6,923 Hits in 8.3 sec

Quantitative Analysis of the Leakage of Confidential Data

David Clark, Sebastian Hunt, Pasquale Malacaria
2002 Electronical Notes in Theoretical Computer Science  
doi:10.1016/s1571-0661(04)00290-7 fatcat:t6pkntlzzjdpjisl7ixmtyarey

Complexity and information flow analysis for multi-threaded programs

Tri Minh Ngo, Marieke Huisman
2017 The European Physical Journal Special Topics  
In this paper, besides reviewing classical analysis models, we present a novel model of quantitative analysis where the attacker is able to select the scheduling policy.  ...  This paper studies the security of multi-threaded programs. We combine two methods, i.e., qualitative and quantitative security analysis, to check whether a multi-threaded program is secure or not.  ...  The quantitative security analysis proposed by Chen et al. [6] for multi-threaded programs defines the leakage of each scheduler interleaving.  ... 
doi:10.1140/epjst/e2016-60402-0 fatcat:hfgoo4kzuzevtgwwgmjsda43sq

Quantifying information leaks in software

Jonathan Heusser, Pasquale Malacaria
2010 Proceedings of the 26th Annual Computer Security Applications Conference on - ACSAC '10  
Leakage of confidential information represents a serious security risk.  ...  Despite a number of novel, theoretical advances, it has been unclear if and how quantitative approaches to measuring leakage of confidential information could be applied to substantial, real-world programs  ...  Acknowledgment We thank Peter O'Hearn for helpful comments on the paper.  ... 
doi:10.1145/1920261.1920300 dblp:conf/acsac/HeusserM10 fatcat:zpylz3y7bve2rmzyq4xqdtng5e

Information Leakage Prevention Model using MultiAgent Architecture in a Distributed Environment

Alese Boniface Kayode, Adewale Olumide Sunday, Alowolodu Olufunso Dayo, Adekunle Adewale Uthman
2020 International Journal of Innovative Science and Research Technology  
This research address the security issues of a multi-agent in a distributed environment providing a data leakage prevention model that effectively control data leakage, data loss and data theft from an  ...  Various cases of leakage of sensitive files such as confidential report and privacy documents of customers and staff have been reported mistakenly sent via email, leaked through unprotected USB Sticks  ...  The system was able to detect faulty party without tempering integrity of the real data. [8] researched on the significance of data leakage which gave the ideas leading to social network analysis and clustering  ... 
doi:10.38124/ijisrt20aug596 fatcat:2zisxykwanbuzewda4ng63t67m

Quantifying Information Leak Vulnerabilities [article]

Jonathan Heusser, Pasquale Malacaria
2010 arXiv   pre-print
Leakage of confidential information represents a serious security risk.  ...  Despite a number of novel, theoretical advances, it has been unclear if and how quantitative approaches to measuring leakage of confidential information could be applied to substantial, real-world programs  ...  access to confidential data.  ... 
arXiv:1007.0918v1 fatcat:ywz5as5amfaaldfdfdujispnwe

Information Security Risk Assessment of Smartphones using Bayesian Networks

Kristian Herland, Heikki H�mm�inen, Pekka Kekolahti
2016 Journal of Cyber Security and Mobility  
The identified risks'probabilities follow a long tail wherein the most probable risks include unintentional data disclosure, failures of device or network, shoulder surfing or eavesdropping and loss or  ...  The primary research method is a knowledge-based approach to build a causal Bayesian network model of information security risks and consequences.  ...  Figure 5 5 Qualitative model of the risk events which can cause the consequences leakage of personal data or leakage of confidential data.  ... 
doi:10.13052/jcsm2245-1439.424 fatcat:g446fbjblfbfzabn5sxrodoavu

Quantitative Information Flow: From Theory to Practice? [chapter]

Pasquale Malacaria
2010 Lecture Notes in Computer Science  
There are also positive applications of QIF, where the analysis should return high leakage; examples of this scenario are programs computing best fit representation for data, hash coding, image processing  ...  An application in the context of programming languages is for example to measure leakage of confidential information in programs.  ...  Implementation of the quantitative aspects of the analysis presents however a number of challenges [14] , the main being scalability and handling of data structures.  ... 
doi:10.1007/978-3-642-14295-6_3 fatcat:77ubu6ti4zcdjpvtliauq7oipi

QFlow: Quantitative Information Flow for Security-Aware Hardware Design in Verilog [article]

Lennart M. Reimann, Luca Hanel, Dominik Sisejkovic, Farhad Merchant, Rainer Leupers
2021 arXiv   pre-print
Especially vulnerabilities that compromise the confidentiality of sensitive data, such as cryptographic keys, have a major impact on the trustworthiness of an entire system.  ...  Information flow analysis can elaborate whether information from sensitive signals flows towards outputs or untrusted components of the system.  ...  This analysis allows a new classification of leakage paths supporting the identification of data leakages.  ... 
arXiv:2109.02379v1 fatcat:ll37r5alfrglnngx444ieolyra

