Information Security as Strategic (In)effectivity

Conference paper

DOI: 10.1007/978-3-319-46598-2_11

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9871)
Cite this paper as:
Jamroga W., Tabatabaei M. (2016) Information Security as Strategic (In)effectivity. In: Barthe G., Markatos E., Samarati P. (eds) Security and Trust Management. STM 2016. Lecture Notes in Computer Science, vol 9871. Springer, Cham

Abstract

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself, but rather a means of preventing potential attackers from compromising the correct behavior of the system. To formalize this, we first show how two information flows can be compared by looking at the adversary’s ability to harm the system. Then, we propose that the information flow in a system is effectively information-secure if it does not allow for more harm than its idealized variant based on the classical notion of noninterference.

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.Institute of Computer SciencePolish Academy of SciencesWarszawaPoland
  2. 2.Interdisciplinary Centre for Security and TrustUniversity of LuxembourgLuxembourgLuxembourg

Personalised recommendations