| ||||||||||||||||||||||||||||||||||||||||||||||||||||
Vol. 15 No. 2, © The Author, 2005. Published by Oxford University Press. All rights reserved.
Quantitative Information Flow, Relations and Polymorphic Types
1 Department of Computer Science, Kings College London, Strand, London WC1R 2LS, UK. E-mail: david{at}dcs.kcl.ac.uk, 2 Department of Computing, School of Informatics, City University, London EC1V OHB, UK. E-mail: seb{at}soi.city.ac.uk, 3 Department of Computer Science, Queen Mary, University of London, London E1 4NS, UK. E-mail: pm{at}dcs.qmul.ac.uk
This paper uses Shannon's information theory to give a quantitative definition of information flow in systems that transform inputs to outputs. For deterministic systems, the definition is shown to specialize to a simpler form when the information source and the known inputs jointly determine all inputs uniquely. For this special case, the definition is related to the classical security condition of non-interference and an equivalence is established between non-interference and independence of random variables. Quantitative information flow for deterministic systems is then presented in relational form. With this presentation, it is shown how relational parametricity can be used to derive upper and lower bounds on information flows through families of functions defined in the second-order lambda calculus.
Keywords: Information flow, information theory, lambda calculus, program analysis, polymorphism, parametricity
Received 21 June 2004.