Dissertations / Theses on the topic 'Information flow'
To see the other types of publications on this topic, follow the link: Information flow.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Information flow.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Heusser, Jonathan. "Automating quantitative information flow." Thesis, Queen Mary, University of London, 2011. http://qmro.qmul.ac.uk/xmlui/handle/123456789/1260.
Full textAbstract:
Unprecedented quantities of personal and business data are collected, stored, shared, and processed by countless institutions all over the world. Prominent examples include sharing personal data on social networking sites, storing credit card details in every store, tracking customer preferences of supermarket chains, and storing key personal data on biometric passports. Confidentiality issues naturally arise from this global data growth. There are continously reports about how private data is leaked from confidential sources where the implications of the leaks range from embarrassment to serious personal privacy and business damages. This dissertation addresses the problem of automatically quantifying the amount of leaked information in programs. It presents multiple program analysis techniques of different degrees of automation and scalability. The contributions of this thesis are two fold: a theoretical result and two different methods for inferring and checking quantitative information flows are presented. The theoretical result relates the amount of possible leakage under any probability distribution back to the order relation in Landauer and Redmond’s lattice of partitions [35]. The practical results are split in two analyses: a first analysis precisely infers the information leakage using SAT solving and model counting; a second analysis defines quantitative policies which are reduced to checking a k-safety problem. A novel feature allows reasoning independent of the secret space. The presented tools are applied to real, existing leakage vulnerabilities in operating system code. This has to be understood and weighted within the context of the information flow literature which suffers under an apparent lack of practical examples and applications. This thesis studies such “real leaks” which could influence future strategies for finding information leaks.
2
Zhang, Xiang. "Efficiency in Emergency medical service system : An analysis on information flow." Thesis, Växjö University, School of Mathematics and Systems Engineering, 2007. http://urn.kb.se/resolve?urn=urn:nbn:se:vxu:diva-1620.
Full textAbstract:
In an information system which includes plenty of information services, we are always seeking a solution to enhance efficiency and reusability. Emergency medical service system is a classic information system using application integration in which the requirement of information flow transmissions is extremely necessary. We should always ensure this system is running in best condition with highest efficiency and reusability since the efficiency in the system directly affects human life.
The aim of this thesis is to analysis emergency medical system in both qualitative and quantitative ways. Another aim of this thesis is to suggest a method to judge the information flow through the analysis for the system efficiency and the correlations between information flow traffic and system applications.
The result is that system is a main platform integrated five information services. Each of them provides different unattached functions while they are all based on unified information resources. The system efficiency can be judged by a method called Performance Evaluation, the correlation can be judged by multi-factorial analysis of variance method.
3
Aksakal, Baris. "Makeshift Information Constructions: Information Flow and Undercover Police." Thesis, University of North Texas, 2005. https://digital.library.unt.edu/ark:/67531/metadc4823/.
Full textAbstract:
This dissertation presents the social virtual interface (SVI) model, which was born out of a need to develop a viable model of the complex interactions, information flow and information seeking behaviors among undercover officers. The SVI model was created from a combination of various philosophies and models in the literature of information seeking, communication and philosophy. The questions this research paper answers are as follows: 1. Can we make use of models and concepts familiar to or drawn from Information Science to construct a model of undercover police work that effectively represents the large number of entities and relationships? and 2. Will undercover police officers recognize this model as realistic? This study used a descriptive qualitative research method to examine the research questions. An online survey and hard copy survey were distributed to police officers who had worked in an undercover capacity. In addition groups of officers were interviewed about their opinion of the SVI model. The data gathered was analyzed and the model was validated by the results of the survey and interviews.
4
Enescu, Mihai Adrian. "Precisely quantifying software information flow." Thesis, University of British Columbia, 2016. http://hdl.handle.net/2429/57379.
Full textAbstract:
A common attack point in a program is the input exposed to the user. The adversary crafts a malicious input that alters some internal state of the program, in order to acquire sensitive data, or gain control of the program's execution. One can say that the input exerts a degree of influence over specific program outputs. Although a low degree of influence does not guarantee the program's resistance to attacks, previous work has argued that a greater degree of influence tends to provide an adversary with an easier avenue of attack, indicating a potential security vulnerability.
Quantitative information flow is a framework that has been used to detect a class of security flaws in programs, by measuring an attacker's influence. Programs may be considered as communication channels between program inputs and outputs, and information-theoretic definitions of information leakage may be used in order to measure the degree of influence which a program's inputs can have over its outputs, if the inputs are allowed to vary. Unfortunately, the precise information flow measured by this definition is difficult to compute, and prior work has sacrificed precision, scalability, and/or automation.
In this thesis, I show how to compute this information flow (specifically, channel capacity) in a highly precise and automatic manner, and scale to much larger programs than previously possible. I present a tool, nsqflow, that is built on recent advances in symbolic execution and SAT solving. I use this tool to discover two previously-unknown buffer overflows. Experimentally, I demonstrate that this approach can scale to over 10K lines of real C code, including code that is typically difficult for program analysis tools to analyze, such as code using pointers.Science, Faculty of
Computer Science, Department of
Graduate
5
Zhu, Ping. "Quantifying information flow with constraints." Thesis, City University London, 2010. http://openaccess.city.ac.uk/12101/.
Full textAbstract:
Quantifying flow of information in a program involves calculating how much information (e.g. about secret inputs) can be leaked by observing the program's public outputs. Recently this field has attracted a lot of research interest, most of which makes use of Shannon's information theory, e.g. mutual information, conditional entropy, etc. Computability entails that any automated analysis of information is necessarily incomplete. Thus quantitative flow of analyses aim to compute upper bounds on the sizes of the flows in a program. Virtually all the current quantitative analyses treat program variables independently, which significantly limits the potential for deriving tight upper bounds. Our work is motivated by the intuition that knowledge of the dependencies between program variables should allow the derivation of more precise upper bounds on the size of flows, and that classical abstract interpretation provides an effective mechanism for determining such dependencies in the form of linear constraints. Our approach is then to view the problem as one of constrained optimization (maximum entropy), allowing us to apply the standard technique of Lagrange multiplier method. Application of this technique turns out to require development of some novel methods due to the essential use of non-linear (entropy) constraints, in conjunction with the linear dependency constraints. Using these methods we obtain more precise upper bounds on the size of information flows than is possible with existing analysis techniques.
6
Moses, John. "Cohesion prediction using information flow." Thesis, University of Sunderland, 1997. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.387492.
Full text
7
Payne, Joshua. "Interaction Topologies and Information Flow." ScholarWorks @ UVM, 2009. http://scholarworks.uvm.edu/graddis/177.
Full textAbstract:
Networks are ubiquitous, underlying systems as diverse as the Internet, food webs, societal interactions, the cell, and the brain. Of crucial importance is the coupling of network structure with system dynamics, and much recent attention has focused on how information, such as pathogens, mutations, or ideas, ow through networks. In this dissertation, we advance the understanding of how network structure a ects information ow in two important classes of models. The rst is an independent interaction model, which is used to investigate the propagation of advantageous alleles in evolutionary algorithms. The second is a threshold model, which is used to study the dissemination of ideas, fads, and innovations throughout populations. This journal-format dissertation comprises three interrelated studies, in which we investigate the in uence of network structure on the dynamical properties of information ow. In the rst study, we develop an analytical technique to approximate system dynamics in arbitrarily structured regular interaction topologies. In the second study, we investigate the ow of advantageous alleles in degree-correlated scale-free population structures, and provide a simple topological metric for assessing the selective pressures induced by these networks. In the third study, we characterize the conditions in which global information cascades occur in threshold models of binary decisions with externalities, structured on degree-correlated Poisson-distributed random networks.
8
Alhalalat, Saleh Ismail. "Information flow in virtual organisations." Thesis, Loughborough University, 2005. https://dspace.lboro.ac.uk/2134/7757.
