This book presents a comprehensive mathematical theory that explains precisely what information flow is, how it can be assessed quantitatively – so bringing precise meaning to the intuition that certain information leaks are small enough to be tolerated – and how systems can be constructed that achieve rigorous, quantitative information-flow guarantees in those terms. It addresses the fundamental challenge that functional and practical requirements frequently conflict with the goal of preserving confidentiality, making perfect security unattainable.
Topics include: a systematic presentation of how unwanted information flow, i.e., "leaks", can be quantified in operationally significant ways and then bounded, both with respect to estimated benefit for an attacking adversary and by comparisons between alternative implementations; a detailed study of capacity, refinement, and Dalenius leakage, supporting robust leakage assessments; a unification of information-theoretic channels and information-leaking sequential programs within the same framework; and a collection of case studies, showing how the theory can be applied to interesting realistic scenarios.
The text is unified, self-contained and comprehensive, accessible to students and researchers with some knowledge of discrete probability and undergraduate mathematics, and contains exercises to facilitate its use as a course textbook.
|Place of Publication||Cham, Switzerland|
|Publisher||Springer, Springer Nature|
|Number of pages||478|
|Publication status||Published - 2020|
|Name||Information Security and Cryptography|