[PPL-devel] [GIT] ppl/ppl(master): Reference added.

Sun Dec 29 22:53:01 CET 2013

Module: ppl/ppl
Branch: master
Commit: cd637456d40bd723746f31594b553e0fa6a66aa5
URL:    http://www.cs.unipr.it/git/gitweb.cgi?p=ppl/ppl.git;a=commit;h=cd637456d40bd723746f31594b553e0fa6a66aa5

Author: Patricia Hill <patricia.hill at bugseng.com>
Date:   Sun Dec 29 21:52:42 2013 +0000

Reference added.

---

 doc/ppl_citations.bib |   36 ++++++++++++++++++++++++++++++++++++
 1 files changed, 36 insertions(+), 0 deletions(-)

diff --git a/doc/ppl_citations.bib b/doc/ppl_citations.bib
index e78fcf9..08774df 100644
--- a/doc/ppl_citations.bib
+++ b/doc/ppl_citations.bib
@@ -3733,6 +3733,42 @@ Summarizing:
               to no loss in precision."
 }
 
+ at Inproceedings{MardzielMMS11,
+  Title = "Dynamic Enforcement of Knowledge-based Security Policies",
+  Author = "P. Mardziel and S. Magill and M. Hicks and M. Srivatsa",
+  Year = 2011,
+  Booktitle = "Proceedings of the 24th IEEE Computer Security
+               Foundations Symposium ({CSF})",
+  Publisher = "IEEE Xplore Digital Library",
+  Address = "New Orleans, Louisiana, USA",
+  Editor = "M. Backes and S.Zdancewic",
+  Pages = "114--128",
+  ISBN = "978-0-7695-4365-9",
+  Abstract = "This paper explores the idea of knowledge-based security
+              policies, which are used to decide whether to answer
+              queries over secret data based on an estimation of the
+              querier's (possibly increased) knowledge given the
+              results. Limiting knowledge is the goal of existing
+              information release policies that employ mechanisms such
+              as noising, anonymization, and
+              redaction. Knowledge-based policies are more general:
+              they increase flexibility by not fixing the means to
+              restrict information flow. We enforce a knowledge-based
+              policy by explicitly tracking a model of a querier's
+              belief about secret data, represented as a probability
+              distribution, and denying any query that could increase
+              knowledge above a given threshold. We implement query
+              analysis and belief tracking via abstract interpretation
+              using a novel probabilistic polyhedral domain, whose
+              design permits trading off precision with performance
+              while ensuring estimates of a querier's knowledge are
+              sound. Experiments with our implementation show that
+              several useful queries can be handled efficiently, and
+              performance scales far better than would more standard
+              implementations of probabilistic computation based on
+              sampling."
+}
+
 @Inproceedings{ManevichSRF04,
   Author = "R. Manevich and M. Sagiv and G. Ramalingam and J. Field",
   Title = "Partially Disjunctive Heap Abstraction",