Full textAbstract:
The main aim of the study is to investigate the flows of information and the impact and added value of Information and Communication Technologies (ICTs) on the integration of information flows. This concept is related to the optimal design of organisational (and other) systems that allow the right decision to be made by the right person at the right time in an appropriate location. Clearly, information that is often distributed needs to come together in an efficient way to allow the best use of resources to maximize the information value. The virtual organisation (VO) is a new style of working that allows completion of tasks across time and location. The use of ICTs is viewed as a facilitator of these tasks and their application provides good examples to extend their use. The most common types of VOs are home offices, teleworking centres, mobile offices and `hotelling'. Teleworkers still face several problems, such as managing their work, lack of appropriate communications to complete their work efficiently, and isolation. This study applied an information-driven approach to investigate the current problems in the teleworking environment, and solutions are proposed to improve the flow of information in the VOs. The data required were collected by questionnaire survey, semi-structured interviews, and document analysis. Members of the Telework Association (TCA) in the UK were invited to take part in this survey, and 153 out of 800 respondents came from this source. From subsequent analysis of the data collected, there is indeed an issue with the use and integration of information flows in VOs. An in depth study of six individual cases revealed a lack of information sharing, poor understanding of information needs, and low rates of access to online information. Soft solutions can be achieved through understanding information needs, developing information policy, and training. Hard solutions can be achieved through using online information, using workflow software, upgrading the speed of Internet connection, using information sharing systems, and arranging more open access to information. Some indicators of future research can be mentioned, particularly in conducting the second generation of information audit in teleworking practice, to study knowledge management (KM) practices in teleworking, to develop information policies to enhance teleworking practices, to focus on the information needs of teleworkers, to evaluate the impact of software applications (such as workflow software), to implement information sharing systems, and to study the impact of training on information retrieval and use.
9
Salvini, Fabio <1992>. "Flow logic based information flow analysis of Android applications." Master's Degree Thesis, Università Ca' Foscari Venezia, 2018. http://hdl.handle.net/10579/12996.
Full textAbstract:
Android is the world's most popular mobile OS, with more than 2 billion monthly active devices. Static analysis is an essential tool to protect the sensitive data stored in the devices from malicious applications. In this thesis, we present the first flow logic for the information flow analysis of Dalvik bytecode that is specifically tailored to the peculiar lifecycle of Android applications. A prototype implementation based on a state-of-the-art SMT solver demonstrates the practicality of our approach.
10
Bhatia, Shishir. "Structured Information Flow (SIF) Framework for Automating End-to-End Information Flow for Large Organizations." Thesis, Virginia Tech, 2006. http://hdl.handle.net/10919/31148.
Full textAbstract:
For almost five decades, since the advent of the first computers for commercial use, the dream of the Paperless Office, a.k.a. total Information flow automation, has eluded the industry. Now, with the emergence of Internet- and Web-based technologies, daily we see examples of organizations like eBay and Amazon that perform their business in a fully automated manner without the use of paper or pen. However, bigger and older organizations that have more complex functions, like government organizations, have not been very successful in harnessing the latest technological innovations to completely automate their Information flow. We propose a Structured Information Flow (SIF) framework that provides the conceptual infrastructure to automate small and big, new and old organizations alike. The ease of the transformation is due to three key features of SIF that set it apart from any other Information flow automation scheme.
First, SIF utilizes the attributes of the organization, such as the existing reporting structure, to model the automated Information flow. The rules governing the flow of Information are based on the hierarchy already in place, for example: A senior can view any Information owned by any of his/her direct subordinates. Second, SIF characterizes external organization entities as a special case of internal organization entities, allowing for seamless integration of the Information flow to and from them. Third, the SIF framework is independent of platform, method, organization, or technology. This gives it a generic nature that makes it applicable as a platform to implement multiple types of automated e-systems such as e-commerce, e-education, e-training, e-governance, etc.
In this body of work, we formally define the SIF framework using state transformation language and a visual representation scheme specifically developed for this purpose. We also define the Information Interfaces, which are the mechanism for implementing rules- and constraint-based Information flow in SIF.Master of Science
11
Kassir, Abdallah. "Communication Efficiency in Information Gathering through Dynamic Information Flow." Thesis, The University of Sydney, 2014. http://hdl.handle.net/2123/12113.
Full textAbstract:
This thesis addresses the problem of how to improve the performance of multi-robot information gathering tasks by actively controlling the rate of communication between robots. Examples of such tasks include cooperative tracking and cooperative environmental monitoring. Communication is essential in such systems for both decentralised data fusion and decision making, but wireless networks impose capacity constraints that are frequently overlooked. While existing research has focussed on improving available communication throughput, the aim in this thesis is to develop algorithms that make more efficient use of the available communication capacity. Since information may be shared at various levels of abstraction, another challenge is the decision of where information should be processed based on limits of the computational resources available. Therefore, the flow of information needs to be controlled based on the trade-off between communication limits, computation limits and information value. In this thesis, we approach the trade-off by introducing the dynamic information flow (DIF) problem. We suggest variants of DIF that either consider data fusion communication independently or both data fusion and decision making communication simultaneously. For the data fusion case, we propose efficient decentralised solutions that dynamically adjust the flow of information. For the decision making case, we present an algorithm for communication efficiency based on local LQ approximations of information gathering problems. The algorithm is then integrated with our solution for the data fusion case to produce a complete communication efficiency solution for information gathering. We analyse our suggested algorithms and present important performance guarantees. The algorithms are validated in a custom-designed decentralised simulation framework and through field-robotic experimental demonstrations.
12
Zanioli, Matteo <1984>. "Information flow analysis by abstract interpretation." Doctoral thesis, Università Ca' Foscari Venezia, 2012. http://hdl.handle.net/10579/1235.
Full textAbstract:
Protecting the confidentiality of information stored in a computer system or transmitted over a public network is a relevant problem in computer security.
The goal of this thesis is to provide both theoretical and experimental results towards the design of an information flow analysis for the automatic verification of absence of sensitive information leakage.
Our approach is based on Abstract Interpretation, a theory of sound approximation of program semantics.
We track the dependencies among program's variables using propositional formulae, namely the Pos domain.
We study the main ways to improve the accuracy (by combination of abstract domains) and the efficiency (by combination of widening and narrowing operators) of the analysis.
The reduced product of the logical domain Pos and suitable numerical domains yields to an analysis strictly more accurate with respect to the ones already in the literature.
The modular construction of our analysis allows to deal with the trade-off between efficiency and accuracy by tuning the granularity of the abstraction and the complexity of the abstract operators.
Finally, we introduce Sails, a new information flow analysis tool for mainstream languages like Java, that does not require any manual annotation.
Sails combines the information leakage analysis with different heap abstractions, inferring information leakage over programs dealing with complex data structures too.
We applied Sails to the analysis of the SecuriBench-micro suite and the preliminary experimental results outline the effectiveness of our approach.Proteggere la segretezza delle informazioni nei sistemi informatici o all’interno di reti pubbliche `e uno dei principali problemi riguardanti la sicurezza informatica. L’obiettivo di questa tesi è fornire sia risultati teorici che sperimentali attraverso la progettazione di un’analisi di flussi di informazioni volta a verificare che i dati sensibili rimangano tali e non vengano resi pubblici. Il nostro approccio si fonda sull’Interpretazione Astratta, una teoria riguardante l’approssimazione della semantica dei programmi. Tracciamo le dipendenze tra le variabili attraverso formule proposizionali, in particolare usando il dominio Pos. Analizziamo i principali metodi per incrementare la precisione (tramite la combinazione di domini astratti) e l’efficienza (tramite l’utilizzo degli operatori di widening and narrowing) dell’analisi. Il prodotto ridotto tra il dominio logico Pos ed opportuni domini numerici fornisce un analisi più accurata rispetto quelle presenti in letteratura. La costruzione modulare della nostra analisi permette di gestire al meglio il trade-off tra efficienza e precisione regolando la granularità dell’astrazione e la complessità degli operatori astratti. In fine, introduciamo Sails, un nuovo strumento per l’analisi di flussi di informazioni per linguaggi tradizionali come Java, che non richiede nessuna annotazione manuale. Sails combina l’analisi dei flussi con differenti astrazioni dell’heap, inferendo i flussi anche su programmi che utilizzano strutture dati complesse. Abbiamo poi analizzato con Sails la suite SecuriBench-micro ottenendo dei risultati preliminari che hanno confermato l’efficacia del nostro approccio.
