, "Information flow inference for ML, " ACM Transactions on Programming Languages and Systems, vol. 25, no. 1, pp. 117-158, Jan. 2003.
42. S. Zdancewic, L. Zheng, N. Nystrom, and A. C. Myers, "Untrusted hosts and confidentiality: Secure program partitioning, " in Proc. ACM Symposium on Operating Systems Principles, Oct. 2001, pp. 1-14.
43. S. Zdancewic and A. C. Myers, "Robust declassification, " in Proc. IEEE Computer Security Foundations Workshop, Jun. 2001, pp. 15-23.
44. S. Chong, K. Vikram, and A. C. Myers, "SIF: Enforcing confidentiality and integrity in web applications, " in Proc. USENIX Security Symposium, Aug. 2007, pp. 1-16.
45. S. Chong, J. Liu, A. C. Myers, X. Qi, K. Vikram, L. Zheng, and X. Zheng, "Secure web applications via automatic partitioning, " in Proc. ACM Symposium on Operating Systems Principles, Oct. 2007, pp. 31-44.
46. J. Liu, M. D. George, K. Vikram, X. Qi, L. Waye, and A. C. Myers, "Fabric: A platform for secure distributed computation and storage, " in Proc. ACM Symposium on Operating Systems Principles, Oct. 2009, pp. 321-334.
47. M. Krohn, A. Yip, M. Brodsky, N. Cliffer, M. F. Kaashoek, E. Kohler, and R. Morris, "Information flow control for standard OS abstractions, " in Proc. ACM Symposium on Operating Systems Principles, Oct. 2007, pp. 321-334.
48. I. Roy, S. T. V. Setty, A. Kilzer, V. Shmatikov, and E. Witchel, "Airavat: Security and privacy for MapReduce, " in Proc. USENIX Symposium on Networked Systems Design and Implementation, Apr. 2010, pp. 297-312.
49. J. Dean and S. Ghemawat, "MapReduce: Simplified data processing on large clusters, " in Proc. USENIX Symposium on Operating System Design and Implementation, Dec. 2004, pp. 137-150.
50. C. Dwork, "Differential privacy, " in Proc. International Colloquium on Automata, Languages and Programming, Jul. 2006, pp. 1-12.
51. E. W. Scripture, "The need of psychological training, " Science, vol. 19, no. 474, pp. 127-128, Mar. 1892, available from http://www.jstor.org/stable/1766918.