A secrecy-preserving language for distributed and object-oriented systems

Ramezanifarkhani, Toktam; Owe, Olaf; Tokas, Shukun

doi:10.1016/j.jlamp.2018.04.001

Cited by 8 publications

(4 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We propose a small core language, based on Creol [7], centered around a few basic statements. It has a compositional semantics which is beneficial to analysis [7,8]. The language is imperative and strongly typed, with data types for data structure locally inside a class.…”

Section: Embedding Policy With Program Constructsmentioning

confidence: 99%

“…Here Γ is a mapping from program variable names to policy sets, such that the policy set of a variable in a given state gives an upper bound of the permitted operations. In order to deal with branches of ifand while-statements where the context policy is influenced by that of the if-and while-tests, Γ uses an additional variable pc (the program context) reflecting the current branching policy (as in [8]). Note that the rules are right-constructive in the sense that Γ can be constructed from Γ and s.…”

Section: An Effect System For Privacymentioning

confidence: 99%

See 1 more Smart Citation

Language-Based Mechanisms for Privacy-by-Design

Tokas

Owe

Ramezanifarkhani

2020

Privacy and Identity Management. Data for Better Living: AI and Privacy

Self Cite

View full text Add to dashboard Cite

The privacy by design principle has been applied in system engineering. In this paper, we follow this principle, by integrating necessary safeguards into the program system design. These safeguards are then used in the processing of personal information. In particular, we use a formal language-based approach with static analysis to enforce privacy requirements. To make a general solution, we consider a high-level modeling language for distributed service-oriented systems, building on the paradigm of active objects. The language is then extended to support specification of policies on program constructs and policy enforcement. For this we develop i) language constructs to formally specify privacy restrictions, thereby obtaining a policy definition language, ii) a formal notion of policy compliance, and iii) a type and effect system for enforcing and analyzing a program's compliance with the stated polices.

show abstract

Section: Embedding Policy With Program Constructsmentioning

confidence: 99%

Section: An Effect System For Privacymentioning

confidence: 99%

Language-Based Mechanisms for Privacy-by-Design

Tokas

Owe

Ramezanifarkhani

2020

Privacy and Identity Management. Data for Better Living: AI and Privacy

Self Cite

View full text Add to dashboard Cite

show abstract

“…2. Formal languages, coupled with a compiler, such as the one developed by Ramezanifarkhani et al [31], possess the potential to make privacy policies statically verifiable. These languages have the potential to statically enforce data protection stronger than the lightweight analysis proposed.…”

Section: Related Workmentioning

confidence: 99%

Annotation-Based Static Analysis for Personal Data Protection

Hjerppe¹,

Ruohonen

Leppänen

2020

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

0000−0002−3737−4669] , Jukka Ruohonen 2[0000−0001−5147−3084] , Ville Leppänen 2 kalle.hjerppe@geniem.com, and Abstract. This paper elaborates the use of static source code analysis in the context of data protection. The topic is important for software engineering in order for software developers to improve the protection of personal data during software development. To this end, the paper proposes a design of annotating classes and functions that process personal data. The design serves two primary purposes: on one hand, it provides means for software developers to document their intent; on the other hand, it furnishes tools for automatic detection of potential violations. This dual rationale facilitates compliance with the General Data Protection Regulation (GDPR) and other emerging data protection and privacy regulations. In addition to a brief review of the state-of-the-art of static analysis in the data protection context and the design of the proposed analysis method, a concrete tool is presented to demonstrate a practical implementation for the Java programming language.

show abstract

“…As far as we know, studies of secrecy, within the logical tradition, are confined to issues related to system security [5,6,7,8,9,10,11,12,13,14]. In such studies, a secret is presented as a true piece of information about an agent/a system which is not known by a certain adversary group; the focus is mostly on identifying effective, and often subtle, methods for keeping the secret.…”

Section: Introductionmentioning

confidence: 99%

A Commonsense Theory of Secrets

Ismail

Shafie²

2020

Frontiers in Artificial Intelligence and Applications

View full text Add to dashboard Cite

With the advent of social robots, precise accounts of an increasing number of social phenomena are called for. Although the phenomenon of secrets is an important part of everyday social situations, logical accounts of it can only be found, in a rather strict sense, within logical investigations of systems security. This paper is an attempt to formalize the logic of a commonsense notion of secrets as a contribution to ontologies of social and epistemological phenomena. We take a secret to be a five-way relation between a proposition, a group of secret-keepers, a group of nescients, a condition of secrecy, and a time point. A bare-bones notion of secrets is defined by providing necessary and sufficient conditions for said relation to hold. Special classes of secrets are then identified by considering an assortment of extra conditions. The logical language employed formalizes a classical account of belief and intention, a theory of groups, and a novel notion of revealing. In such a rich theory, interesting properties of secrets are proved.

show abstract

A secrecy-preserving language for distributed and object-oriented systems

Cited by 8 publications

References 36 publications

Language-Based Mechanisms for Privacy-by-Design

Language-Based Mechanisms for Privacy-by-Design

Annotation-Based Static Analysis for Personal Data Protection

A Commonsense Theory of Secrets

Contact Info

Product

Resources

About