Title :
Quantitative Analysis of Secure Information Flow via Probabilistic Semantics
Author :
Mu, Chunyan ; Clark, David
Author_Institution :
Dept. of Comput. Sci., King´´s Coll. London, London
Abstract :
We present an automatic analyzer for measuring information flow within software systems. In this paper, we quantify leakage in terms of information theory and incorporate this computation into probabilistic semantics. Our semantic functions provide information flow measurement for programs given secure inputs under any probability distribution. The major contribution is an automatic quantitative analyzer based on the leakage definition for such a language. While-loops are handled by applying entropy of generalized distributions and related properties in order to provide the analysis with the ability to incorporate the observation of elapsed time.
Keywords :
information theory; probability; security of data; automatic quantitative analyzer; probabilistic semantics; secure information flow; semantic function; Computer science; Educational institutions; Entropy; Fluid flow measurement; Information analysis; Information security; Information theory; Interference; Software measurement; Software systems; Flow; Information Theory; Language; Non-interference; Security; Semantics;
Conference_Titel :
Availability, Reliability and Security, 2009. ARES '09. International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4244-3572-2
Electronic_ISBN :
978-0-7695-3564-7
DOI :
10.1109/ARES.2009.88
