Search the Dagstuhl Website
Looking for information on the websites of the individual seminars? - Then please:
Not found what you are looking for? - Some of our services have separate websites, each with its own search option. Please check the following list:
Schloss Dagstuhl - LZI - Logo
Schloss Dagstuhl Services
Within this website:
External resources:
  • DOOR (for registering your stay at Dagstuhl)
  • DOSA (for proposing future Dagstuhl Seminars or Dagstuhl Perspectives Workshops)
Within this website:
External resources:
Within this website:
External resources:
  • the dblp Computer Science Bibliography

Dagstuhl Seminar 12481

Quantitative Security Analysis

( Nov 25 – Nov 30, 2012 )

(Click in the middle of the image to enlarge)

Please use the following short url to reference this page:




The high amount of trust put into today's software systems calls for a rigorous analysis of their security. Unfortunately, security is often in conflict with requirements on the functionality or the performance of a system, making perfect security an impossible or overly expensive goal. Under such constraints, the relevant question is not whether a system is secure, but rather how much security it provides. Quantitative notions of security can express degrees of protection and thus enable reasoning about the trade-off between security and conflicting requirements. Corresponding quantitative security analyses bear the potential of becoming an important tool for the rigorous development of practical systems, and a formal foundation for the management of security risks.

While there has been significant progress in research on quantitative notions of security and tools for their analysis and enforcement, existing solutions are still partial. The focus of the seminar is to discuss the following key issues.

Quantitative Notions of Security

A single qualitative security property may give rise to a spectrum quantitative generalizations, each with different characteristics and application domains. For quantitative confidentiality, current research focuses on differential privacy and measures based on information-theoretic entropy. For other security properties such as integrity, availability, incoercibility, vote verifiability, etc., quantitative generalizations are only now emerging or have not even been proposed. One goal of this seminar is to advance the understanding of the relationship between existing quantitative security properties, and to join forces in the development of new ones.

Tools for Quantitative Security Analysis

Performing a quantitative security analysis of a realistic system is a challenging problem due to the complexity of modern software. It is mandatory to provide developers with tool support for this task. One goal of this seminar is to advance the understanding of the fundamental reasoning principles for quantitative notions of security, their connection to programming languages and verification techniques, and the theoretical limits for automatically deriving quantitative security guarantees.

Novel Application Domains

Quantitative security analyses have been successfully applied, e.g., for quantifying the side-channel leakage in cryptographic algorithms, for capturing the loss of privacy in statistical data analysis, and for quantifying security in anonymity networks. In emerging application domains such as electronic voting or distributed usage control, the need for quantitative analyses has been recognized. It is a goal of this seminar to foster the collaboration between experts in emerging application domains and those in quantitative security analysis.

  • Alessandro Aldini (University of Urbino, IT)
  • Mario Alvim (University of Pennsylvania - Philadelphia, US)
  • Anindya Banerjee (IMDEA Software - Madrid, ES) [dblp]
  • Béatrice Bérard (UPMC - Paris, FR) [dblp]
  • Arnar Birgisson (Chalmers UT - Göteborg, SE)
  • Michele Boreale (University of Firenze, IT) [dblp]
  • Kostas Chatzikokolakis (Ecole Polytechnique - Palaiseau, FR)
  • Tom Chothia (University of Birmingham, GB)
  • David Clark (University College London, GB)
  • Jorge R. Cuéllar (Siemens AG - München, DE) [dblp]
  • Alessandra Di Pierro (University of Verona, IT) [dblp]
  • Ehab ElSalamouny (Ecole Polytechnique - Palaiseau, FR)
  • Sardaouna Hamadou (Ecole Polytechnique - Palaiseau, FR)
  • Holger Hermanns (Universität des Saarlandes, DE) [dblp]
  • Michael Hicks (University of Maryland - College Park, US) [dblp]
  • Sebastian Hunt (City University - London, GB)
  • Daniel Kifer (Pennsylvania State University - University Park, US)
  • Boris Köpf (IMDEA Software - Madrid, ES) [dblp]
  • Matteo Maffei (Universität des Saarlandes, DE) [dblp]
  • Pasquale Malacaria (Queen Mary University of London, GB) [dblp]
  • Fabio Martinelli (CNR - Pisa, IT) [dblp]
  • Michael W. Mislove (Tulane University, US) [dblp]
  • C. Carroll Morgan (UNSW - Sydney, AU)
  • John Mullins (Polytechnique Montreal, CA)
  • Gethin Norman (University of Glasgow, GB) [dblp]
  • Martin Ochoa (Siemens AG - Erlangen, DE) [dblp]
  • Catuscia Palamidessi (Ecole Polytechnique - Palaiseau, FR) [dblp]
  • Quoc Sang Phan (Queen Mary University of London, GB) [dblp]
  • Alexander Pretschner (TU München, DE) [dblp]
  • Andrey Rybalchenko (TU München, DE) [dblp]
  • Mathieu Sassolas (Free University of Brussels, BE)
  • Vladimiro Sassone (University of Southampton, GB)
  • Fabrizio Smeraldi (Queen Mary University of London, GB)
  • Geoffrey Smith (Florida International University - Miami, US) [dblp]
  • Marco Stronati (Ecole Polytechnique - Palaiseau, FR) [dblp]
  • Tachio Terauchi (Nagoya University, JP) [dblp]
  • Carmela Troncoso (Gradiant - Vigo, ES) [dblp]
  • Herbert Wiklicky (Imperial College London, GB) [dblp]
  • Santiago Zanella-Béguelin (Microsoft Research UK - Cambridge, GB) [dblp]

  • Security/cryptography
  • programming languages
  • formal methods
  • verification/logic

  • Security
  • privacy
  • information theory
  • programming languages
  • formal methods