Protéger la confidentialité de l’information numérique stockée ou en transfert sur des réseaux publics est un problème récurrent dans le domaine de la sécurité informatique. Le but de cette thèse est de fournir des résultats théoriques et expérimentaux sur une analyse de flue permettant la vérification automatique de l’absence de fuite possible d’information sensible. Notre approche est basée sur la théorie de l’Interprétation Abstraite et consiste à manipuler une approximation de la sémantique des programmes. Nous détectons les différentes dépendances entre les variables d’un programme en utilisant des formules propositionnelles avec notamment le domaine Pos. Nous étudions les principales façon d’améliorer la précision (en combinant des domaines abstraits) et l’efficacité (en associant des opérateurs d’élargissement et de rétrécissement) de l’analyse. Le produit réduit du domaine logique Pos et d’un domaine numérique choisi permet une analyse strictement plus précise que celles précédemment présentent dans la littérature. La construction modulaire de notre analyse permet de choisir un bon compromis entre efficacité et précision en faisant varier la granularité de l’abstraction et la complexité des opérateurs abstraits. Pour finir, nous introduisons Sails une nouvelle analyse de flue destinée à des langages de haut niveau sans annotation tel que Java. Sails combine une analyse de fuite possible d’information à différentes abstraction de la mémoire (du tas), ce qui lui permet d’inférer des résultats sur des programmes manipulant des structures complexes. De premiers résultats expérimentaux permettent de pointer l’efficacité de notre approche en appliquant Sails à l’analyse de SecuriBench-micro.
13
Masri, Wassim. "DYNAMIC INFORMATION FLOW ANALYSIS, SLICING AND PROFILING." Case Western Reserve University School of Graduate Studies / OhioLINK, 2005. http://rave.ohiolink.edu/etdc/view?acc_num=case1092886961.
Full text
14
Thorpe, Tony. "Information flow in house building organisations." Thesis, Loughborough University, 1992. https://dspace.lboro.ac.uk/2134/6751.
Full textAbstract:
This research describes an investigation into the information flows within the technical and commercial functions of house building organisations. It was initiated because of the evidence of poor data transfer and communications within the construction industry as identified by previous research. Little previous research had addressed the particular problems of the house building industry which accounts for up to a third of total new construction output in the UK. The organisational and information structures of six house building companies were examined and a typical organisational model developed. This model highlighted the importance of the technical and commercial functions of estimating, purchasing, valuations and cost monitoring/comparisons and the need for effective transfer of information between them. The information flows between these functions were studied and modelled using systems analysis techniques of data flow diagrams and entity-relationships models. The requirements for a computer-aided management system to improve and rationalise the information flows were identified and an integrated system, known as DEVELOP, was developed. The system was installed into a collaborating company and its advantages and disadvantages monitored over time. The main outcomes of the research are: (a) an organisational model for a typical house building organisation; (b) data flow and entity-relationship models for the functions of estimating, purchasing, valuations and cost monitoring/comparisons; and (c) an operational integrated management system for house builders that provides: (i) faster throughput of information (for example the time required to aggregated dwelling quantities for a typical development is reduced from three man days to one hour);(ii) greater consistency of information (by the provision of a company data library); and (iii) better communications between the functions (due to the integrated nature of the system and the adoption of a common coding system).
15
Adetoye, Adedayo Oyelakin. "Secure information flow : analysis and enforcement." Thesis, University of Birmingham, 2009. http://etheses.bham.ac.uk//id/eprint/408/.
Full textAbstract:
When a computer program requires legitimate access to confidential data, the question arises whether such a program may reveal sensitive information to an unauthorised observer. There is therefore a need to ensure that a program, which processes confidential data, is free of unwanted information flow. This thesis presents a formal framework for the analysis and enforcement of secure information flow in computational systems such as computer programs. An important aspect of the problem of secure information flow is the development of policies by which we can express intended information release. For this reason information lattices and maps on these lattices are presented as models, which capture intuitive notions about information and information flow. A definition of security is given, based on the lattice formalisation of information and information flow, that exploits the partial order of the information lattice. The lattice formalisation gives us a uniform way to enforce information security policies under various qualitative and quantitative representations of information. An input-output relational model, which describes how a system transforms its input to publicly observable outputs with respect to a given attacker model, is presented as a primitive for the study of secure information flow. By using the relational model, various representations of information, which are shown to fit into the lattice model of information, are derived for the analysis of information flow under deterministic and nondeterministic system models. A systematic technique to derive the relational model of a system, under a given attacker model, from the operational semantics in a language-based setting, is also presented. This allows the development of information flow analyses parametrised by chosen attacker models. A flow-sensitive and termination-sensitive static analysis calculus is presented for the analysis of information flow in programs written in a deterministic While language with outputs. The analysis is shown to be correct with respect to an attacker model that is able to observe all program outputs and which can determine the termination or nontermination of program execution. The static analysis also detects certain disjunctive information release. A termination-sensitive dependency analysis is developed which demonstrates how, by employing abstract interpretation techniques, other less precise but possibly more efficient information flow analysis may be obtained. The thesis concludes with further examples to highlight various aspects of the information flow analysis and enforcement framework developed.
16
Myers, Andrew C. (Andrew Clifford). "Mostly-static decentralized information flow control." Thesis, Massachusetts Institute of Technology, 1999. http://hdl.handle.net/1721.1/16717.
Full textAbstract:
Thesis (Ph.D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1999.Includes bibliographical references (p. 169-174) and index.
This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.
The growing use of mobile code in downloaded programs such as applets and servlets has increased interest in robust mechanisms for ensuring privacy and secrecy. Common security mechanisms such as sand boxing and access control are either too restrictive or too weak -- they prevent applications from sharing data usefully, or allow private information to leak. For example, security mechanisms in Java prevent many useful applications while still permitting Trojan horse applets to leak private information. This thesis describes the decentralized label model, a new model of information flow control that protects private data while allowing applications to share data. Unlike previous approaches to privacy protection based on information flow, this label model is decentralized: it allows cooperative computation by mutually distrusting principals, without mediation by highly trusted agents. Cooperative computation is possible because individual principals can declassify their own data without infringing on other principals' privacy. The decentralized label model permits programs using it to be checked statically, which is important for the precise detection of information leaks. This thesis also presents the new language J flow, an extension to the Java programming language that incorporates the decentralized label model and permits static checking of information flows within programs. Variable declarations in J flow programs are annotated with labels that allow the static checker to check programs for information leaks efficiently, in a manner similar to type checking. Often, these labels can be inferred automatically, so annotating programs is not onerous. Dynamic checks also may be used safely when static checks are insufficiently powerful. A compiler has been implemented for the J flow language. Because most checking is performed statically at compile time, the compiler generates code with few additional dynamic tests, improving performance.
by Andrew C. Myers.
Ph.D.
17
Cheng, Winnie Wing-Yee. "Information flow for secure distributed applications." Thesis, Massachusetts Institute of Technology, 2009. http://hdl.handle.net/1721.1/55095.
Full textAbstract:
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2009.Cataloged from PDF version of thesis.
Includes bibliographical references (p. 171-177).
Private and confidential information is increasingly stored online and increasingly being exposed due to human errors as well as malicious attacks. Information leaks threaten confidentiality, lead to lawsuits, damage enterprise reputations, and cost billion of dollars. While distributed computing architectures provide data and service integration, they also create information flow control problems due to the interaction complexity among service providers. A main problem is the lack of an appropriate programming model to capture expected information flow behaviors in these large distributed software infrastructures. This research tackles this problem by proposing a programming methodology and enforcement platform for application developers to protect and share their sensitive data. We introduce Aeolus, a new platform intended to make it easier to build distributed applications that avoid the unauthorized release of information. The Aeolus security model is based on information flow control but differs from previous work in ways that we believe make it easier to use and understand. In addition, Aeolus provides a number of new mechanisms (anonymous closures, compound tags, boxes, and shared volatile state) to ease the job of writing applications. This thesis provides examples to show how Aeolus features support secure distributed applications. It describes the system design issues and solutions in designing a prototype implementation and presents performance results that show our platform has low overhead.
by Winnie Wing-Yee Cheng.
Ph.D.
18
Christian, Andrew D. (Andrew Dean). "Simulation of information flow in design." Thesis, Massachusetts Institute of Technology, 1995. http://hdl.handle.net/1721.1/11102.
Full text
19
Schultz, David Andrew. "Decentralized information flow control for databases." Thesis, Massachusetts Institute of Technology, 2012. http://hdl.handle.net/1721.1/78363.
Full textAbstract:
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2012.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.
Cataloged from student-submitted PDF version of thesis.
Includes bibliographical references (p. 177-194).
