2010 IEEE Symposium on Security and Privacy (2010)
Berkeley, California, USA
May 16, 2010 to May 19, 2010
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.2010.13
Belief and vulnerability have been proposed recently to quantify information flow in security systems. Both concepts stand as alternatives to the traditional approaches founded on Shannon entropy and mutual information, which were shown to provide inadequate security guarantees. In this paper we unify the two concepts in one model so as to cope with (potentially inaccurate) attackers' extra knowledge. To this end we propose a new metric based on vulnerability that takes into account the adversary's beliefs.
Security, information hiding, information flow, quantitative and probabilistic models, uncertainty, accuracy, data confidentiality, belief, vulnerability
V. Sassone, C. Palamidessi and S. Hamadou, "Reconciling Belief and Vulnerability in Information Flow," 2010 IEEE Symposium on Security and Privacy(SP), Berkeley, California, USA, 2010, pp. 79-92.