Researcher develops method for monitoring whether private information is sufficiently protected

Apr 24, 2014 by Kim Bekmann

Tri Minh Ngo, researcher at the University of Twente, has developed a new method for monitoring whether private information is sufficiently protected in computer programs. His technology can be used to check whether private data can be leaked and, if so, how much information is actually leaked in that case. His technology can also be used to detect possible leaks.

In our , information is of strategic importance. Therefore, the protection of information is critical. Governments, military services, companies and banks are all dependent on the capability to protect information. If is stored and made accessible through a computer program, one needs to be absolutely sure this data cannot be retrieved by anyone just like that. Therefore, one has to make sure that users cannot distract any information about private data just by studying the public data. Marieke Huisman, associate professor at the University of Twente: "Consider a personnel administration system, for instance. Pay data of individual employees are obviously private; still, the number of employees is probably public. If one knows the total amount of salaries paid, one can possibly discover something on the wages of individual employees."

Ngo discovered a better way to precisely formulate when a parallel program does not leak any private data. Parallelism is the capacity by a to perform multiple calculations at the same time. Ngo developed an algorithm which makes it possible to verify whether concrete parallel programs do not leak any information. Leaking information cannot always be prevented and, in some instances, it may even be desirable to a certain extent. However, in case information is leaked, Ngo's algorithm can give an indication of how this information has actually been leaked. The technology even enables us to make an estimate of how much information has been leaked. Huisman: "In this way, one can make a comparison of two implementations and simply see which of the two leaks the least amount of information."

Minh Tri Ngo's dissertation is entitled "Qualitative and Quantitative flow analysis for multi-threaded programs". Ngo will obtain his doctoral degree on 17 April at the Formal Methods and Tools department of the University of Twente. Ngo performed his research under the supervision of Ms Marieke Huisman, PhD, and Professor Jaco van de Pol, PhD.

Explore further: NSA eyes encryption-breaking 'quantum' machine

add to favorites email to friend print save as pdf

Related Stories

Report: Bloomberg private messages leaked online

May 13, 2013

(AP)—A published report says financial data and news service Bloomberg accidently leaked online more than 10,000 private messages containing sensitive pricing data exchanged by users of Bloomberg's financial information ...

NSA eyes encryption-breaking 'quantum' machine

Jan 03, 2014

The US National Security Agency is making strides toward building a "quantum computer" that could break nearly any kind of encryption, The Washington Post reported Thursday.

Software Tool Plugs Security Leaks

Aug 01, 2007

Often when you make an Internet transaction, symbols on the Web page assure you that your transaction will be secure and that private information about you, such as passwords, bank account or credit card numbers, will not ...

Facebook leaked keys to account data: Symantec

May 11, 2011

US computer security firm Symantec has said that Facebook accidentally left a door open for advertisers to access profiles, pictures, chat and other private data at the social network.

3Qs:The evolution of whistleblowing

Jun 14, 2013

The leak of classified government documents last week revealed the existence of a massive National Security Administration program of bulk surveillance in which telecommunication and Internet companies are ...

Recommended for you

User comments : 0