Privacy and integrity concerns have been mounting in recent years as sensitive data such as medical records, social network records, and corporate and government secrets are increasingly being stored in online systems. The rate of high-profile breaches has illustrated that current techniques are inadequate for protecting sensitive information. Many of these breaches involve databases that handle information for a multitude of individuals, but databases don't provide practical tools to protect those individuals from each other, so that task is relegated to the application. This dissertation describes a system that improves security in a principled way by extending the database system and the application platform to support information flow control. Information flow control has been gaining traction as a practical way to protect information in the contexts of programming languages and operating systems. Recent research advocates the decentralized model for information flow control (DIFC), since it provides the necessary expressiveness to protect data for many individuals with varied security concerns.However, despite the fact that most applications implicated in breaches rely on relational databases, there have been no prior comprehensive attempts to extend DIFC to a database system. This dissertation introduces IFDB, which is a database management system that supports DIFC with minimal overhead. IFDB pioneers the Query by Label model, which provides applications with a simple way to delineate constraints on the confidentiality and integrity of the data they obtain from the database. This dissertation also defines new abstractions for managing information flows in a database and proposes new ways to address covert channels. Finally, the IFDB implementation and case studies with real applications demonstrate that database support for DIFC improves security, is easy for developers to use, and has good performance.
by David Andrew Schultz.
Ph.D.
20
Zanioli, Matteo. "Information flow analysis by abstract interpretation." Paris 7, 2012. http://www.theses.fr/2012PA077262.
Full textAbstract:
Protéger la confidentialité de l’information numérique stockée ou en transfert sur des réseaux publics est un problème récurrent dans le domaine de la sécurité informatique. Le but de cette thèse est de fournir des résultats théoriques et expérimentaux sur une analyse de flux permettant la vérification automatique de l’absence de fuite possible d’information sensible. Notre approche est basée sur la théorie de l’Interprétation Abstraite et consiste à manipuler une approximation de la sémantique des programmes. Nous détectons les différentes dépendances entre les variables d’un programme en utilisant des formules propositionnelles avec notamment le domaine Pos. Nous étudions les principales façons d’améliorer la précision (en combinant des domaines abstraits) et l’efficacité (en associant des opérateurs d’élargissement et de rétrécissement) de l’analyse. Le produit réduit du domaine logique Pos et d’un domaine numérique choisi permet une analyse strictement plus précise que celles précédemment présentent dans la littérature. La construction modulaire de notre analyse permet de choisir un bon compromis entre efficacité et précision en faisant varier la granularité de l’abstraction et la complexité des opérateurs abstraits. Pour finir, nous introduisons Sails une nouvelle analyse de flue destinée à des langages de haut niveau sans annotation tel que Java. Sails combine une analyse de fuite possible d’information à différentes abstractions de la mémoire (du tas), ce qui lui permet d’inférer des résultats sur des programmes manipulant des structures complexes. De premiers résultats expérimentaux permettent de pointer l’efficacité de notre approche en appliquant Sails à l’analyse de SecuriBench-microProtecting the confidentiality of information stored in a computer system or transmitted over a public network is a relevant problem in computer security. The goal of this thesis is to provide both theoretical and experimental results towards the design of an information flow analysis for the automatic verification of absence of sensitive information leakage. Our approach is based on Abstract Interpretation, a theory of sound approximation of program semantics. We track the dependencies among program's variables using propositional formulae, namely the Pos domain. We study the main ways to improve the accuracy (by combination of abstract domains) and the efficiency (by combination of widening and narrowing operators) of the analysis. The reduced product of the logical domain Pos and suitable numerical domains yields to an analysis strictly more accurate with respect to the ones already in the literature. The modular construction of our analysis allows to deal with the trade-off between efficiency and accuracy by tuning the granularity of the abstraction and the complexity of the abstract operators. Finally, we introduce Sails, a new information flow analysis tool for mainstream languages like Java, that does not require any manual annotation. Sails combines the information leakage analysis with different heap abstractions, inferring information leakage over programs dealing with complex data structures too. We applied Sails to the analysis of the SecuriBench-micro suite and the preliminary experimental results outline the effectiveness of our approach
21
Lundqvist, Magnus. "Information Demand and Use : Improving Information Flow within Small-scale Business Contexts." Licentiate thesis, Linköping : Department of Computer and Information Science, Linköpings universitet, 2007. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-9666.
Full text
22
Espinoza, Becerra Barbara. "Foundations of Quantitative Information Flow: Channels, Cascades, and the Information Order." FIU Digital Commons, 2014. http://digitalcommons.fiu.edu/etd/1156.
Full textAbstract:
Secrecy is fundamental to computer security, but real systems often cannot avoid leaking some secret information. For this reason, the past decade has seen growing interest in quantitative theories of information flow that allow us to quantify the information being leaked. Within these theories, the system is modeled as an information-theoretic channel that specifies the probability of each output, given each input. Given a prior distribution on those inputs, entropy-like measures quantify the amount of information leakage caused by the channel.
This thesis presents new results in the theory of min-entropy leakage. First, we study the perspective of secrecy as a resource that is gradually consumed by a system. We explore this intuition through various models of min-entropy consumption. Next, we consider several composition operators that allow smaller systems to be combined into larger systems, and explore the extent to which the leakage of a combined system is constrained by the leakage of its constituents. Most significantly, we prove upper bounds on the leakage of a cascade of two channels, where the output of the first channel is used as input to the second. In addition, we show how to decompose a channel into a cascade of channels.
We also establish fundamental new results about the recently-proposed g-leakage family of measures. These results further highlight the significance of channel cascading. We prove that whenever channel A is composition refined by channel B, that is, whenever A is the cascade of B and R for some channel R, the leakage of A never exceeds that of B, regardless of the prior distribution or leakage measure (Shannon leakage, guessing entropy leakage, min-entropy leakage, or g-leakage). Moreover, we show that composition refinement is a partial order if we quotient away channel structure that is redundant with respect to leakage alone. These results are strengthened by the proof that composition refinement is the only way for one channel to never leak more than another with respect to g-leakage. Therefore, composition refinement robustly answers the question of when a channel is always at least as secure as another from a leakage point of view.
23
Law, Yan Tai. "Pricing under random information flow and the theory of information pricing." Thesis, Imperial College London, 2012. http://hdl.handle.net/10044/1/9292.
Full textAbstract:
This thesis presents a mathematical formulation of informational inhomogeneity in financial markets, with emphasis on its impact on asset volatility, the notion of information extraction, and the role of information providers. We begin with a brief review of the BHM framework, which models the market filtration by an information process consisting of a signal and a noise term, such that the signal-to-noise ratio is determined by the information flow rate. Motivated by the observations that valuable information is rarely circulated homogeneously across financial markets, and that the information flow rate is typically random, we introduce, in the first part of the thesis, an extension of the BHM approach that leads to the simplest class of stochastic volatility models. In this extended framework we derive closed form expressions: for (a) asset price processes; (b) pricing formulae for options; and (c) option deltas. We show that the model can be calibrated to fit volatility surfaces reasonably well, and that it can be used effectively to model information manipulation. In the second part we introduce a framework for the valuation of information. In particular, a new formulation of the utility-indifference argument is introduced and used as a basis for pricing. We regard information as a quantity that converts a prior distributions into a posterior distributions. The amount of information can thus be quantified by relative entropy. The key to our theory is to equate the maximised a posterior utility with the a posterior expectation of the utility of the a priori optimal strategy. This formulation leads to one price for a given quantity of upside, and another for a given quantity of downside information. Various intuitive, as well as counterintuitive implications (for example, price of information is not necessarily an increasing function of the volume of information) of our theory are discussed in detail.
24
Le, Guernic Gurvan. "Confidentiality Enforcement Using Dynamic Information Flow Analyses." Phd thesis, Kansas State University, 2007. http://tel.archives-ouvertes.fr/tel-00198621.
