In this thesis, we experiment with customizing programming languages to enforce privacy and security policies. We enforce privacy and security requirements at the level of a programming language when a program executes. We design a language and enrich it with the essential features to enforce the requirements. Moreover, we model our language with formal methods and prove that programs written in our language do not violate the desired policies. We design the language's syntax and semantics and formalize the operational semantics with mathematical logic, which enables us to reason about the language's properties.The structure of this thesis is described in the following. First, we introduce privacy and security policies that we want to enforce. We choose the GDPR (General Data Protection Regulation), which has strict requirements to protect the individual's privacy when processing personal data. For security, we give an overview of existing language-based techniques to preserve confidentiality and limit access to sensitive data. Second, we state the research questions that we want to handle in this thesis. Third, we introduce the tools and logic that we use for our research methods and modeling our languages. Finally, we present the research papers and relate the research questions to our contributions.The main contributions of this thesis are presented in three research papers. In the first paper, we introduce a programming language with provable guarantees that protects privacy and enforces the GDPR's requirements. The second paper gives an overview of a category of programming languages, called active object languages, that are used to develop distributed systems. In the third paper, we introduce a security mechanism to enforce security in active object languages. We discuss and prove that our language-based approaches are exact when it comes to enforcing policies and restrictions. Moreover, our approaches can be generalized to other languages.
In this thesis, we experiment with customizing programming languages to enforce privacy and security policies. We enforce privacy and security requirements at the level of a programming language when a program executes. We design a language and enrich it with the essential features to enforce the requirements. Moreover, we model our language with formal methods and prove that programs written in our language do not violate the desired policies. We design the language's syntax and semantics and formalize the operational semantics with mathematical logic, which enables us to reason about the language's properties.The structure of this thesis is described in the following. First, we introduce privacy and security policies that we want to enforce. We choose the GDPR (General Data Protection Regulation), which has strict requirements to protect the individual's privacy when processing personal data. For security, we give an overview of existing language-based techniques to preserve confidentiality and limit access to sensitive data. Second, we state the research questions that we want to handle in this thesis. Third, we introduce the tools and logic that we use for our research methods and modeling our languages. Finally, we present the research papers and relate the research questions to our contributions.The main contributions of this thesis are presented in three research papers. In the first paper, we introduce a programming language with provable guarantees that protects privacy and enforces the GDPR's requirements. The second paper gives an overview of a category of programming languages, called active object languages, that are used to develop distributed systems. In the third paper, we introduce a security mechanism to enforce security in active object languages. We discuss and prove that our language-based approaches are exact when it comes to enforcing policies and restrictions. Moreover, our approaches can be generalized to other languages.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.