Quantitative Analysis of Secure Information Flow Via Probabilistic Semantics

Download Now Free registration required

Executive Summary

The authors present an automatic analyzer for measuring information flow within software systems. In this paper, they quantify leakage in terms of information theory and incorporate this computation into probabilistic semantics. Their semantic functions provide information flow measurement for programs given secure inputs under any probability distribution. The major contribution is an automatic quantitative analyzer based on the leakage definition for such a language. While-loops are handled by applying entropy of generalized distributions and related properties in order to provide the analysis with the ability to incorporate the observation of elapsed time.

  • Format: PDF
  • Size: 371.7 KB