Full textAbstract:
Avec l'augmentation des communications entre systèmes d'information, l'intérêt pour les mécanismes de sécurité s'est accru. La notion de non-interférence, introduite par Goguen and Meseguer (1982), est fréquemment utilisée pour formaliser des politiques de sécurité impliquant la confidentialité des secrets manipulés par un programme. Un programme est dit non-interférant si son comportement observable par tous n'est pas influencé par la valeur des secrets qu'il manipule. Si ce n'est pas le cas, alors un attaquant ayant connaissance du code source du programme peut déduire des information concernant les secrets manipulés à partir de l'observation du comportement du programme.À la différence de la majorité des travaux précédents sur la non-interférence (principalement des analyses statiques), ce rapport de thèse s'intéresse au contrôle dynamique de la non-interférence. Le contrôle dynamique des flux d'information est une tâche complexe car l'information transportée par un message n'est pas une propriété intrinsèque de ce message. Elle dépend aussi, lorsque le destinataire connaît l'ensemble des message qui peuvent être envoyés, de la composition de cet ensemble. Le travail présenté dans ce rapport se base sur la composition d'analyses dynamiques et statiques des flux d'information. Des moniteurs de non-interférence sont développés pour différents langages dont un langage concurrent intégrant une commande de synchronisation. L'exactitude de ces moniteurs est prouvée et leur précision est comparée à des travaux précédents.
25
Zvirblis, Linas. "Securing Information Flow in Loosely-Coupled Systems." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, 2011. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-14086.
Full textAbstract:
Information-flow control is an important element in computer system security, and there has been significant work done in the field by Denning, Volpano, and others. However, most of the work deals with information-flow control inside a single monolithic application. Wide adoption of the Web service architecture and related technologies effectively solved the problem of universal standard of interconnection of independent systems into larger scale system, but largely ignored the problem of information-flow control. This thesis suggests an approach, which allows for information-flow control techniques of the decentralised label model to be applied to distributed loosely-coupled systems based on Web services. The resulting system design is compatible with existing Web service-based systems, and allows for integration of components that do not natively support information-flow control.
26
Deng, Zhenyue. "Practical secure information flow in programming languages." FIU Digital Commons, 2005. http://digitalcommons.fiu.edu/etd/2771.
Full textAbstract:
If we classify variables in a program into various security levels, then a secure information flow analysis aims to verify statically that information in a program can flow only in ways consistent with the specified security levels. One well-studied approach is to formulate the rules of the secure information flow analysis as a type system. A major trend of recent research focuses on how to accommodate various sophisticated modern language features. However, this approach often leads to overly complicated and restrictive type systems, . making them unfit for practical use. Also, problems essential to practical use, such as type inference and error reporting, have received little attention. This dissertation identified and solved major theoretical and practical hurdles to the application of secure information flow.
We adopted a minimalist approach to designing our language to ensure a simple lenient type system. We started out with a small simple imperative language and only added features that we deemed most important for practical use. One language feature we addressed is arrays. Due to the various leaking channels associated with array operations, arrays have received complicated and restrictive typing rules in other secure languages. We presented a novel approach for lenient array operations, which lead to simple and lenient typing of arrays.
Type inference is necessary because usually a user is only concerned with the security types for input/output variables of a program and would like to have all types for auxiliary variables inferred automatically. We presented a type inference algorithm B and proved its soundness and completeness. Moreover, algorithm B stays close to the program and the type system and therefore facilitates informative error reporting that is generated in a cascading fashion. Algorithm Band error reporting have been implemented and tested.
Lastly, we presented a novel framework for developing applications that ensure user information privacy. In this framework, core computations are defined as code modules that involve input/output data from multiple parties. Incrementally, secure flow policies are refined based on feedback from the type checking/inference. Core computations only interact with code modules from involved parties through well-defined interfaces. All code modules are digitally signed to ensure their authenticity and integrity.
27
Zhang, Chenyi Computer Science & Engineering Faculty of Engineering UNSW. "Information flow security - models, verification and schedulers." Publisher:University of New South Wales. Computer Science & Engineering, 2009. http://handle.unsw.edu.au/1959.4/43410.
Full textAbstract:
Information flow security concerns how to protect sensitive data in computer systems by avoiding undesirable flow of information between the users of the systems. This thesis studies information flow security properties in state-based systems, dealing in particular with modelling and verification methods for asynchronous systems and synchronous systems with schedulers. The aim of this study is to provide a foundational guide to ensure confidentiality in system design and verification. The thesis begins with a study of definitions of security properties in asynchronous models. Two classes of security notions are of particular interest. Trace-based properties disallow deductions of high security level secrets from low level observation traces. Bisimulation-based properties express security as a low-level observational equivalence relation on states. In the literature, several distinct schools have developed frameworks for information flow security properties based on different semantic domains. One of the major contributions of the thesis is a systematic study that compares security notions, using semantic mappings between two state-based models and a particular process algebraic model. An advantage of state-based models is the availability of well-developed verification methods and tools for functional properties in finite state systems. The thesis investigates the application of these methods to the algorithmic verification of the information flow security properties in the asynchronous settings. The complexity bounds for verifying these security properties are given as polynomial time for the bisimulation-based properties and polynomial space complete for the trace-based properties. Two heuristics are presented to benefit the verifications of the properties in practice. Timing channels are one of the major concerns in the computer security community, but are not captured in asynchronous models. In the final part of the thesis, a new system model is defined that deals with timing and scheduling. A group of novel security notions, including both trace-based and bisimulation-based properties, are proposed in this new model. It is further investigated whether these security properties are preserved by refinement of schedulers and scheduler implementations. A case study of a multi- evel secure file server is described, which applies a number of access control rules to enforce a particular bisimulation-based property in the synchronous setting.
28
George, Ryan Thomas. "Information flow to support front end planning." Connect to this title online, 2007. http://etd.lib.clemson.edu/documents/1181666151/.
Full textAbstract:
Thesis (Ph.D.) -- Clemson University, 2007.Title from first page of PDF file. Document formatted into pages; contains xvi, 385 p. ; also includes graphics (some col.). Contains additional supplemental file.
29
Akuney, Arseniy. "Information flow identification in large email datasets." Thesis, University of British Columbia, 2011. http://hdl.handle.net/2429/39847.
Full textAbstract:
Identifying information flow in emails is an important, yet challenging task. In this work we investigate several algorithms for identifying similar sentences in large email datasets, as well as an algorithm for reconstructing threads from unstructured emails. We present a detailed evaluation of each algorithm in terms of accuracy and time performance. We also investigate the usage of cloud computing in order to increase computational efficiency and make information discovery usable in real time.
30
Lundqvist, Pia. "A service minded information flow in transports." Thesis, Linköpings universitet, Institutionen för teknik och naturvetenskap, 2007. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-96197.
Full textAbstract:
This thesis is about information flow and customer service at Besam Production AB´s transport department. The focus of this thesis is to study the daily routines at the transport department regarding information flow and customer service both to the customers and to the forwarder. And how the information flow can be changed to be more efficient, save time and how to make this to an advantage against theirs competitors, is also studied. Like vise the customer service that Besam Production today is offering their customer at the transportation point and witch improvements that can be carried out. In the chapter where the current situation the daily work and situation for the transport department is addressed. Especially the situations regarding information flow to and from the daily used forwarder, Geologistics, and the information flow that today exist between the transport department and daughter-companies/end customers. In this chapter it’s also addressed witch kind of customer service that Besam Production AB today offers with their transport and what kind of customer service that Besam Production AB today is receiving bfrom their forwarder. In the literature study different forms of information flow and the importance of the information quality and contains, is studied. In this chapter different forms of customer service and how important the opinion of the customer is, is also studied. The result of the analysis between the chapters, current situation and literature study is for show in the conclusions’ chapter. The most important results in this thesis indicate that major improvements can be carried out within the transportation department in both areas. An example of this is that the greatest information flow today is transferred with fax. If the information flow instead was transferred electronically, the time saved could be used for customer service that today is not developed enough.Detta examensarbete handlar om informationsflöden och kundservice vid Besam Production AB:s utskeppningsavdelning. Syftet med detta arbete är att se över de nuvarande rutinerna som idag finns på utskeppningsavdelning vad gäller informationsflöde vid de dagliga transportbokningarna både till transportören och till kunderna. Hur informationsflödet här kan förändras för att kunna bli mer effektivt, spara tid och bli en konkurrensfördel för Besam Production AB undersöks också. Även en granskning av den kundservice som Besam Production AB erbjuder vid transporter till sina kunder granskas och hur denna skulle kunna förbättras ses också över. I nulägesbeskrivningen tas det upp hur nuläget för skeppningsavdelningen ser ut både vad gäller informationsflöde till och från den transportör som används till de dagliga transporterna Geologistics och det informationsflöde som idag finns mellan utskeppningsavdelningen och dotterbolagen/slutkunderna. Det tas även i nulägesbeskrivningen upp vilken form av kundservice som i dagens läge ges vid transporter från Besam Production AB och vilken kundservice som Besam erhåller från Geologistics. I litteraturstudien studeras olika former av informationsflöde och vikten av informationsinnehållet. Här tas även upp olika former av kundservice vid transporter och hur viktigt det är för ett företag att ha rätt syn på sina kunder och hur viktigt det är att vara medveten om vad det egentligen kunderna vill ha vad gäller service. Resultatet av analysen mellan nulägesbeskrivningen och litteraturstudien finns i slutsatserna. De viktigaste resultaten som har framkommit genom detta arbete indikerar att genomgående förbättringar kan ske på utskeppningsavdelningen både vad gäller informationsflöden och kundservice. Som exempel på detta kan nämnas att det största informationsflödet idag sker med hjälp av fax. Om detta istället genomföras på elektronisk väg, skulle mer tid kunna frigöras som kan användas till den idag ej tillräckligt utvecklade kundservicen.
