[cap-talk] Assessing security threats of looping constructs
Sandro Magi
smagi at higherlogics.com
Mon Jan 29 10:18:29 CST 2007
Attempts to quantify the information leakage rate of looping constructs
that could be used to mount an attack.
http://lambda-the-ultimate.org/node/2008
(pdf: http://www.dcs.qmul.ac.uk/~pm/Papers/boundsWhile.pdf)
There is a clear intuitive connection between the notion of
leakage of information in a program and concepts from information
theory. This intuition has not been satisfactorily
pinned down, until now. In particular, previous information theoretic
models of programs are imprecise, due to their
overly conservative treatment of looping constructs. In this
paper we provide the first precise information-theoretic semantics
of looping constructs. Our semantics describes both
the amount and rate of leakage; if either is small enough,
then a program might be deemed “secure”. Using the semantics
we provide an investigation and classification of
bounded and unbounded covert channels.
More information about the cap-talk
mailing list