Mário S. Alvim, Konstantinos Chatzikokolakis, Annabelle McIver, Carroll Morgan, Catuscia Palamidessi, Geoffrey Smith

The Science of Quantitative Information Flow (eBook, PDF)

• Format: PDF

Produktbeschreibung

This book presents a comprehensive mathematical theory that explains precisely what information flow is, how it can be assessed quantitatively - so bringing precise meaning to the intuition that certain information leaks are small enough to be tolerated - and how systems can be constructed that achieve rigorous, quantitative information-flow guarantees in those terms. It addresses the fundamental challenge that functional and practical requirements frequently conflict with the goal of preserving confidentiality, making perfect security unattainable.

Topics include: a systematic presentation of how unwanted information flow, i.e., "leaks", can be quantified in operationally significant ways and then bounded, both with respect to estimated benefit for an attacking adversary and by comparisons between alternative implementations; a detailed study of capacity, refinement, and Dalenius leakage, supporting robust leakage assessments; a unification of information-theoretic channels and information-leaking sequential programs within the same framework; and a collection of case studies, showing how the theory can be applied to interesting realistic scenarios.

The text is unified, self-contained and comprehensive, accessible to students and researchers with some knowledge of discrete probability and undergraduate mathematics, and contains exercises to facilitate its use as a course textbook.

---

Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in A, B, BG, CY, CZ, D, DK, EW, E, FIN, F, GR, HR, H, IRL, I, LT, L, LR, M, NL, PL, P, R, S, SLO, SK ausgeliefert werden.

Produktdetails

• Verlag: Springer International Publishing
• Seitenzahl: 478
• Erscheinungstermin: 23. September 2020
• Englisch
• ISBN-13: 9783319961316
• Artikelnr.: 62299088

Autorenporträt

Mário S. Alvim is assistant professor in the Computer Science Department of the Universidade Federal de Minas Gerais in Belo Horizonte. His current research interests include formal methods for security and privacy, as well as applications of quantitative information flow to fields beyond security. Kostas Chatzikokolakis is associate professor at the University of Athens. He works on security and privacy, in particular quantitative information flow, location privacy, and differential privacy. Annabelle McIver is professor in the Dept. of Computing at Macquarie University in Sydney. She works on mathematical techniques for the verification of probabilistic systems. Carroll Morgan is professor in the School of Engineering and Computer Science at the University of New South Wales, and is affiliated with the Trustworthy Systems Group of CSIRO's Data61. His current interests are quantitative information flow, program derivation (including security), and proved correctness of multicore operating-system kernels. Catuscia Palamidessi is director of research at Inria Saclay. She is the leader of COMÈTE, a research team in the Inria and École Polytechnique shared lab. Her main research interests are quantitative information flow, privacy, and concurrency theory. Geoffrey Smith is professor in the School of Computing and Information Sciences of Florida International University in Miami. His current research interests include quantitative information flow and its applications to cryptography.

Inhaltsangabe

Part I, Motivation.- Introduction.- Part II, Secrets and How to Measure Them.- Modeling Secrets.- On g-Vulnerability.- Part III, Channels and Information Leakage.- Channels.- Posterior Vulnerability and Leakage.- Robustness.- Capacity.- Composition of Channels.- Refinement.- The Dalenius Perspective.- Axiomatics.- The Geometry of Hypers, Gains, and Losses.- Part IV, Information Leakage in Sequential Programs.- Quantitative Information Flow in Sequential Computer Programs.- Hidden-Markov Modeling of QIF in Programs.- Program Algebra for QIF.- Iteration and Non-termination.- A Demonic Lattice of Information.- Part V, Applications.- The Crowds Protocol.- Timing Attacks on Blinded and Bucketed Cryptography.- Defense Against Side Channels.- Multi-party Computation: The Three Judges Protocol.- Voting Systems.- Differential Privacy.- Glossary and Index.