31
Ahmedani, Ahmer. "Information flow in a Java intermediate language." Thesis, McGill University, 2006. http://digitool.Library.McGill.CA:80/R/?func=dbin-jump-full&object_id=100756.
Full textAbstract:
It is a common practice to retrieve code from an outside source, execute it and return the result to the user. During execution secure data can enter the program by user input or access of a data resource. It is important to track the secure data once it enters the program to identify possible information flows to unwanted regions of the code which would permit undesirable data output to a user. Most approaches to restrict information flow in programs have fallen short of providing a practical solution for mainstream programming languages.To address this issue, this thesis presents two context-sensitive inter-procedural analyses which analyze an intermediate representation of Java Bytecode for secure information flow. The first analysis assumes that there is only one instance of all class fields where as the second analysis uses points-to information to differentiate between instance fields which belong to different instances of the same class. The analyses track secure information in the program by maintaining sets of secure data. The analyses resolve dynamic method resolution in Java statically by analyzing all possible methods which may be invoked at a call site and merging the secure data sets. We were able to define rules to analyze all the statements in the intermediate representation and also accounted for Java libraries. The analyses do not expect any security annotations in the program.
Type information is useful in debugging, guiding optimizations, and specifying and providing safety proofs for programs. A type system for a subset of the Java Bytecode intermediate representation is also formulated in this thesis. An operational semantics is specified and a type preservation proof assures the soundness of the type system.
Non-trivial benchmarks were analyzed and explicit and implicit information flows were counted for both analyses. The empirical data collected suggests secure data is used in many statements of programs and output of data to a user at several places in a program can lead to information flow if the user does not have the right permission to observe the data.
32
Chung, William Wing-Ho. "Secure information flow in object oriented languages." Thesis, Imperial College London, 2004. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.408806.
Full text
33
Zhang, Kan. "On secure information flow in computer systems." Thesis, University of Cambridge, 2000. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.621829.
Full text
34
Razavi, Joseph. "Information flow in spatial models of computation." Thesis, University of Manchester, 2017. https://www.research.manchester.ac.uk/portal/en/theses/information-flow-in-spatial-models-of-computation(cbd06463-5662-44cd-abe5-5cbc7370d41d).html.
Full textAbstract:
Some models of computation have a notion of underlying space. In this thesis, we study the way in which information flows over this space in the course of computation, with the aim of discovering some geometric structure in the set of possible computations. We select cellular automata as a particular example to study. We define an abstract notion of information flow and characterize those which come from cellular automata. A slight generalization of the properties involved in the characterization includes what can be interpreted as a continuity condition on the flow of information. This condition can be thought of as giving an Alexandroff neighbourhood space (a mild generalization of a topological space) whose points are distributions of information. Motivated by this we study aspects of the structure of Alexandroff neighbourhood spaces. We show that any map from a simplicial complex into an Alexandroff space is homotopic to one of a simple combinatorial form.
35
McCamant, Stephen. "Quantitative information-flow tracking for real systems." Thesis, Massachusetts Institute of Technology, 2008. http://hdl.handle.net/1721.1/44903.
Full textAbstract:
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.
Includes bibliographical references (p. 99-105).
An information-flow security policy constrains a computer system's end-to-end use of information, even as it is transformed in computation. For instance, a policy would not just restrict what secret data could be revealed directly, but restrict any output that might allow inferences about the secret. Expressing such a policy quantitatively, in terms of a specific number of bits of information, is often an effective program independent way of distinguishing what scenarios should be allowed and disallowed. This thesis describes a family of new techniques for measuring how much information about a program's secret inputs is revealed by its public outputs on a particular execution, in order to check a quantitative policy on realistic systems. Our approach builds on dynamic tainting, tracking at runtime which bits might contain secret in formation, and also uses static control-flow regions to soundly account for implicit flows via branches and pointer operations. We introduce a new graph model that bounds information flow by the maximum flow between inputs and outputs in a flow network representation of an execution. The flow bounds obtained with maximum flow are much more precise than those based on tainting alone (which is equivalent to graph reachability). The bounds are a conservative estimate of channel capacity: the amount of information that could be transmitted by an adversary making an arbitrary choice of secret inputs. We describe an implementation named Flowcheck, built using the Valgrind framework for x86/Linux binaries, and use it to perform case studies on six real C, C++, and Objective C programs, three of which have more than 250,000 lines of code. We used the tool to check the confidentiality of a different kind of information appropriate to each program. Its results either verified that the information was appropriately kept secret on the examined executions, or revealed unacceptable leaks, in one case due to a previously unknown bug.
by Stephen Andrew McCamant.
Ph.D.
36
Krohn, Maxwell N. (Maxwell Norman). "Information flow control for secure web sites." Thesis, Massachusetts Institute of Technology, 2008. http://hdl.handle.net/1721.1/45864.
Full textAbstract:
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008.Includes bibliographical references (leaves 117-125).
Sometimes Web sites fail in the worst ways. They can reveal private data that can never be retracted [60, 72, 78, 79]. Or they can succumb to vandalism, and subsequently show corrupt data to users [27]. Blame can fall on the off-the-shelf software that runs the site (e.g., the operating system, the application libraries, the Web server, etc.), but more frequently (as in the above references), the custom application code is the guilty party. Unfortunately, the custom code behind many Web sites is difficult to secure and audit, due to large and rapidly-changing trusted computing bases (TCBs). A promising approach to reducing TCBs for Web sites is decentralized information flow control (DIFC) [21, 69, 113]. DIFC allows the split of a Web application into two types of components: those inside the TCB (trusted), and those without (untrusted). The untrusted components are large, change frequently, and do most of the computation. Even if buggy, they cannot move data contrary to security policy. Trusted components are much smaller, and configure the Web site's security policies. They need only change when the policy changes, and not when new features are introduced. Bugs in the trusted code can lead to compromise, but the trusted code is smaller and therefore easier to audit. The drawback of DIFC, up to now, is that the approach requires a major shift in how programmers develop applications and thus remains inaccessible to programmers using today's proven programming abstractions. This thesis proposes a new DIFC system, Flume, that brings DIFC controls to the operating systems and programming languages in wide use today. Its key contributions are: (1) a simplified DIFC model with provable security guarantees; (2) a new primitive called endpoints that bridges the gap between the Flume DIFC model and standard operating systems interfaces; (3) an implementation at user-level on Linux; and (4) success in securing a popular preexisting Web application (MoinMoin Wiki).
by Maxwell Norman Krohn.
Ph.D.
37
Texin, Cheryl (Cheryl A. ). "Optical flow using phase information for deblurring." Thesis, Massachusetts Institute of Technology, 2007. http://hdl.handle.net/1721.1/41673.
Full textAbstract:
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.Includes bibliographical references (p. 121-123).
This thesis presents a method for reconstructing motion-degraded images by using velocity information generated with a phase-based optical flow calculation. The optical flow method applies a set of frequency-tuned Gabor filters to an image sequence in order to determine the component velocities for each pixel by tracking temporally separated phase contours. The resulting set of component velocities is normalized and averaged to generate a single 2D velocity at each pixel in the image. The 2D optical flow velocity is used to estimate the motion-blur PSF for the image reconstruction process, which applies a regularization filter to each pixel. The 2D velocities generally had small angular and magnitude errors. Image sequences where the motion varied from frame to frame had poorer results than image sequences where the motion was constant across all frames. The quality of the deblurred image is directly affected by the quality of the velocity vectors generated with the optical flow calculations. When accurate 2D velocities are provided, the deblurring process generates sharp results for most types of motion. The magnitude error proved to be a larger problem than the angular error, due to the averaging process involved in creating the 2D velocity vectors from the component velocities. Both the optical flow and deblurring components had difficulty handling rotational motion, where the linearized model of the motion vector is inappropriate. Retaining the component velocities may solve the problem of linearization.
by Cheryl Texin.
