References

  1. (2010): Proceedings of the 23rd IEEE Computer Security Foundations Symposium, CSF 2010, Edinburgh, United Kingdom, July 17-19, 2010. IEEE Computer Society.
  2. Samson Abramsky (1991): Domain Theory in Logical Form. Ann. Pure Appl. Logic 51(1-2), pp. 1–77. Available at http://dx.doi.org/10.1016/0168-0072(91)90065-T.
  3. Michael Backes, Matthias Berg & Boris Köpf (2011): Non-uniform distributions in quantitative information-flow. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS '11. ACM, New York, NY, USA, pp. 367–375. Available at http://doi.acm.org/10.1145/1966913.1966960.
  4. Michael Backes, Boris Köpf & Andrey Rybalchenko (2009): Automatic Discovery and Quantification of Information Leaks. In: IEEE Symposium on Security and Privacy. IEEE Computer Society, pp. 141–153. Available at http://dx.doi.org/10.1109/SP.2009.18.
  5. Gilles Barthe, Pedro R. D'Argenio & Tamara Rezk (2004): Secure Information Flow by Self-Composition. In: CSFW. IEEE Computer Society, pp. 100–114. Available at http://doi.ieeecomputersociety.org/10.1109/CSFW.2004.17.
  6. Christelle Braun, Konstantinos Chatzikokolakis & Catuscia Palamidessi (2009): Quantitative Notions of Leakage for One-try Attacks. Electr. Notes Theor. Comput. Sci. 249, pp. 75–91. Available at http://dx.doi.org/10.1016/j.entcs.2009.07.085.
  7. Pavol Černý, Krishnendu Chatterjee & Thomas A. Henzinger (2011): The Complexity of Quantitative Information Flow Problems. In: CSF. IEEE Computer Society, pp. 205–217. Available at http://doi.ieeecomputersociety.org/10.1109/CSF.2011.21.
  8. David Clark, Sebastian Hunt & Pasquale Malacaria (2005): Quantified Interference for a While Language. Electr. Notes Theor. Comput. Sci. 112, pp. 149–166. Available at http://dx.doi.org/10.1016/j.entcs.2004.01.018.
  9. David Clark, Sebastian Hunt & Pasquale Malacaria (2007): A static analysis for quantifying information flow in a simple imperative language. J. Comput. Secur. 15, pp. 321–371. Available at http://dl.acm.org/citation.cfm?id=1370628.1370629.
  10. Michael R. Clarkson, Andrew C. Myers & Fred B. Schneider (2005): Belief in Information Flow. In: CSFW. IEEE Computer Society, pp. 31–45. Available at http://dx.doi.org/10.1109/CSFW.2005.10.
  11. Michael R. Clarkson & Fred B. Schneider (2010): Hyperproperties. Journal of Computer Security 18(6), pp. 1157–1210. Available at http://dx.doi.org/10.3233/JCS-2009-0393.
  12. Ellis S. Cohen (1977): Information Transmission in Computational Systems. In: SOSP, pp. 133–139. Available at http://doi.acm.org/10.1145/800214.806556.
  13. Ádám Darvas, Reiner Hähnle & David Sands (2005): A Theorem Proving Approach to Analysis of Secure Information Flow. In: Dieter Hutter & Markus Ullmann: SPC, Lecture Notes in Computer Science 3450. Springer, pp. 193–209. Available at http://dx.doi.org/10.1007/978-3-540-32004-3_20.
  14. Dorothy Elizabeth Robling Denning (1982): Cryptography and data security. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA.
  15. Cormac Flanagan & James B. Saxe (2001): Avoiding exponential explosion: generating compact verification conditions. In: POPL, pp. 193–205. Available at http://doi.acm.org/10.1145/360204.360220.
  16. Joseph A. Goguen & José Meseguer (1982): Security Policies and Security Models. In: IEEE Symposium on Security and Privacy, pp. 11–20.
  17. Jonathan Heusser & Pasquale Malacaria (2009): Applied Quantitative Information Flow and Statistical Databases. In: Pierpaolo Degano & Joshua D. Guttman: Formal Aspects in Security and Trust, Lecture Notes in Computer Science 5983. Springer, pp. 96–110. Available at http://dx.doi.org/10.1007/978-3-642-12459-4_8.
  18. Boris Köpf & David A. Basin (2007): An information-theoretic model for adaptive side-channel attacks. In: Peng Ning, Sabrina De Capitani di Vimercati & Paul F. Syverson: ACM Conference on Computer and Communications Security. ACM, pp. 286–296. Available at http://doi.acm.org/10.1145/1315245.1315282.
