Authors:
- Computer systems that process sensitive information should preserve that information's confidentiality, but our current cyber-infrastructure is failing to achieve this goal: reports of massive-scale information disclosures are distressingly frequent
- Written by an international team of six experts, with diverse research backgrounds, whose work was recognized with the NSA's Best Scientific Cybersecurity Paper Award in 2015 and the ETAPS 2020 Test of Time Award
- Unified, self-contained, and comprehensive presentation, with numerous exercises, suitable for students and researchers
Part of the book series: Information Security and Cryptography (ISC)
Buy it now
Buying options
Tax calculation will be finalised at checkout
Other ways to access
This is a preview of subscription content, log in via an institution to check for access.
Table of contents (23 chapters)
-
Front Matter
-
Motivation
-
Front Matter
-
-
Secrets and How to Measure Them
-
Front Matter
-
-
Channels and Information Leakage
-
Front Matter
-
-
Information Leakage in Sequential Programs
-
Front Matter
-
About this book
This book presents a comprehensive mathematical theory that explains precisely what information flow is, how it can be assessed quantitatively – so bringing precise meaning to the intuition that certain information leaks are small enough to be tolerated – and how systems can be constructed that achieve rigorous, quantitative information-flow guarantees in those terms. It addresses the fundamental challenge that functional and practical requirements frequently conflict with the goal of preserving confidentiality, making perfect security unattainable.
Topics include: a systematic presentation of how unwanted information flow, i.e., "leaks", can be quantified in operationally significant ways and then bounded, both with respect to estimated benefit for an attacking adversary and by comparisons between alternative implementations; a detailed study of capacity, refinement, and Dalenius leakage, supporting robust leakage assessments; a unification of information-theoretic channels and information-leaking sequential programs within the same framework; and a collection of case studies, showing how the theory can be applied to interesting realistic scenarios.The text is unified, self-contained and comprehensive, accessible to students and researchers with some knowledge of discrete probability and undergraduate mathematics, and contains exercises to facilitate its use as a course textbook.Authors and Affiliations
-
Computer Science Department, Universidade Federal de Minas Gerais, Belo Horizonte, Brazil
Mário S. Alvim
-
Department of Informatics and Telecommunications, University of Athens, Athens, Greece
Konstantinos Chatzikokolakis
-
Department of Computing, Macquarie University, Sydney, Australia
Annabelle McIver
-
School of Computer Science & Engineering, University of New South Wales Trustworthy Systems, Data61 CSIRO, Sydney, Australia
Carroll Morgan
-
Inria Saclay and LIX École Polytechnique, Institut Polytechnique de Paris, Palaiseau, France
Catuscia Palamidessi
-
School of Computing & Information Sciences, Florida International University, Miami, USA
Geoffrey Smith
About the authors
Mário S. Alvim is assistant professor in the Computer Science Department of the Universidade Federal de Minas Gerais in Belo Horizonte. His current research interests include formal methods for security and privacy, as well as applications of quantitative information flow to fields beyond security. Kostas Chatzikokolakis is associate professor at the University of Athens. He works on security and privacy, in particular quantitative information flow, location privacy, and differential privacy. Annabelle McIver is professor in the Dept. of Computing at Macquarie University in Sydney. She works on mathematical techniques for the verification of probabilistic systems. Carroll Morgan is professor in the School of Engineering and Computer Science at the University of New South Wales, and is affiliated with the Trustworthy Systems Group of CSIRO’s Data61. His current interests are quantitative information flow, program derivation (including security), and proved correctness of multicore operating-system kernels. Catuscia Palamidessi is director of research at Inria Saclay. She is the leader of COMÈTE, a research team in the Inria and École Polytechnique shared lab. Her main research interests are quantitative information flow, privacy, and concurrency theory. Geoffrey Smith is professor in the School of Computing and Information Sciences of Florida International University in Miami. His current research interests include quantitative information flow and its applications to cryptography.
Bibliographic Information
Book Title: The Science of Quantitative Information Flow
Authors: Mário S. Alvim, Konstantinos Chatzikokolakis, Annabelle McIver, Carroll Morgan, Catuscia Palamidessi, Geoffrey Smith
Series Title: Information Security and Cryptography
DOI: https://doi.org/10.1007/978-3-319-96131-6
Publisher: Springer Cham
eBook Packages: Computer Science, Computer Science (R0)
Copyright Information: Springer Nature Switzerland AG 2020
Hardcover ISBN: 978-3-319-96129-3Published: 23 September 2020
eBook ISBN: 978-3-319-96131-6Published: 23 September 2020
Series ISSN: 1619-7100
Series E-ISSN: 2197-845X
Edition Number: 1
Number of Pages: XXVIII, 478
Topics: Systems and Data Security, Data Structures and Information Theory, Software Engineering/Programming and Operating Systems