Sciweavers

CSFW
2011
IEEE
12 years 3 months ago
A Statistical Test for Information Leaks Using Continuous Mutual Information
—We present a statistical test for detecting information leaks in systems with continuous outputs. We use continuous mutual information to detect the information leakage from tri...
Tom Chothia, Apratim Guha
CSFW
2011
IEEE
12 years 3 months ago
Security for Key Management Interfaces
—We propose a much-needed formal definition of security for cryptographic key management APIs. The advantages of our definition are that it is general, intuitive, and applicabl...
Steve Kremer, Graham Steel, Bogdan Warinschi
CSFW
2011
IEEE
12 years 3 months ago
Modular Protections against Non-control Data Attacks
—This paper introduces YARRA, a conservative extension to C to protect applications from non-control data attacks. YARRA programmers specify their data integrity requirements by ...
Cole Schlesinger, Karthik Pattabiraman, Nikhil Swa...
CSFW
2011
IEEE
12 years 3 months ago
The Complexity of Quantitative Information Flow Problems
—In this paper, we investigate the computational complexity of quantitative information flow (QIF) problems. Information-theoretic quantitative relaxations of noninterference (b...
Pavol Cerný, Krishnendu Chatterjee, Thomas ...
CSFW
2011
IEEE
12 years 3 months ago
Dynamic Enforcement of Knowledge-Based Security Policies
—This paper explores the idea of knowledge-based security policies, which are used to decide whether to answer queries over secret data based on an estimation of the querier’s ...
Piotr Mardziel, Stephen Magill, Michael Hicks, Mud...
CSFW
2011
IEEE
12 years 3 months ago
Formal Analysis of Protocols Based on TPM State Registers
—We present a Horn-clause-based framework for analysing security protocols that use platform configuration registers (PCRs), which are registers for maintaining state inside the...
Stéphanie Delaune, Steve Kremer, Mark Dermo...
CSFW
2011
IEEE
12 years 3 months ago
Local Memory via Layout Randomization
—Randomization is used in computer security as a tool to introduce unpredictability into the software infrastructure. In this paper, we study the use of randomization to achieve ...
Radha Jagadeesan, Corin Pitcher, Julian Rathke, Ja...
CSFW
2011
IEEE
12 years 3 months ago
Regret Minimizing Audits: A Learning-Theoretic Basis for Privacy Protection
Abstract—Audit mechanisms are essential for privacy protection in permissive access control regimes, such as in hospitals where denying legitimate access requests can adversely a...
Jeremiah Blocki, Nicolas Christin, Anupam Datta, A...