期刊名称:Karbala International Journal of Modern Science
印刷版ISSN:2405-609X
电子版ISSN:2405-609X
出版年度:2018
卷号:4
期号:1
页码:151-163
DOI:10.1016/j.kijoms.2018.01.002
语种:English
出版社:Elsevier
摘要:AbstractThe paper aims to propose a framework of information leakage warning system based on the principle of quantitative information flow. The quantification of information leakage has been widely used to decide the threshold of information leakage in program code but the purpose of the proposed framework is to use quantification based information leakage threshold to design practical information leakage warning system for real-time software. In the proposed framework, the software is considered as a collection of functions and each function is considered as register automata. Using the register automata working principles, the information leakage will be quantified during runtime of the software and when the software is in its pristine form. Based on the quantified amount of information leakage in both the cases, the framework warns the user about information leakage. Algorithmic steps of the proposed approach are also included in the paper. The proposed quantitative analysis based framework leads to flexible information security policy.
关键词:Information security;Information security modeling;Quantitative analysis of information leakage;Trust
