# Formal approaches to information hiding : An analysis of interactive systems, statistical disclosure control, and refinement of specifications. (Des approches formelles pour le cachement d'information: Une analyse des systèmes interactifs, contrôle de divulgation statistique, et le raffinement des s

@article{Alvim2011FormalAT, title={Formal approaches to information hiding : An analysis of interactive systems, statistical disclosure control, and refinement of specifications. (Des approches formelles pour le cachement d'information: Une analyse des syst{\`e}mes interactifs, contr{\^o}le de divulgation statistique, et le raffinement des s}, author={M{\'a}rio S. Alvim}, journal={ArXiv}, year={2011}, volume={abs/1111.3013} }

In this thesis we consider the problem of information hiding in the scenarios of interactive systems, statistical disclosure control, and refinement of specifications. We apply quantitative approaches to information flow in the first two cases, and we propose improvements for the usual solutions based on process equivalences for the third case. In the first scenario we consider the problem of defining the information leakage in interactive systems where secrets and observables can alternate…

## References

SHOWING 1-10 OF 103 REFERENCES

### Information Hiding in Probabilistic Concurrent Systems

- Computer Science2010 Seventh International Conference on the Quantitative Evaluation of Systems
- 2010

### Information Flow in Interactive Systems

- Computer Science, MathematicsCONCUR
- 2010

There is a complete correspondence between interactive systems and more complicated types of channels, that in Information Theory are known as channels with memory and feedback, and it is shown that the capacity of the channels associated to such systems is a continuous function of the Kantorovich metric.

### Computing the Leakage of Information-Hiding Systems

- Computer Science, MathematicsTACAS
- 2010

We address the problem of computing the information leakage of a system in an efficient way. We propose two methods: one based on reducing the problem to reachability, and the other based on…

### Information-Theoretic Bounds for Differentially Private Mechanisms

- Computer Science2011 IEEE 24th Computer Security Foundations Symposium
- 2011

The purpose of this article is to establish formal connections between both notions of confidentiality, and to compare them in terms of the security guarantees they deliver, and it is shown that the question of providing optimal upper bounds for the leakage of eps-differentially private mechanisms in Terms of rational functions of ePS is in fact decidable.

### On the Foundations of Quantitative Information Flow

- Computer ScienceFoSSaCS
- 2009

This paper argues that the consensus definitions of Shannon entropy actually fail to give good security guarantees, and explores an alternative foundation based on a concept of vulnerability and which measures uncertainty using Renyi's min-entropy , rather than Shannon entropy.

### Quantitative information flow in interactive systems

- Computer Science, MathematicsJ. Comput. Secur.
- 2012

It is shown that there is a complete correspondence between interactive systems and channels of a more complicated kind, known as channels with memory and feedback, and that the capacity of the channels associated to such systems is a continuous function with respect to a pseudometric based on the Kantorovich metric.

### On the Bayes risk in information-hiding protocols

- Computer Science, MathematicsJ. Comput. Secur.
- 2008

A constructive characterization of a convex base of the probability of error is presented, which allows us to compute its maximum value (over all possible input distributions), and to identify upper bounds for it in terms of simple functions.

### Lagrange multipliers and maximum information leakage in different observational models

- Computer SciencePLAS '08
- 2008

A uniform definition of leakage is provided, based on Information Theory, that will allow to formalize and prove some intuitive relationships between the amount leaked by the same program in different models and which input distribution causes the maximum leakage.

### Adversaries and Information Leaks (Tutorial)

- Computer Science, MathematicsTGC
- 2007

This tutorial paper considers a type system that enforces the usual Denning restrictions, except that it specifies that encrypting a H plaintext yields a L ciphertext, and argues that these measures are unsuitable, because they fail to distinguish between programs that are wildly different from the point of view of an adversary trying to guess the H input.

### Differential Privacy versus Quantitative Information Flow

- Computer ScienceArXiv
- 2010

It is shown how to model the query system in terms of an information-theoretic channel, and it is shown that the notion of differential privacy is strictly stronger, in the sense that it implies a bound on the mutual information, but not viceversa.