The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Information flow inference for ML
ACM Transactions on Programming Languages and Systems (TOPLAS)
An Information-Flow for Privacy (InfoPriv)
Proceedings of the IFIP TC11 WG 11.3 Twelfth International Working Conference on Database Security XII: Status and Prospects
Proceedings of the 2002 workshop on New security paradigms
Privacy Enforcement with an Extended Role-Based Access Control Model
Privacy Enforcement with an Extended Role-Based Access Control Model
Mostly-static decentralized information flow control
Mostly-static decentralized information flow control
Journal of Functional Programming
Strong and weak policy relations
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Conformance verification of privacy policies
WS-FM'10 Proceedings of the 7th international conference on Web services and formal methods
Privacy-sensitive information flow with JML
CADE' 20 Proceedings of the 20th international conference on Automated Deduction
Privacy in data mining using formal methods
TLCA'05 Proceedings of the 7th international conference on Typed Lambda Calculi and Applications
Understanding privacy policies
Empirical Software Engineering
Hi-index | 0.00 |
We develop a language-based approach for modeling and verifying aspects of privacy policies. Our approach relies on information-flow control. Concretely, we use the programming language Jif, an extension of Java with information-flow types. We address basic leaks of private information and also consider other aspects of privacy policies supported by the Platform for Privacy Preferences (P3P) and related systems, namely the notion of purpose and the retention of data.