Reconciling Belief and Vulnerability in Information Flow

Author

Hamadou, Sardaouna ; Sassone, Vladimiro ; Palamidessi, Catuscia

Author_Institution

Sch. of Electron. & Comput. Sci. (ECS), Univ. of Southampton, Southampton, UK

fYear

2010

fDate

16-19 May 2010

Firstpage

Lastpage

Abstract

Belief and vulnerability have been proposed recently to quantify information flow in security systems. Both concepts stand as alternatives to the traditional approaches founded on Shannon entropy and mutual information, which were shown to provide inadequate security guarantees. In this paper we unify the two concepts in one model so as to cope with (potentially inaccurate) attackers´ extra knowledge. To this end we propose a new metric based on vulnerability that takes into account the adversary´s beliefs.

Keywords

Assembly; Computational modeling; Computer architecture; Digital signal processing; Digital signal processing chips; Educational institutions; Large scale integration; Logic; Registers; Telecommunication control; Security; accuracy; belief; data confidentiality; information flow; information hiding; quantitative and probabilistic models; uncertainty; vulnerability;

fLanguage

English

Publisher

ieee

Conference_Titel

Security and Privacy (SP), 2010 IEEE Symposium on

Conference_Location

Oakland, CA, USA

ISSN

1081-6011

Print_ISBN

978-1-4244-6894-2

Electronic_ISBN

1081-6011

Type

conf

DOI

10.1109/SP.2010.13

Filename

5504709

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2944644