Automatically Compute Information Flow Quantity Via Probabilistic Semantics

Date Added: Jun 2009
Format: PDF

Measuring information flow in software has recently become an active research topic in the security community. Information about confidential inputs may flow to public outputs in batch programs. It would be useful to quantify such flows in the computational world. In this paper, the authors present an automatic analyzer for measuring information flow within software systems. They quantify leakage in terms of information theory and incorporate this computation into probabilistic semantics. Their semantic functions provide information flow measurement for programs given secure inputs under any probability distribution.