Uniform Protection for Multi-exposed Targets

Abstract : Ensuring that information is protected proportionately to its value is a major challenge in the development of robust distributed systems, where code complexity and technological constraints might allow reaching a key functionality along various paths. We propose a protection analysis over the Quality Calculus that computes the combinations of data required to reach a program point and relates them to a notion of cost. In this way, we can compare the security deployed on different paths that expose the same resource. The analysis is formalised in terms of flow logic, and is implemented as an optimisation problem encoded into Satisfiability Modulo Theories, allowing us to deal with complex cost structures. The usefulness of the approach is demonstrated on the study of password recovery systems.
Type de document :
Communication dans un congrès
Erika Ábrahám; Catuscia Palamidessi. 34th Formal Techniques for Networked and Distributed Systems (FORTE), Jun 2014, Berlin, Germany. Springer, Lecture Notes in Computer Science, LNCS-8461, pp.182-198, 2014, Formal Techniques for Distributed Objects, Components, and Systems. 〈10.1007/978-3-662-43613-4_12〉
Liste complète des métadonnées

Littérature citée [16 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01398016
Contributeur : Hal Ifip <>
Soumis le : mercredi 16 novembre 2016 - 15:37:17
Dernière modification le : mercredi 16 novembre 2016 - 16:23:24
Document(s) archivé(s) le : jeudi 16 mars 2017 - 14:49:04

Fichier

978-3-662-43613-4_12_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Roberto Vigo, Flemming Nielson, Hanne Nielson. Uniform Protection for Multi-exposed Targets. Erika Ábrahám; Catuscia Palamidessi. 34th Formal Techniques for Networked and Distributed Systems (FORTE), Jun 2014, Berlin, Germany. Springer, Lecture Notes in Computer Science, LNCS-8461, pp.182-198, 2014, Formal Techniques for Distributed Objects, Components, and Systems. 〈10.1007/978-3-662-43613-4_12〉. 〈hal-01398016〉

Partager

Métriques

Consultations de la notice

33

Téléchargements de fichiers

10