Presentation is loading. Please wait.

Presentation is loading. Please wait.

PROBABILISTIC COMPUTATION FOR INFORMATION SECURITY Piotr (Peter) Mardziel (UMD) Kasturi Raghavan (UCLA)

Published byChrystal Johnson Modified over 9 years ago

Similar presentations

Presentation on theme: "PROBABILISTIC COMPUTATION FOR INFORMATION SECURITY Piotr (Peter) Mardziel (UMD) Kasturi Raghavan (UCLA)"— Presentation transcript:

1 PROBABILISTIC COMPUTATION FOR INFORMATION SECURITY Piotr (Peter) Mardziel (UMD) Kasturi Raghavan (UCLA)

2 Convenience 2 ~params prior ~params | [ model(~params) == sample ] posterior B 1 ~secret Bob’s belief about secret params B 1 ~secret | [ sys(B 1 ~secret) == sys(secret) ] = B 2 ~secret Bob’s revised belief secret Alice’s secret ~sample = model(~params) B 1 ~visible = sys(B 1 ~secret)

3 Photography Convenience 3 B 1 ~secret Bob’s belief about secret B 1 ~secret | [ sys(B 1 ~secret) == special-offer(secret) ] = B 2 ~secret Bob’s revised belief secret = (age, gender, engaged?) Alice’s secret B 1 ~visible = special-offer(B 1 ~secret) special-offer(age, gender, engaged?) = return (24 <= age <= 30 and gender == ‘female and engaged?) B 2 ~visible = fun 1 (B 1 ~secret) B 2 ~secret | [ sys(B 2 ~secret) == fun 2 (secret) ] = B 3 ~secret

4 Photography Protection 4 B 1 ~secret B 2 ~secret secret = (age, gender, engaged?) Alice’s secret special-offer (secret) Assumptions

5 Obfuscation/Noising 5 special-offer(secret) special-offer’(secret) special-offer’(age, gender, engaged?) = return (24 <= age <= 30 and gender == ‘female and engaged?) or Bernoulli(0.1) N(special-offer(O(secret))) … ? ?

6 Information flow Information flow / Non-interference: Does information flow? B 2 ~secret =? B 1 ~secret Quantified information flow: How much information flows? H(B 2 ~secret) – H(B 1 ~secret) 6 Yes?No? 0 ∞ B 1 ~secret B 2 ~secretB 3 ~secret Entropy / Min-entropy / Guessing entropy / etc..

7 “Semantic” information flow Information flow / Non-interference: Does information flow? Quantified information flow: How much information flows? Knowledge tracking / “semantic” information flow What information flows? 7 distributions over secret. B 1 ~secret. B 2 ~secret. B 3 ~secret entropy min-entropy guessing entropy … …

8 “Semantic” information flow 8 distributions over secret. B 1 ~secret. B 2 ~secret. B 3 ~secret entropy min-entropy guessing entropy … … Which quantity is appropriate? H(B 2 ~s) H ∞ (B 2 ~s) G(B 2 ~s) KL(A~s || B 2 ~s) s = (age, gender, engaged?)

9 More convenience Alice wants to hide her political preference. (not an aspect of the secret) Take function pol-pref: secret  { } that predicts political preference from demographics (age, gender, engaged?) 9 distributions over secret. B 1 ~secret. B 2 ~secret. B 3 ~secret entropy min-entropy guessing entropy … …

10 “Blacklist” function 10 distributions over secret. B 1 ~secret. B 3 ~secret distributions over party. B 1 ~party. B 2 ~party. B 3 ~party. B 2 ~secret B i ~party = pol-ref(B i ~secret) ambiguous privacy implication

11 Limiting knowledge 11 Alice can use knowledge tracking to enforce limits to knowledge. distributions over secret. B 1 ~secret. B 2 ~secret. B 3 ~secret. B 4 ~secret Policy(~secret)  {true,false}

12 Assumptions 12 Alice knows what Bob believes about her secret initially. Alice can perform the probabilistic interpretation and conditioning “accurately enough”. distributions over secret. B 1 ~secret. B 3 ~secret. B 4 ~secret. B 2 ~secret. B’ 4 ~secret Policy(~secret)  {true,false}

13 Assumptions 13 Alice knows what Bob believes about her secret initially. Alice can perform the probabilistic interpretation and conditioning “accurately enough”. distributions over secret. B 1 ~secret. B 3 ~secret. B 4 ~secret. B 2 ~secret. B’ 4 ~secret Soundness: Policy(B i ~secret) == false  Policy(B’ i ~secret) == false Policy(~secret)  {true,false}

14 An approach 14 distributions over secret. B 3 ~secret. B 2 ~secret. B 1 ~secret Abstract representation of sets of distributions. Abstract probabilistic semantics and conditioning, over-approximating the exact semantics and conditioning. Policy: sound check for min-entropy bounds. B 4 ~secret Piotr Mardziel, Stephen Magill, Michael Hicks, Mudhakar Srivasta. Dynamic enforcement of knowledge-based security policies using abstract interpretation.

