The University of Southampton
University of Southampton Institutional Repository

Reconciling Belief and Vulnerability in Information Flow

Reconciling Belief and Vulnerability in Information Flow
Reconciling Belief and Vulnerability in Information Flow
Belief and vulnerability have been proposed re- cently to quantify information flow in security systems. Both concepts stand as alternatives to the traditional approaches founded on Shannon entropy and mutual information, which were shown to provide inadequate security guarantees. In this paper we unify the two concepts in one model so as to cope with (potentially inaccurate) attackers’ extra knowledge. To this end we propose a new metric based on vulnerability that takes into account the adversary’s beliefs.
information hiding, information flow, quantitative and probabilistic models, uncertainty, accuracy
79-92
Hamadou, Sardaouna
a3681473-229f-423a-8113-b466cd1b5e98
Sassone, Vladimiro
df7d3c83-2aa0-4571-be94-9473b07b03e7
Palamidessi, Catuscia
a62c01bb-aec0-490b-bd05-b9081954b88f
Hamadou, Sardaouna
a3681473-229f-423a-8113-b466cd1b5e98
Sassone, Vladimiro
df7d3c83-2aa0-4571-be94-9473b07b03e7
Palamidessi, Catuscia
a62c01bb-aec0-490b-bd05-b9081954b88f

Hamadou, Sardaouna, Sassone, Vladimiro and Palamidessi, Catuscia (2010) Reconciling Belief and Vulnerability in Information Flow. IEEE Symposium of Security and Privacy. pp. 79-92 .

Record type: Conference or Workshop Item (Paper)

Abstract

Belief and vulnerability have been proposed re- cently to quantify information flow in security systems. Both concepts stand as alternatives to the traditional approaches founded on Shannon entropy and mutual information, which were shown to provide inadequate security guarantees. In this paper we unify the two concepts in one model so as to cope with (potentially inaccurate) attackers’ extra knowledge. To this end we propose a new metric based on vulnerability that takes into account the adversary’s beliefs.

Text
BANDV09.pdf - Version of Record
Download (390kB)

More information

Published date: April 2010
Venue - Dates: IEEE Symposium of Security and Privacy, 2010-04-01
Keywords: information hiding, information flow, quantitative and probabilistic models, uncertainty, accuracy
Organisations: Web & Internet Science

Identifiers

Local EPrints ID: 268592
URI: http://eprints.soton.ac.uk/id/eprint/268592
PURE UUID: e6342816-e1a5-41d6-97e9-4f523014b3eb

Catalogue record

Date deposited: 12 Mar 2010 11:09
Last modified: 09 Dec 2019 20:10

Export record

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×