Information leakage analysis of software: How to make it useful to IT industries?
Nowadays the software is becoming complex as clients expect a number of functionalities in software. In such scenario, information leakage can' t be avoided. As a result, a lot of research is going on to develop tools, methods and policies to find and minimize the leakage. The paper proposes a method to provide a measure, especially to the IT organizations to find how the information leakage at one portion of the software can propagate leakage risk to the other portions of the software or entire software. The paper uses the quantitative analysis of information leakage and cost function based statistical method to find the leakage risk propagation in the software. The method proposed in the paper facilitates the organizations by allowing them to set the organization specific parameters. The proposed method has been applied to the function of Linux to demonstrate the information leakage risk propagation. When organizations find information leakage in the software, their sustaining engineering or quality management teams simply rectify the software portion. But it becomes difficult for the organizations to document the overall mitigation of the risk of leakage. Thus, using the proposed method, organizations will be able to quantify the information leakage risk mitigation.
"Information leakage analysis of software: How to make it useful to IT industries?,"
Future Computing and Informatics Journal: Vol. 2
, Article 2.
Available at: https://digitalcommons.aaru.edu.jo/fcij/vol2/iss1/2