Faculty of Computing and Information Science >
Computing and Information Science >
Computing and Information Science Technical Reports >
Please use this identifier to cite or link to this item:
|Title: ||Belief in Information Flow|
|Authors: ||Clarkson, Michael R.|
Myers, Andrew C.
Schneider, Fred B.
|Keywords: ||computer science|
|Issue Date: ||10-Feb-2005|
|Publisher: ||Cornell University|
|Abstract: ||Measurement of information flow requires a definition of leakage,
which traditionally has been defined to occur when an attacker's uncertainty about secret data is reduced. We show that this uncertainty-based approach is inadequate for measuring information flow when an attacker is making assumptions about secret inputs and these assumptions might be incorrect. Moreover, we show that such attacker beliefs are an unavoidable aspect of any satisfactory definition of leakage. To reason about information flow based on beliefs, we develop a model that describes how an attacker's belief changes due to the attacker's observation of the execution of a probabilistic (or deterministic) program. The model leads to a new metric for quantitative information flow that measures accuracy rather than uncertainty of beliefs.|
|Appears in Collections:||Computing and Information Science Technical Reports|
Items in eCommons are protected by copyright, with all rights reserved, unless otherwise indicated.