Several formal languages have been proposed to encode privacy policies, ranging from the Platform for Privacy Preferences (P3P), intended for communicating privacy policies to con...
In traditional information-flow type systems, the security policy is often formalized as noninterference properties. However, noninterference alone is too strong to express securi...
Displaying website privacy policies to consumers in ways they understand is an important part of gaining consumers’ trust and informed consent, yet most website privacy policies...
Robert W. Reeder, Patrick Gage Kelley, Aleecia M. ...
Policy testing and analysis are important techniques for high assurance of correct specification of access control policies. We propose a set of testing and analysis techniques fo...
The RT Role-based Trust-management framework provides policy language, semantics, deduction engine, and pragmatic features such as application domain specification documents that...