2012 IEEE Symposium on Security and Privacy (2010)
Berkeley, California, USA
May 16, 2010 to May 19, 2010
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.2010.13
Belief and vulnerability have been proposed recently to quantify information flow in security systems. Both concepts stand as alternatives to the traditional approaches founded on Shannon entropy and mutual information, which were shown to provide inadequate security guarantees. In this paper we unify the two concepts in one model so as to cope with (potentially inaccurate) attackers' extra knowledge. To this end we propose a new metric based on vulnerability that takes into account the adversary's beliefs.
Security, information hiding, information flow, quantitative and probabilistic models, uncertainty, accuracy, data confidentiality, belief, vulnerability
Vladimiro Sassone, Catuscia Palamidessi, Sardaouna Hamadou, "Reconciling Belief and Vulnerability in Information Flow", 2012 IEEE Symposium on Security and Privacy, vol. 00, no. , pp. 79-92, 2010, doi:10.1109/SP.2010.13