  19. Boris Köpf & Andrey Rybalchenko (2010): Approximation and Randomization for Quantitative Information-Flow Analysis. In: CSF, pp. 3–14. Available at http://doi.ieeecomputersociety.org/10.1109/CSF.2010.8.
  20. Boris Köpf & Geoffrey Smith (2010): Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks. In: CSF, pp. 44–56. Available at http://doi.ieeecomputersociety.org/10.1109/CSF.2010.11.
  21. K. Rustan M. Leino (2005): Efficient weakest preconditions. Inf. Process. Lett. 93(6), pp. 281–288. Available at http://dx.doi.org/10.1016/j.ipl.2004.10.015.
  22. Pasquale Malacaria (2007): Assessing security threats of looping constructs. In: Martin Hofmann & Matthias Felleisen: POPL. ACM, pp. 225–235. Available at http://doi.acm.org/10.1145/1190216.1190251.
  23. Pasquale Malacaria & Han Chen (2008): Lagrange multipliers and maximum information leakage in different observational models. In: Úlfar Erlingsson & Marco Pistoia: PLAS. ACM, pp. 135–146. Available at http://doi.acm.org/10.1145/1375696.1375713.
  24. James L. Massey (1994): Guessing and Entropy. In: ISIT '94: Proceedings of the 1994 IEEE International Symposium on Information Theory, pp. 204. Available at http://dx.doi.org/10.1109/ISIT.1994.394764.
  25. Stephen McCamant & Michael D. Ernst (2008): Quantitative information flow as network flow capacity. In: Rajiv Gupta & Saman P. Amarasinghe: PLDI. ACM, pp. 193–205. Available at http://doi.acm.org/10.1145/1375581.1375606.
  26. David A. Naumann (2006): From Coupling Relations to Mated Invariants for Checking Information Flow. In: Dieter Gollmann, Jan Meier & Andrei Sabelfeld: ESORICS, Lecture Notes in Computer Science 4189. Springer, pp. 279–296. Available at http://dx.doi.org/10.1007/11863908_18.
  27. James Newsome, Stephen McCamant & Dawn Song (2009): Measuring channel capacity to distinguish undue influence. In: Stephen Chong & David A. Naumann: PLAS. ACM, pp. 73–85. Available at http://doi.acm.org/10.1145/1554339.1554349.
  28. Claude Shannon (1948): A Mathematical Theory of Communication. Bell System Technical Journal 27, pp. 379–423, 623–656. Available at http://doi.acm.org/10.1145/584091.584093.
  29. Geoffrey Smith (2009): On the Foundations of Quantitative Information Flow. In: Luca de Alfaro: FOSSACS, Lecture Notes in Computer Science 5504. Springer, pp. 288–302. Available at http://dx.doi.org/10.1007/978-3-642-00596-1_21.
  30. Tachio Terauchi & Alexander Aiken (2005): Secure Information Flow as a Safety Problem. In: Chris Hankin & Igor Siveroni: SAS, Lecture Notes in Computer Science 3672. Springer, pp. 352–367. Available at http://dx.doi.org/10.1007/11547662_24.
  31. Hiroshi Unno, Naoki Kobayashi & Akinori Yonezawa (2006): Combining type-based analysis and model checking for finding counterexamples against non-interference. In: Vugranam C. Sreedhar & Steve Zdancewic: PLAS. ACM, pp. 17–26. Available at http://doi.acm.org/10.1145/1134744.1134750.
  32. Hirotoshi Yasuoka & Tachio Terauchi (2010): On Bounding Problems of Quantitative Information Flow. In: Dimitris Gritzalis, Bart Preneel & Marianthi Theoharidou: ESORICS, Lecture Notes in Computer Science 6345. Springer, pp. 357–372. Available at http://dx.doi.org/10.1007/978-3-642-15497-3_22.
  33. Hirotoshi Yasuoka & Tachio Terauchi (2010): Quantitative Information Flow - Verification Hardness and Possibilities. In: CSF, pp. 15–27. Available at http://doi.ieeecomputersociety.org/10.1109/CSF.2010.9.
  34. Hirotoshi Yasuoka & Tachio Terauchi (2011): On Bounding Problems of Quantitative Information Flow (Extended version). Journal of Computer Security 19(6), pp. 1029–1082. Available at http://dx.doi.org/10.3233/JCS-2011-0437.
  35. Hirotoshi Yasuoka & Tachio Terauchi (2011): Quantitative Information Flow as Safety and Liveness Hyperproperties. Available at http://www.kb.ecei.tohoku.ac.jp/~yasuoka.
Comments and questions to: eptcs@eptcs.org
For website issues: webmaster@eptcs.org