Publication

Bayes Security: A Not So Average Metric

Abstract

Security system designers favor worst-case security metrics, such as those derived from differential privacy (DP), due to the strong guarantees they provide. On the downside, these guarantees result in a high penalty on the system's performance. In this paper, we study Bayes security, a security metric inspired by the cryptographic advantage. Similarly to DP, Bayes security i) is independent of an adversary's prior knowledge, ii) it captures the worst-case scenario for the two most vulnerable secrets (e.g., data records); and iii) it is easy to compose, facilitating security analyses. Additionally, Bayes security iv) can be consistently estimated in a black-box manner, contrary to DP, which is useful when a formal analysis is not feasible; and v) provides a better utility-security trade-off in high-security regimes because it quantifies the risk for a specific threat model as opposed to threat-agnostic metrics such as DP. We formulate a theory around Bayes security, and we provide a thorough comparison with respect to well-known metrics, identifying the scenarios where Bayes Security is advantageous for designers.

About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.
Related concepts (34)
Quantifier (logic)
In logic, a quantifier is an operator that specifies how many individuals in the domain of discourse satisfy an open formula. For instance, the universal quantifier in the first order formula expresses that everything in the domain satisfies the property denoted by . On the other hand, the existential quantifier in the formula expresses that there exists something in the domain which satisfies that property. A formula where a quantifier takes widest scope is called a quantified formula.
Risk
In simple terms, risk is the possibility of something bad happening. Risk involves uncertainty about the effects/implications of an activity with respect to something that humans value (such as health, well-being, wealth, property or the environment), often focusing on negative, undesirable consequences. Many different definitions have been proposed. The international standard definition of risk for common understanding in different applications is "effect of uncertainty on objectives".
Branching quantifier
In logic a branching quantifier, also called a Henkin quantifier, finite partially ordered quantifier or even nonlinear quantifier, is a partial ordering of quantifiers for Q ∈ {∀,∃}. It is a special case of generalized quantifier. In classical logic, quantifier prefixes are linearly ordered such that the value of a variable ym bound by a quantifier Qm depends on the value of the variables y1, ..., ym−1 bound by quantifiers Qy1, ..., Qym−1 preceding Qm. In a logic with (finite) partially ordered quantification this is not in general the case.
Show more
Related publications (63)

Using automated design appraisal to model building-specific devaluation risk due to land-use change

Adam Robert Swietek

Uncertainty of spillover effects – including property devaluation - from proposed land-use change elicits opposition to local development. This hinders cities’ ability to implement land-use policy aimed at housing affordability and environmental sustainabi ...
2024

Correlation of powers of Hüsler-Reiss vectors and Brown-Resnick fields, and application to insured wind losses

Erwan Fabrice Koch

H & uuml;sler-Reiss vectors and Brown-Resnick fields are popular models in multivariate and spatial extreme-value theory, respectively, and are widely used in applications. We provide analytical formulas for the correlation between powers of the components ...
Springer2024

Re-evaluating the mythical divide between traditional and novel cardiovascular risk factors in rheumatoid arthritis

Mats Julius Stensrud

Cardiovascular (CV) risk factors for rheumatoid arthritis (RA) are conventionally classified as 'traditional' and 'novel'. We argue that this classification is obsolete and potentially counterproductive. Further, we discuss problems with the common practic ...
London2024
Show more
Related MOOCs (2)
A Resilient Future: Science and Technology for Disaster Risk Reduction
Learn how science and technology are helping reduce our risk of disasters.
Cement Chemistry and Sustainable Cementitious Materials
Learn the basics of cement chemistry and laboratory best practices for assessment of its key properties.

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.