A Precise Information Flow Measure from Imprecise Probabilities
This addresses the problem of secure information flow analysis for programs, particularly in handling ambiguous or conflicting data, though it appears incremental as a generalization of an existing method.
The paper tackles the problem of quantifying information flow in programs using Dempster-Shafer theory to handle uncertainties like nonspecificity and conflict, which Bayesian methods struggle with. It presents a generalization of a recent Bayesian-based method that removes its weaknesses, resulting in a precise measure with plausible bounds tied to secret input size and exhaustive search effort.
Dempster-Shafer theory of imprecise probabilities has proved useful to incorporate both nonspecificity and conflict uncertainties in an inference mechanism. The traditional Bayesian approach cannot differentiate between the two, and is unable to handle non-specific, ambiguous, and conflicting information without making strong assumptions. This paper presents a generalization of a recent Bayesian-based method of quantifying information flow in Dempster-Shafer theory. The generalization concretely enhances the original method removing all its weaknesses that are highlighted in this paper. In so many words, our generalized method can handle any number of secret inputs to a program, it enables the capturing of an attacker's beliefs in all kinds of sets (singleton or not), and it supports a new and precise quantitative information flow measure whose reported flow results are plausible in that they are bounded by the size of a program's secret input, and can be easily associated with the exhaustive search effort needed to uncover a program's secret information, unlike the results reported by the original metric.