A Quantitative Datacentric Approach to Differential Confidentiality Analysis

The spread of mobile devices that are increasingly connected to the net has lead to a rise of the importance of security in mobile systems. This study can be included in the area of analysis and verification of software involved in the data confidentiality, more specifically in the information flow analysis techniques capable of detecting data leakage in mobile applications. Current research can be divided into two different approaches, quantitative and qualitative. The primary aim of this work consists in combining the two approaches, in such a way to exploits the strengths of both. The study starts with an analysis of the current literature in this field, in order to obtain a complete overview also on related themes. The middle phase of the work is focused on finding a composition of the two approaches, starting from concatenating the single features of the two, like the ability to evaluate implicit flows, up to arrive at a unique synthesis. Finally the new method will be used to try to examine leakage of data created by the set of all the applications installed in the system.