Filters








407,876 Hits in 4.3 sec

A Type System for Privacy Properties

Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei
2017 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17  
With our type system, we can successfully verify the aforementioned privacy property using the following types: r a : τ LL,1 r a , r b : τ LL,1 r b , r ′ a : τ HH,1 r ′ a , r ′ b : τ HH,1 r ′ b k a : key  ...  As a result, we provide a sound type system for proving equivalence of protocols for both a bounded and an unbounded number of sessions, or a mix of both.  ... 
doi:10.1145/3133956.3133998 dblp:conf/ccs/CortierGLM17 fatcat:4hjhjzuwozhaloqw2gx7abwbui

A Type System for Privacy Properties (Technical Report) [article]

Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei
2017 arXiv   pre-print
We explore a novel approach based on type systems and provide a (sound) type system for proving equivalence of protocols, for a bounded or an unbounded number of sessions.  ...  It provides a significant speed-up (by orders of magnitude) compared to tools for a bounded number of sessions and complements in terms of expressiveness other state-of-the-art tools, such as ProVerif  ...  With our type system, we can successfully verify the aforementioned privacy property using the following types: We assume standard security labels: HH stands for high confidentiality and high integrity  ... 
arXiv:1708.08340v1 fatcat:sbxa7gh33nbubejgmorzahcehq

A Privacy Type System for Context-aware Mobile Ambients

François Siewe
2015 Procedia Computer Science  
This paper proposes a privacy type system that controls the behaviour of concurrent, context-aware and mobile processes to ensure that private information are not accidentally disclosed.  ...  However, privacy is an important concern in ubicomp; unless users are confident enough that their privacy is protected, many will be deterred from using such systems.  ...  Conclusion This paper proposed a novel type system for protecting privacy in ubicomp systems. The type system is based on CCA and comprises mobility types, exchange types and privacy types.  ... 
doi:10.1016/j.procs.2015.05.034 fatcat:5sdehmvjt5bkbf2jkaojmphv4y

Statically typed string sanitation inside a python

Nathan Fulton, Cyrus Omar, Jonathan Aldrich
2014 Proceedings of the 2014 International Workshop on Privacy & Security in Programming - PSP '14  
Then, taking Python as a language with these constructs, we implement the type system together with the translation as a library using typy, an extensible static type system for Python.  ...  Instead, we advocate for extensible type systems: new type system fragments like this should be implemented as libraries atop a mechanism that guarantees that they can be safely composed.  ...  Python does not have a static type system, however, so to implement these semantics, we will use typy, an extensible type system for Python (being developed by the authors).  ... 
doi:10.1145/2687148.2687152 dblp:conf/oopsla/FultonOA14 fatcat:4dzyxfbbprd3nnjs4oix6lhifq

A privacy conserving approach for the development of SIP security services to prevent certain types of MITM and toll fraud attacks in VoIP systems

Stefan Hofbauer
2014 unpublished
Further a framework for privacy attack identification and privacy data minimization f [...]  ...  This thesis proposes a method for changing communication records in such a way that the forensic analysis for VoIP attacks is possible and the privacy of the call participants is preserved.  ...  [SC09] develop a framework for considering privacy in software systems. The authors identify two general approaches for preserving privacy in software systems.  ... 
doi:10.25365/thesis.33491 fatcat:l6qx5yswj5da7myvqhzkrjpsui

A Purpose-Based Access Control Model

Naikuo Yang, Howard Barringer, Ning Zhang
2007 Third International Symposium on Information Assurance and Security  
Achieving privacy preservation in a data-sharing computing environment is becoming a challenging problem.  ...  Privacy policy is to ensure that data can only be used for its intended purpose, and the access purpose should be compliant with the data's intended purpose.  ...  This provides a framework for all required elements of a privacy policy.  ... 
doi:10.1109/ias.2007.29 dblp:conf/IEEEias/YangBZ07 fatcat:pzhidbdeczgaxlye4baz6r746e

A Purpose-Based Access Control Model

Naikuo Yang, Howard Barringer, Ning Zhang
2007 Third International Symposium on Information Assurance and Security  
Achieving privacy preservation in a data-sharing computing environment is becoming a challenging problem.  ...  Privacy policy is to ensure that data can only be used for its intended purpose, and the access purpose should be compliant with the data's intended purpose.  ...  This provides a framework for all required elements of a privacy policy.  ... 
doi:10.1109/isias.2007.4299765 fatcat:qbihvp4wqzb6bif7fxrr7k6wqa

Knowledge is Power: Systematic Reuse of Privacy Knowledge for Threat Elicitation

Kim Wuyts, Laurens Sion, Dimitri Van Landuyt, Wouter Joosen
2019 2019 IEEE Security and Privacy Workshops (SPW)  
Identifying relevant threats that cause privacy harm requires an extensive assessment of common potential privacy issues for all elements in the system-under-analysis.  ...  However, capturing (at least part of) this privacy expertise in a reusable threat knowledge base (i.e. an inventory of common threat types), such as LINDDUN's and STRIDE's threat trees, can greatly improve  ...  It does not only require a solid understanding of the system-under-analysis, expert privacy knowledge is essential in order to systematically analyze the system for potential privacy harm.  ... 
doi:10.1109/spw.2019.00025 dblp:conf/sp/WuytsSLJ19 fatcat:l73jsvup5zhq3lsgzwbzzigav4