M.Eng.
38
Cliffer, Natan Tsvi Cohen. "Decentralized information flow control on a cluster." Thesis, Massachusetts Institute of Technology, 2007. http://hdl.handle.net/1721.1/45985.
Full textAbstract:
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.Includes bibliographical references (p. 53-54).
Information flow control security models can prevent programs from divulging sensitive information in unexpected ways. There has been significant work on tracking information flow between processes in the same computer at the operating system level. I present a modification to the Flume information flow control system for OpenBSD that allows information flow to be tracked between programs on different computers, as long as the system software on all involved computers is maintained by the same trusted entity. This allows the benefits of Flume to be applied to computer systems that take the cluster approach to scaling.
by Natan Tsvi Cohen Cliffer.
M.Eng.
39
Mathewson, Nicholas A. (Nicholas Albert) 1977. "Verifying information flow control in Java bytecodes." Thesis, Massachusetts Institute of Technology, 2000. http://hdl.handle.net/1721.1/86523.
Full textAbstract:
Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2000.Includes bibliographical references (p. 49).
by Nicholas A. Mathewson.
M.Eng.
40
Roberts, Benjamin George. "Language semantics for secure information flow analysis." Thesis, University of Cambridge, 2013. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.607941.
Full text
41
Sarrab, Mohamed Khalefa. "Policy based runtime verification of information flow." Thesis, De Montfort University, 2011. http://hdl.handle.net/2086/4929.
Full textAbstract:
Standard security mechanism such as Access control, Firewall and Encryption only focus on controlling the release of information but no limitations are placed on controlling the propagation of that confidential information. The principle problem of controlling sensitive information confidentiality starts after access is granted. The research described in this thesis belongs to the constructive research field where the constructive refers to knowledge contributions being developed as a new framework, theory, model or algorithm. The methodology of the proposed approach is made up of eight work packages. One addresses the research background and the research project requirements. Six are scientific research work packages. The last work package concentrates on the thesis writing up. There is currently no monitoring mechanism for controlling information flow during runtime that support behaviour configurability and User interaction. Configurability is an important requirement because what is considered to be secure today can be insecure tomorrow. The interaction with users is very important in flexible and reliable security monitoring mechanism because different users may have different security requirements. The interaction with monitoring mechanism enables the user to change program behaviours or modify the way that information flows while the program is executing. One of the motivations for this research is the information flow policy in the hand of the end user. The main objective of this research is to develop a usable security mechanism for controlling information flow within a software application during runtime. Usable security refers to enabling users to manage their systems security without defining elaborate security rules before starting the application. Our aim is to provide usable security that enables users to manage their systems' security without defining elaborate security rules before starting the application. Security will be achieved by an interactive process in which our framework will query the user for security requirements for specific pieces of information that are made available to the software and then continue to enforce these requirements on the application using a novel runtime verification technique for tracing information flow. The main achievement of this research is a usable security mechanism for controlling information flow within a software application during runtime. Security will be achieved by an interactive process to enforce user requirements on the application using runtime verification technique for tracing information flow. The contributions are as following. Runtime Monitoring: The proposed runtime monitoring mechanism ensures that the program execution is contains only legal flows that are defined in the information flow policy or approved by the user. Runtime Management: The behaviour of a program that about to leak confidential information will be altered by the monitor according to the user decision. User interaction control: The achieved user interaction with the monitoring mechanism during runtime enable users to change the program behaviours while the program is executing.
42
Dash, Santanu Kumar. "Adaptive constraint solving for information flow analysis." Thesis, University of Hertfordshire, 2015. http://hdl.handle.net/2299/16354.
Full textAbstract:
In program analysis, unknown properties for terms are typically represented symbolically as variables. Bound constraints on these variables can then specify multiple optimisation goals for computer programs and nd application in areas such as type theory, security, alias analysis and resource reasoning. Resolution of bound constraints is a problem steeped in graph theory; interdependencies between the variables is represented as a constraint graph. Additionally, constants are introduced into the system as concrete bounds over these variables and constants themselves are ordered over a lattice which is, once again, represented as a graph. Despite graph algorithms being central to bound constraint solving, most approaches to program optimisation that use bound constraint solving have treated their graph theoretic foundations as a black box. Little has been done to investigate the computational costs or design e cient graph algorithms for constraint resolution. Emerging examples of these lattices and bound constraint graphs, particularly from the domain of language-based security, are showing that these graphs and lattices are structurally diverse and could be arbitrarily large. Therefore, there is a pressing need to investigate the graph theoretic foundations of bound constraint solving. In this thesis, we investigate the computational costs of bound constraint solving from a graph theoretic perspective for Information Flow Analysis (IFA); IFA is a sub- eld of language-based security which veri es whether con dentiality and integrity of classified information is preserved as it is manipulated by a program. We present a novel framework based on graph decomposition for solving the (atomic) bound constraint problem for IFA. Our approach enables us to abstract away from connections between individual vertices to those between sets of vertices in both the constraint graph and an accompanying security lattice which defines ordering over constants. Thereby, we are able to achieve significant speedups compared to state-of-the-art graph algorithms applied to bound constraint solving. More importantly, our algorithms are highly adaptive in nature and seamlessly adapt to the structure of the constraint graph and the lattice. The computational costs of our approach is a function of the latent scope of decomposition in the constraint graph and the lattice; therefore, we enjoy the fastest runtime for every point in the structure-spectrum of these graphs and lattices. While the techniques in this dissertation are developed with IFA in mind, they can be extended to other application of the bound constraints problem, such as type inference and program analysis frameworks which use annotated type systems, where constants are ordered over a lattice.
43
Akella, Ravi Chandra. "Information flow properties for cyber-physical systems." Diss., Rolla, Mo. : Missouri University of Science and Technology, 2009. http://scholarsmine.mst.edu/thesis/pdf/Akella_09007dcc806406a3.pdf.
Full textAbstract:
Thesis (M.S.)--Missouri University of Science and Technology, 2009.Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed April 15, 2009) Includes bibliographical references (p. 34-36).
44
Frazza, Alessandro <1988>. "An Information Flow Type System for Android." Master's Degree Thesis, Università Ca' Foscari Venezia, 2013. http://hdl.handle.net/10579/2839.
Full textAbstract:
La crescente adozione da parte di dispositivi mobili del sistema operativo Android ha accresciuto l'interesse in meccanismi capaci di garantire la segretezza e l'integrità delle informazioni sensibili presenti all'interno dei dispositivi stessi.
Questa tesi descrive un nuovo type system che, sfruttando il Decentralized Label Model, permette allo sviluppatore di garantire il rispetto delle suddette proprietà da parte del proprio applicativo, in maniera del tutto trasparente per l'utente finale.
Il framework proposto deve affrontare alcune sfide peculiari della piattaforma Android, quali un control flow non standard, un sistema di comunicazione basato su Intent non tipati e l'introduzione di un supporto per alcune fra le caratteristiche più recenti di Java come i Generics. Trattandosi di analisi quasi interamente di tipo statico, l'impatto sulle prestazioni del codice risulta minimale.
La tesi descrive inoltre come la soluzione qui proposta andrà ad integrarsi con il framework Lintent, che analizza staticamente applicazioni Android al fine di prevenire attacchi di privilege escalation e verificare il corretto utilizzo dell'API per la comunicazione inter-componente.
45
Mahnke, Rolf [Verfasser]. "Flow Experience on the Internet : Advances in Information Systems Flow Research / Rolf Mahnke." Berlin : epubli GmbH, 2015. http://d-nb.info/1070122920/34.
Full text
46
Mäkinen, J. M. (Juha-Matti). "Flow-tila elektronisten laitteiden käytössä." Master's thesis, University of Oulu, 2017. http://urn.fi/URN:NBN:fi:oulu-201710112982.