15 Probabilistic computation for information security Convenient reasoning about information security. “Semantic” information flow: more flexible than quantified information flow Enforcement mechanisms require soundness to guarantee security conditions.

16 Probabilistic computation for information security Convenient reasoning about information security. “Semantic” information flow: more flexible than quantified information flow Enforcement mechanisms require soundness to guarantee security conditions. How to take advantage of ML-inspired probabilistic programming techniques for information security? More efficient inference? Search problems: find “optimal” noising/obfuscation parameters. B 1 ~secret. B 2 ~secret. B 3 ~secret. B 4 ~secret

17 Go back. 17

Download ppt "PROBABILISTIC COMPUTATION FOR INFORMATION SECURITY Piotr (Peter) Mardziel (UMD) Kasturi Raghavan (UCLA)"

Similar presentations

Polylogarithmic Private Approximations and Efficient Matching

Polylogarithmic Private Approximations and Efficient Matching
Bayes rule, priors and maximum a posteriori

Bayes rule, priors and maximum a posteriori
Intelligent Tutoring System based on Belief networks Maomi Ueno Nagaoka University of Technology.

Intelligent Tutoring System based on Belief networks Maomi Ueno Nagaoka University of Technology.
Controlled Functional Encryption Muhammad Naveed, Shashank Agrawal, Manoj Prabhakaran, Xiaofeng Wang, Erman Ayday, Jean-Pierre Hubaux, Carl A. Gunter.

Controlled Functional Encryption Muhammad Naveed, Shashank Agrawal, Manoj Prabhakaran, Xiaofeng Wang, Erman Ayday, Jean-Pierre Hubaux, Carl A. Gunter.
State Estimation and Kalman Filtering CS B659 Spring 2013 Kris Hauser.

State Estimation and Kalman Filtering CS B659 Spring 2013 Kris Hauser.
The Role of History and Prediction in Data Privacy Kristen LeFevre University of Michigan May 13, 2009.

The Role of History and Prediction in Data Privacy Kristen LeFevre University of Michigan May 13, 2009.
Finding bugs: Analysis Techniques & Tools Comparison of Program Analysis Techniques CS161 Computer Security Cho, Chia Yuan.

Finding bugs: Analysis Techniques & Tools Comparison of Program Analysis Techniques CS161 Computer Security Cho, Chia Yuan.
1 Information complexity and exact communication bounds April 26, 2013 Mark Braverman Princeton University Based on joint work with Ankit Garg, Denis Pankratov,

1 Information complexity and exact communication bounds April 26, 2013 Mark Braverman Princeton University Based on joint work with Ankit Garg, Denis Pankratov,
NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.

NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.

Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.
DYNAMIC ENFORCEMENT OF KNOWLEDGE-BASED SECURITY POLICIES Piotr (Peter) Mardziel, Stephen Magill, Michael Hicks, and Mudhakar Srivatsa.

DYNAMIC ENFORCEMENT OF KNOWLEDGE-BASED SECURITY POLICIES Piotr (Peter) Mardziel, Stephen Magill, Michael Hicks, and Mudhakar Srivatsa.
What Are Partially Observable Markov Decision Processes and Why Might You Care? Bob Wall CS 536.

What Are Partially Observable Markov Decision Processes and Why Might You Care? Bob Wall CS 536.
CSE 331 SOFTWARE DESIGN & IMPLEMENTATION TESTING II Autumn 2011.

CSE 331 SOFTWARE DESIGN & IMPLEMENTATION TESTING II Autumn 2011.
CSE 221: Probabilistic Analysis of Computer Systems Topics covered: Statistical inference (Sec. )

CSE 221: Probabilistic Analysis of Computer Systems Topics covered: Statistical inference (Sec. )
CSE 221: Probabilistic Analysis of Computer Systems Topics covered: Statistical inference.

CSE 221: Probabilistic Analysis of Computer Systems Topics covered: Statistical inference.
Frank McSherry Researcher Microsoft Research, Silicon Valley.

Frank McSherry Researcher Microsoft Research, Silicon Valley.
QM 2113 - Spring 2002 Business Statistics Sampling Concepts.

QM Spring 2002 Business Statistics Sampling Concepts.
Elisa Bertino Dept. of Computer Science University of Milano Page 1 Author-X Secure and selective access and flexible distribution mechanisms for XML documents.

Elisa Bertino Dept. of Computer Science University of Milano Page 1 Author-X Secure and selective access and flexible distribution mechanisms for XML documents.
Bayesian Filtering for Location Estimation D. Fox, J. Hightower, L. Liao, D. Schulz, and G. Borriello Presented by: Honggang Zhang.

Bayesian Filtering for Location Estimation D. Fox, J. Hightower, L. Liao, D. Schulz, and G. Borriello Presented by: Honggang Zhang.

Similar presentations

Ads by Google