@inproceedings{b64e4778510c4b7194a070fb2b6781e7,
title = "Uniform Protection for Multi-exposed Targets",
abstract = "Ensuring that information is protected proportionately to its value is a major challenge in the development of robust distributed systems, where code complexity and technological constraints might allow reaching a key functionality along various paths. We propose a protection analysis over the Quality Calculus that computes the combinations of data required to reach a program point and relates them to a notion of cost. In this way, we can compare the security deployed on different paths that expose the same resource. The analysis is formalised in terms of flow logic, and is implemented as an optimisation problem encoded into Satisfiability Modulo Theories, allowing us to deal with complex cost structures. The usefulness of the approach is demonstrated on the study of password recovery systems.",
author = "Roberto Vigo and Flemming Nielson and Nielson, {Hanne Riis}",
year = "2014",
doi = "10.1007/978-3-662-43613-4_12",
language = "English",
isbn = "978-3-662-43612-7",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "182--198",
editor = "{\'A}brah{\'a}m, {Erika } and Palamidessi, {Catuscia }",
booktitle = "Formal Techniques for Distributed Objects, Components, and Systems. Proceedings",
note = "34th IFIP WG 6.1 International Conference, FORTE 2014 ; Conference date: 03-06-2014 Through 05-06-2014",
}