Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Language-Based Enforcement of Privacy Policies Katia Hayati and Martin Abadi

Summary: Language-Based Enforcement of Privacy Policies
Katia Hayati and Mart´in Abadi
Department of Computer Science
University of California, Santa Cruz
Abstract. We develop a language-based approach for modeling and ver-
ifying aspects of privacy policies. Our approach relies on information-flow
control. Concretely, we use the programming language Jif, an extension
of Java with information-flow types. We address basic leaks of private in-
formation and also consider other aspects of privacy policies supported by
the Platform for Privacy Preferences (P3P) and related systems, namely
the notion of purpose and the retention of data.
1 Introduction
Entities with a Web presence should not only define and publish their privacy
policies but also ensure that they comply with those policies. A recent online
survey [2] conducted by the Privacy Place [3] indicates that users may not mind
when a website uses their personal information to tailor their browsing, but that
they care about the possible misuse of this information and support punishments
for misbehaving websites.
The problem of enforcing privacy policies has recently been attacked from
several angles and in various domains (general enterprises [6], financial institu-


Source: Abadi, Martín - Department of Computer Science, University of California at Santa Cruz


Collections: Computer Technologies and Information Sciences