By Topic

Information Flow Control for Static Enforcement of User-Defined Privacy Policies

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Preibusch, S. ; Comput. Lab., Univ. of Cambridge, Cambridge, UK

Information flow control (IFC) allows software programmers and auditors to detect and prevent the sharing of information between different parts of a program which, as a matter of policy, should be kept logically separate. However, the lack of widespread use of IFC suggests technology and usability barriers to adoption. The programming language JIF provides IFC on top of Java. To assess pragmatic issues and systematic limitations of using JIF for commercial privacy-preserving Web applications, we deliver the first Web-based case-study with customer-negotiated restrictions on data recipients and usage. On a practical level, from our experience of programming in JIF, we assess its suitability for preventing accidental misuse of personal information and deduce recommendations for future implementations. On a theoretical level, we explore the compatibility between static analysis and privacy policies configured at runtime.

Published in:

Policies for Distributed Systems and Networks (POLICY), 2011 IEEE International Symposium on

Date of Conference:

6-8 June 2011