An axiomatization of information flow measures

Abstract Quantitative information flow aims to assess and control the leakage of sensitive information by computer systems. A key insight in this area is that no single leakage measure is appropriate in all operational scenarios; as a result, many leakage measures have been proposed, with many different properties. To clarify this complex situation, this paper studies information leakage axiomatically, showing important dependencies among different axioms. It also establishes a completeness result about the g-leakage family, showing that any leakage measure satisfying certain intuitively-reasonable properties can be expressed as a g-leakage.

[1]  David Clark,et al.  Quantitative Information Flow, Relations and Polymorphic Types , 2005, J. Log. Comput..

[2]  Aleksandr Yakovlevich Khinchin,et al.  Mathematical foundations of information theory , 1959 .

[3]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[4]  Pasquale Malacaria,et al.  Lagrange multipliers and maximum information leakage in different observational models , 2008, PLAS '08.

[5]  Bing-Rong Lin,et al.  An Axiomatic View of Statistical Privacy and Utility , 2012, J. Priv. Confidentiality.

[6]  Franck van Breugel,et al.  The Metric Monad for Probabilistic Nondeterminism , 2006 .

[7]  Geoffrey Smith,et al.  Secure information flow in a multi-threaded imperative language , 1998, POPL '98.

[8]  Bing-Rong Lin,et al.  Towards an axiomatization of statistical privacy and utility , 2010, PODS.

[9]  G. Crooks On Measures of Entropy and Information , 2015 .

[10]  Mário S. Alvim,et al.  Information Flow in Interactive Systems , 2010, CONCUR.

[11]  Bing-Rong Lin,et al.  Information Measures in Statistical Privacy and Data Processing Applications , 2015, TKDD.

[12]  J. Massey Guessing and entropy , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[13]  Mário S. Alvim,et al.  Additive and Multiplicative Notions of Leakage, and Their Capacities , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[14]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[15]  Imre Csiszár,et al.  Axiomatic Characterizations of Information Measures , 2008, Entropy.

[16]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[17]  Mário S. Alvim,et al.  Measuring Information Leakage Using Generalized Gain Functions , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[18]  丸山 徹 Convex Analysisの二,三の進展について , 1977 .

[19]  Mário S. Alvim,et al.  When Not All Bits Are Equal: Worth-Based Information Flow , 2014, POST.

[20]  Prakash Panangaden,et al.  On the Bayes risk in information-hiding protocols , 2008, J. Comput. Secur..

[21]  Paul Syverson,et al.  Quasi-Anonymous Channels , 2003 .

[22]  Michele Boreale,et al.  Quantitative information flow under generic leakage functions and adaptive adversaries , 2015, Log. Methods Comput. Sci..

[23]  Annabelle McIver,et al.  Abstract Channels and Their Robust Information-Leakage Ordering , 2014, POST.

[24]  Prakash Panangaden,et al.  Anonymity protocols as noisy channels , 2006, Inf. Comput..

[25]  Pasquale Malacaria,et al.  Assessing security threats of looping constructs , 2007, POPL '07.

[26]  Annabelle McIver,et al.  A Kantorovich-Monadic Powerdomain for Information Hiding, with Probability and Nondeterminism , 2012, 2012 27th Annual IEEE Symposium on Logic in Computer Science.

[27]  Shai Shalev-Shwartz,et al.  Online Learning and Online Convex Optimization , 2012, Found. Trends Mach. Learn..

[28]  Annabelle McIver,et al.  Compositional Closure for Bayes Risk in Probabilistic Noninterference , 2010, ICALP.

[29]  Geoffrey Smith,et al.  On the Foundations of Quantitative Information Flow , 2009, FoSSaCS.

[30]  Mário S. Alvim,et al.  Axioms for Information Leakage , 2016, 2016 IEEE 29th Computer Security Foundations Symposium (CSF).

[31]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[32]  John McLean,et al.  Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[33]  Bing-Rong Lin,et al.  Reasoning about privacy using axioms , 2012, 2012 Conference Record of the Forty Sixth Asilomar Conference on Signals, Systems and Computers (ASILOMAR).

[34]  Ira S. Moskowitz,et al.  Covert channels and anonymizing networks , 2003, WPES '03.

[35]  Annabelle McIver,et al.  Hidden-Markov program algebra with iteration , 2011, Mathematical Structures in Computer Science.

[36]  Roman Fric,et al.  A Categorical Approach to Probability Theory , 2010, Stud Logica.