The Cardinal Abstraction for Quantitative Information Flow

Mounir Assaf; Julien Signoles; Eric Totel; Frédéric Tronel

Conference Papers Year :

The Cardinal Abstraction for Quantitative Information Flow

(1, 2) , (2) , (1) , (1)

1
2

Mounir Assaf

Function : Author
PersonId : 765043
IdRef : 187670994

Confidentialité, Intégrité, Disponibilité et Répartition

Laboratoire Sûreté des Logiciels

Julien Signoles

Function : Author

Laboratoire Sûreté des Logiciels

Eric Totel

Function : Author
PersonId : 5636
IdHAL : etotel
IdRef : 059780681

Confidentialité, Intégrité, Disponibilité et Répartition

Frédéric Tronel

Function : Author
PersonId : 4608
IdHAL : ftronel
ORCID : 0000-0002-2420-6105
IdRef : 075985314

Confidentialité, Intégrité, Disponibilité et Répartition

Abstract

Qualitative information flow aims at detecting information leaks, whereas the emerging quantitative techniques target the estimation of information leaks. Quantifying information flow in the presence of low inputs is challenging, since the traditional techniques of approximating and counting the reachable states of a program no longer suffice. This paper proposes an automated quantitative information flow analysis for imperative deterministic programs with low inputs. The approach relies on a novel abstract domain, the cardinal abstraction, in order to compute a precise upper-bound over the maximum leakage of batch-job programs. We prove the soundness of the cardinal abstract domain by relying on the framework of abstract interpretation. We also prove its precision with respect to a flow-sensitive type system for the two-point security lattice.

Domains

Computer Science [cs] Cryptography and Security [cs.CR]

Fichier principal

main.pdf (347.73 Ko)

Origin : Files produced by the author(s)

Eric Totel : Connect in order to contact the contributor

https://hal.inria.fr/hal-01334604

Submitted on : Friday, August 5, 2016-5:31:32 AM

Last modification on : Friday, February 18, 2022-3:09:09 AM

Dates and versions

hal-01334604 , version 1 (05-08-2016)

Identifiers

HAL Id : hal-01334604 , version 1

Cite

Mounir Assaf, Julien Signoles, Eric Totel, Frédéric Tronel. The Cardinal Abstraction for Quantitative Information Flow. Workshop on Foundations of Computer Security 2016 (FCS 2016), Jun 2016, Lisbon, Portugal. ⟨hal-01334604⟩

Export

BibTeX TEI Dublin Core DC Terms EndNote Datacite

Collections

INSERM CEA INSTITUT-TELECOM UNIV-RENNES1 CNRS INRIA INSA-RENNES IRISA SUP_CIDRE CENTRALESUPELEC IRISA-D1 DRT INRIA2 CEA-UPSAY UR1-MATH-STIC UR1-UFR-ISTIC LIST UNIV-RENNES UR1-MATH-NUM GS-ENGINEERING GS-COMPUTER-SCIENCE

292 View

132 Download

The Cardinal Abstraction for Quantitative Information Flow

Abstract

Domains

Dates and versions

Identifiers

Cite

Export

Collections

Share