This talk covers work that won the 2014 NSA Best Scientific Cybersecurity Paper Competition:
Protecting sensitive information from improper disclosure is a fundamental security goal. It is complicated, and difficult to achieve, often because of unavoidable or even unpredictable operating conditions that can lead to breaches in planned security defences. An attractive approach is to frame the goal as a quantitative problem, and then to design methods that measure system vulnerabilities in terms of the amount of information they leak. A consequence is that the precise operating conditions, and assumptions about prior knowledge, can play a crucial role in assessing the severity of any measured vunerability.
We develop this theme by concentrating on vulnerability measures that are robust in the sense of allowing general leakage bounds to be placed on a program, bounds that apply whatever its operating conditions and whatever the prior knowledge might be. In particular we propose a theory of channel capacity, generalising the Shannon capacity of information theory, that can apply both to additive- and to multiplicative forms of a recently-proposed measure known as g-leakage. Further, we explore the computational aspects of calculating these (new) capacities: one of these scenarios can be solved efficiently by expressing it as a Kantorovich distance, but another turns out to be NP-complete.
We also find capacity bounds for arbitrary correlations with data not directly accessed by the channel, as in the scenario of Dalenius's Desideratum.
Mário S. Alvim is (since 2013) an Assistant Professor in the Computer Science Department of the Federal University of Minas Gerais, one of the three CS departments in the country ranked as a center of excellence by the Brazilian Government. His research focus is formal methods for Information Hiding. He is particularly interested in Quantitative Information Flow, Information Theory, Statistical Disclosure Control, and Differential Privacy.
From January 2012 until September 2013 he was a post-doctoral researcher at the Department of Mathematics at the University of Pennsylvania under the supervision of Prof. Andre Scedrov, while also collaborating with Prof. Fred B. Schneider of Cornell University. He obtained his Ph.D. from LIX, École Polytechnique (France) in 2011 under the supervision of Prof. Catuscia Palamidessi. His dissertation on Formal Approaches to Information Hiding (more details about it here) was a finalist of the Prix de Thèse ParisTech 2011, granted by the Paris Institute of Technology (ParisTech), representing the best thesis in Computer Science among the 632 thesis defended that year in 12 of the most prestigious Grande Écoles in France.