Assessing the Data Leakage Prevention for Data-in-Use

Wan Hassan Basri, Maryati Yusof
2017 Pacific Asia Conference on Information Systems  
The outcome of this study is to propose a data leakage protection model for data in-use.  ...  Preventing data leakage is challenging since the insider's lack of awareness about the information's potential value can be manipulated by other parties.  ...  Nowadays, the Data Leakage Protection system (DLPs) is one of the technologies that helps to identify, detect and prevent the leakage of confidential information based on the in-depth analysis of content  ... 
dblp:conf/pacis/BasriY17 fatcat:qxjkcr3kcre5jdnxzsqxj7lcdm

Information-Theoretic Bounds for Differentially Private Mechanisms

Gilles Barthe, Boris Kopf
2011 2011 IEEE 24th Computer Security Foundations Symposium  
Each line of research has developed its own notion of confidentiality: on the one hand, differential privacy is the emerging consensus guarantee used for privacy-preserving data analysis.  ...  There are two active and independent lines of research that aim at quantifying the amount of information that is disclosed by computing on confidential data.  ...  Acknowledgments The authors would like to thank Miguel Andrés, Catuscia Palamidessi, and the anonymous reviewers for their helpful feedback. This research was supported by FP7-ICT Project NESSoS  ... 
doi:10.1109/csf.2011.20 dblp:conf/csfw/BartheK11 fatcat:fvgyg6bvvffrhbauh23bflgmsy

Privacy Analysis of Android Apps: Implicit Flows and Quantitative Analysis [chapter]

Gianluca Barbon, Agostino Cortesi, Pietro Ferrara, Marco Pistoia, Omer Tripp
2015 Lecture Notes in Computer Science  
analysis of information leakage.  ...  A static analysis is presented, based on the theory of abstract interpretation, for verifying privacy policy compliance by mobile applications.  ...  Work partially supported by the Italian MIUR project "Security Horizons".  ... 
doi:10.1007/978-3-319-24369-6_1 fatcat:ldtxjlko2zeb3nw6gdc7s7nvpu

Quantitative Security Analysis for Multi-threaded Programs

Tri Minh Ngo, Marieke Huisman
2013 Electronic Proceedings in Theoretical Computer Science  
This paper proposes a novel model of quantitative analysis for multi-threaded programs that also takes into account the effect of observables in intermediate states along the trace.  ...  Quantitative theories of information flow give us an approach to relax the absolute confidentiality properties that are difficult to satisfy for many practical programs.  ...  The authors would like to thank Catuscia Palamidessi and Kostas Chatzikokolakis for many fruitful discussions. Our work is supported by NWO as part of the SlaLoM project.  ... 
doi:10.4204/eptcs.117.3 fatcat:k5ilgiiaofd7tkfetxxhj4v7bm

Quantitative Security Analysis (Dagstuhl Seminar 12481)

Boris Köpf, Paquale Malacaria, Catuscia Palamidessi, Marc Herbstritt
2013 Dagstuhl Reports  
The high amount of trust put into today's software systems calls for a rigorous analysis of their security.  ...  Corresponding quantitative security analyses bear the potential of becoming an important tool for the rigorous development of practical systems, and a formal foundation for the management of security risks  ...  Attack Time Analysis An important concern in quantitative risk analysis is the quality of the data: how realistic are the probabilities attached to basic attack steps?  ... 
doi:10.4230/dagrep.2.11.135 dblp:journals/dagstuhl-reports/KopfMP12 fatcat:zlrdsjynqnfv3ehvlybivdnwre

Risk Assessment Quantification for BYOD Based on Practical Viewpoints

Teruo Endo, Shigeaki Tanimoto, Motoi Iwashita, Toru Kobayashi, Hiroyuki Sato, Atsushi Kanai
2022 International journal of service and knowledge management  
The results of this quantitative risk assessment are expected to help make the future use of BYOD safer and secure for companies.  ...  However, there are risks, such as information leakage of business information, an employee's personal information, etc., for the private terminal utilization instead of business use.  ...  exposure of confidential sales and internal data via BYOD 8 1.2.3 The leak-of-information issue of in-company confidential information Problems that could lead to the installation of malware and virus  ... 
doi:10.52731/ijskm.v6.i1.678 fatcat:uqqjy3cwijd3bgqsyuac4h764u

Probability of Data Leakage and Its Impacts on Confidentiality

Paul Simon, Scott Graham
2022 Proceedings of the ... European conference on information warfare and security  
The probability of data leakage is directly related to the probability of confidentiality and may be estimated based on the probabilities of data interception, decryption, and decoding.  ...  To simulate the behaviors of various communication architectures and the possibility of malicious interference, the probability of data leakage and its constituent metrics require a thorough analysis.  ...  The views expressed in this paper are those of the authors, and do not reflect the official policy or position of the United States Air  ... 
doi:10.34190/eccws.21.1.472 fatcat:c44zbvfi7fcfhoxkfljfo62hmu
« Previous Showing results 1 — 15 out of 6,923 results