Ensuring that information is protected proportionately to its value is a major challenge in the development of robust distributed systems, where code complexity and technological constraints might allow reaching a key functionality along various paths. We propose a protection analysis over the Quality Calculus that computes the combinations of data required to reach a program point and relates them to a notion of cost. In this way, we can compare the security deployed on different paths that expose the same resource. The analysis is formalised in terms of flow logic, and is implemented as an optimisation problem encoded into Satisfiability Modulo Theories, allowing us to deal with complex cost structures. The usefulness of the approach is demonstrated on the study of password recovery systems. © 2014 IFIP International Federation for Information Processing.
CITATION STYLE
Vigo, R., Nielson, F., & Nielson, H. R. (2014). Uniform protection for multi-exposed targets. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8461 LNCS, pp. 182–198). Springer Verlag. https://doi.org/10.1007/978-3-662-43613-4_12
Mendeley helps you to discover research relevant for your work.