Solo: A Lightweight Static Analysis for Differential Privacy [article]

Chike Abuah, David Darais, Joseph P. Near
2021 arXiv   pre-print
We propose a new type system that enforces differential privacy, avoids the use of linear and relational refinement types, and can be easily embedded in mainstream richly typed programming languages such  ...  of differential privacy, which requires "full" linear types a la Girard.  ...  The D system [Near et al. 2019 ] uses a dual type system, with dedicated systems for sensitive composition and privacy composition.  ... 
arXiv:2105.01632v2 fatcat:2fd2pfx3ibaullw7z75a5otyqu

PPML-Omics: a Privacy-Preserving federated Machine Learning system protects patients' privacy from omic data [article]

Juexiao Zhou, Siyuan Chen, Yulian Wu, Haoyang Li, Bin Zhang, Longxi Zhou, Yan Hu, Zihang Xiang, Zhongxiao Li, Ningning Chen, Wenkai Han, Di Wang (+1 others)
2022 bioRxiv   pre-print
Here, we built a secure and privacy-preserving machine learning (PPML) system by combining federated learning (FL), differential privacy (DP) and shuffling mechanism.  ...  We also examined privacy breaches in depth through privacy attack experiments and demonstrated that our PPML-Omics system could protect patients' privacy.  ...  In other words, for a system, if we cannot observe some sensitive small clusters (sub-types) in the final clustering results, then we could conclude that the system protects the patient's privacy.  ... 
doi:10.1101/2022.03.23.485485 fatcat:ggxgujkn6vfv7lpkyr6xn72abi

Privacy by typing in the π-calculus [article]

Dimitrios Kouzapas, Anna Philippou
2017 arXiv   pre-print
The correspondence between the privacy model and the semantics is established using a type system for the calculus and a satisfiability definition between types and privacy policies.  ...  In this paper we propose a formal framework for studying privacy in information systems.  ...  A type system for system terms.  ... 
arXiv:1710.06494v1 fatcat:zymb5xtuzjburn26omgj4n4sse

Privacy in Recommender Systems [chapter]

Arjan J. P. Jeckmans, Michael Beye, Zekeriya Erkin, Pieter Hartel, Reginald L. Lagendijk, Qiang Tang
2012 Computer Communications and Networks  
types, information types, particular privacy risks, and privacy-protection techniques.  ...  In many online applications, the range of content that is offered to users is so wide that a need for automated recommender systems arises.  ...  Acknowledgements The research for this work was carried out within the Kindred Spirits project, part of the STW Sentinels research program.  ... 
doi:10.1007/978-1-4471-4555-4_12 dblp:series/ccn/JeckmansBEHLT13 fatcat:leia3xo3ovfo3h5ph5tmphr4qi

Privacy Compliance Enforcement in Email [chapter]

Quintin Armour, William Elazmeh, Nour El-Kadri, Nathalie Japkowicz, Stan Matwin
2005 Lecture Notes in Computer Science  
The next step of our research will be to adapt our system to the context of a health organization, where privacy rules are more complex and more sensitive.  ...  This prototype is currently being developed for a university setting. In this setting, it was shown to obtain a precision score of 77%.  ...  As shown in Fig. 1 , for a given enterprise, the system has three elements as inputs: 1) the email, 2) the privacy policy and 3) the database.  ... 
doi:10.1007/11424918_20 fatcat:76xus7wxzvdvzgjufzfpndj2xe

Context aware privacy in visual surveillance

Simon Moncrieff, Svetha Venkatesh, Geoff West
2008 Pattern Recognition (ICPR), Proceedings of the International Conference on  
Dynamic privacy is achieved by accounting for the situation, or context, within the environment.  ...  As these aspects are in conflict, a dynamic approach to privacy is required to balance the system's purpose with the system's privacy.  ...  An alternative technique [10] detailed a privacy system for a hospital.  ... 
doi:10.1109/icpr.2008.4761616 dblp:conf/icpr/MoncrieffVW08 fatcat:l72ah7royfgrvdvyc6hjepnage

Differential Privacy by Typing in Security Protocols

Fabienne Eigner, Matteo Maffei
2013 2013 IEEE 26th Computer Security Foundations Symposium  
Furthermore, we develop a linear, distance-aware type system to statically and automatically enforce distributed differential privacy in cryptographic protocol implementations (expressed in the RCF calculus  ...  We also provide an algorithmic variant of our type system, which we prove sound and complete.  ...  IT-Security, Privacy and Accountability (CISPA).  ... 
doi:10.1109/csf.2013.25 dblp:conf/csfw/EignerM13 fatcat:undbwopeyva5vea4e27ai2p5zu
« Previous Showing results 1 — 15 out of 407,876 results