Full textAbstract:
Flow-tila on mielentila, jossa henkilö on uppoutunut suorittamaansa aktiviteettiin energisellä tavalla. Sen ominaisuuksiin kuuluvat erityisesti syventyminen ja nautinnollisuus. Flow-tilan huomaa mm. siitä, että henkilö on kokonaan syventynyt aktiviteettiinsa ja menettänyt ajantajunsa. Tutkimuksen tarkoituksena oli tutkia erityisesti flow-tilan vaikutuksia elektronisten laitteiden käytössä, ja miten flow-tila koetaan yksilöllisellä tasolla elektronisten laitteiden kanssa työskenneltäessä. Aluksi tehtiin katsaus aikaisemmista flow-tiloja käsittelevistä tutkimuksista. Katsauksen pohjalta valittiin kriteerit, kategoriat ja tutkimuksessa käytetyt työkalut. Tutkimus tehtiin seuraten laadullisen tapaustutkimuksen periaatteita, hyödyntäen aineistonkeruussa haastattelua ja dokumenttien tutkimista. Tätä lähestymistapaa sovellettiin tutkimukseen ensin aikaisemmista tapaustutkimuksista. Aiemmista tapaustutkimuksista mallia ottamalla saatiin aikaan tutkimuksen käyttämä lähestymistapa. Aineistoa tutkimukseen kerättiin tutkimukseen valittujen tutkimuksen osanottajien haastatteluilla, tarkkailulla ja itseraportointidokumenttien tutkimisella. Lopuksi kerrottiin tutkimuksen tuloksista ja esitettiin mahdollisia tutkimuskysymyksiä jatkotutkimuksille, pohjautuen tutkimuksen aikana tehtyihin havaintoihin. Tutkimuksen vastaukseksi saatiin esille flow-tilan vaikutuksia elektronisten laitteiden käytössä, ja miten flow-tila koettiin yksilöllisellä tasolla. Tutkimuksessa käytettiin aiempiin tutkimuksiin perustuvaa määritelmää flow-tilan vaatimuksista, ominaisuuksista ja seuraamuksista. Vaatimukset: Haasteiden ja taidon tasapaino, haastavuus, nopea palaute, usko omaan kykyyn vastata haasteeseen, tulosten näkyvyys, haasteiden ja taitojen nouseminen. Ominaisuudet: äärimmäinen keskittyminen, muiden aatteiden kadottaminen, tekojen ja tietoisuuden yhdistyminen, ajantajun kadottaminen, positiivinen kokemus, nautinnollisuus. Negatiiviset ominaisuudet: Harhautuminen, ajantuhlaus, riippuvuus, mahdollista kokea antisosiaalisessa kontekstissa. Seuraamukset: parantunut oppiminen, teknologian käytön parantuminen, parempi työmotivaatio, tutkiva käytös. Tutkimuksen tarkoituksena oli tutkia vaikutuksia. Tutkielman loppuvaiheessa havainnoitiin seuraavia positiivisia vaikutuksia: Positiiviset: Syvä keskittyminen, parantunut motivaatio, nautinnollisuus, parantunut käyttökokemus, parantunut suorituskyky, parantunut oppiminen, ajantajun hämärtyminen, muiden ajatusten kadottaminen, positiivinen yksilöllinen kokemus. Tutkimuksessa havainnoitiin myös negatiivisia vaikutuksia: Turhautuminen, antisosiaalisuus, ajantuhlaus, havainnoinnin heikkeneminen, aggressio, tärkeiden asioiden unohtaminen, riippuvuus, riippuvuuden kehitys. Tutkimuksen tarkoituksia varten ominaisuudet ja seuraamukset yhdistettiin vaikutuksiksi, joista saatiin flow-tilan vaikutukset elektroniikan käytössä esille. Tutkimuksessa todettiin flow-tilan tapahtuvan elektronisten laitteiden käytössä, mutta siihen pääsemisen kriteerit olivat enemmän henkilöiden mielestä ja havainnoinnista riippuvaisia. Tutkimuksessa päädyttiin siihen tulokseen, että havaittiin samojen sääntöjen pätevän flow-tilaan käytettäessä elektronisia laitteita, kuin muissakin aktiviteeteissa, joissa flow-tiloja on aiemmissa tutkimuksissa havainnoitu.
47
Khademhosseinieh, Banafsheh, and Muhammad Tahir Khan. "Tools and Organisational Measures to Improve Information Flow." Thesis, Jönköping University, JTH, Computer and Electrical Engineering, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-9608.
Full textAbstract:
In this age, too much information is provided to the users. So that they face information overload problem and spend more time in finding the right information according to their needs. The information available to the right person on the right time can make significant difference in the work tasks and business processes in an organisation.
This thesis work is on improving information flow within an organisation for a person having a certain role. The concentration of the work is on finding the factors (Qualifiers) which affect the information needs of the user and the actions which should be carried out to fulfil them, as well as suitable IT tools. All these have been presented as Final Result Table. This table shows the information needs, their qualifiers, and suggested actions that can be taken tocarry out a specific need. Besides, we found that there are some General Actions. These kinds of actions are not related to any specific need. Rather, while working to fulfil any of the needs, they can be taken for enhancing the work quality and speed. Further, these actions were classified into two groups: Information System Classification and Organisational Measures.
48
Gatenby, Robert A., and B. Roy Frieden. "Cellular information dynamics through transmembrane flow of ions." NATURE PUBLISHING GROUP, 2017. http://hdl.handle.net/10150/626193.
Full textAbstract:
We propose cells generate large transmembrane ion gradients to form information circuits that detect, process, and respond to environmental perturbations or signals. In this model, the specialized gates of transmembrane ion channels function as information detectors that communicate to the cell through rapid and (usually) local pulses of ions. Information in the ion "puffs" is received and processed by the cell through resulting changes in charge density and/or mobile cation (and/or anion) concentrations alter the localization and function of peripheral membrane proteins. The subsequent changes in protein binding to the membrane or activation of K+, Ca2+ or Mg2+ -dependent enzymes then constitute a cellular response to the perturbation. To test this hypothesis we analyzed ion-based signal transmission as a communication channel operating with coded inputs and decoded outputs. By minimizing the Kullback-Leibler cross entropy H-KL(p||q) between concentrations of the ion species inside p(i)(t) i = 1,.,N , and outside q(i)(t) the cell membrane, we find signal transmission through transmembrane ion flow forms an optimal Shannon information channel that minimizes information loss and maximizes transmission speed. We demonstrate the ion dynamics in neuronal action potentials described by Hodgkin and Huxley (including the equations themselves) represent a special case of these general information principles.
49
Meng, Ziyuan. "Two-Bit Pattern Analysis For Quantitative Information Flow." FIU Digital Commons, 2014. http://digitalcommons.fiu.edu/etd/1326.
Full textAbstract:
Protecting confidential information from improper disclosure is a fundamental security goal. While encryption and access control are important tools for ensuring confidentiality, they cannot prevent an authorized system from leaking confidential information to its publicly observable outputs, whether inadvertently or maliciously. Hence, secure information flow aims to provide end-to-end control of information flow. Unfortunately, the traditionally-adopted policy of noninterference, which forbids all improper leakage, is often too restrictive. Theories of quantitative information flow address this issue by quantifying the amount of confidential information leaked by a system, with the goal of showing that it is intuitively “small” enough to be tolerated. Given such a theory, it is crucial to develop automated techniques for calculating the leakage in a system.
This dissertation is concerned with program analysis for calculating the maximum leakage, or capacity, of confidential information in the context of deterministic systems and under three proposed entropy measures of information leakage: Shannon entropy leakage, min-entropy leakage, and g-leakage. In this context, it turns out that calculating the maximum leakage of a program reduces to counting the number of possible outputs that it can produce.
The new approach introduced in this dissertation is to determine two-bit patterns, the relationships among pairs of bits in the output; for instance we might determine that two bits must be unequal. By counting the number of solutions to the two-bit patterns, we obtain an upper bound on the number of possible outputs. Hence, the maximum leakage can be bounded. We first describe a straightforward computation of the two-bit patterns using an automated prover. We then show a more efficient implementation that uses an implication graph to represent the two- bit patterns. It efficiently constructs the graph through the use of an automated prover, random executions, STP counterexamples, and deductive closure. The effectiveness of our techniques, both in terms of efficiency and accuracy, is shown through a number of case studies found in recent literature.
50
Corns, Steven Michael. "The role of information flow in engineering optimization." [Ames, Iowa : Iowa State University], 2008.
Find full text