, Data Minimisation: a Language-Based Approach (Long Version). eprint arXiv:1611, p.5642, 2016.
DOI : 10.1007/978-3-319-58469-0_30
, The KeY tool, Software & Systems Modeling, vol.Patterns, issue.1, pp.32-54, 2005.
DOI : 10.1007/BFb0030541
, Limiting data collection in application forms: A real-case application of a founding privacy principle, 2012 Tenth Annual International Conference on Privacy, Security and Trust, p.2012
DOI : 10.1109/PST.2012.6297920
URL : https://hal.archives-ouvertes.fr/hal-00768363
, Gradual Release: Unifying Declassification, Encryption and Key Release Policies, 2007 IEEE Symposium on Security and Privacy (SP '07), 2007.
DOI : 10.1109/SP.2007.22
URL : http://www.cs.chalmers.se/~andrei/askarov-sabelfeld-sp07.pdf
, Learning is Change in Knowledge: Knowledge-Based Security for Dynamic Policies, 2012 IEEE 25th Computer Security Foundations Symposium, 2012.
DOI : 10.1109/CSF.2012.31
URL : http://doi.org/10.1109/csf.2012.31
, Automatic Discovery and Quantification of Information Leaks, 2009 30th IEEE Symposium on Security and Privacy, 2009.
DOI : 10.1109/SP.2009.18
URL : http://www7.in.tum.de/~rybal/papers/sp09-discovery-and-quantification-of-information-leaks.pdf
, Epistemic temporal logic for information flow security, Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security, PLAS '11, 2011.
DOI : 10.1145/2166956.2166962
, Encyclopedia of Cryptography and Security, chap. Secondary Use Regulations, 2011.
, Required Information Release, 2010 23rd IEEE Computer Security Foundations Symposium, 2010.
DOI : 10.1109/CSF.2010.22
URL : http://people.seas.harvard.edu/%7Echong/pubs/csf10_required_release_tr.pdf
, Information transmission in computational systems, SIGOPS Oper. Syst. Rev, vol.11, issue.5, 1977.
, REDLOG, ACM SIGSAM Bulletin, vol.31, issue.2, pp.2-9, 1997.
DOI : 10.1145/261320.261324
, Predicate abstraction for software verification, 2002.
DOI : 10.1145/503272.503291
, Completeness in abstract interpretation: A domain perspective, AMAST, LNCS 1349 Springer, 1997.
DOI : 10.1007/BFb0000474
URL : http://www.math.unipd.it/~ranzato/papers/amast97.pdf
, Engineering privacy by design reloaded, 2015.
, Symbolic execution debugger (sed) Runtime Verification, 2014.
DOI : 10.1007/978-3-319-11164-3_21
, Symbolic execution and program testing, Communications of the ACM, vol.19, issue.7, pp.385-394, 1976.
DOI : 10.1145/360248.360252
, A lattice of information. CSFW, 1993.
, JML, Proceedings of the Principles and Practices of Programming on The Java Platform, PPPJ '15, 1998.
DOI : 10.1145/2807426.2817926
, Quantifying information flow, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15, 2002.
DOI : 10.1109/CSFW.2002.1021804
URL : http://web.comlab.ox.ac.uk/oucl/work/gavin.lowe/Security/Papers/capacity.ps
, Information Leakage Analysis of Complex C Code and Its application to OpenSSL, LNCS, vol.21, issue.1, 2016.
DOI : 10.1145/2663716.2663758
, Data dependencies and program slicing, Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation , PEPM '08, 2008.
DOI : 10.1145/1328408.1328428
, Design by Contract, by Example, 2002.
, Theory of equivalence relations, Duke Mathematical Journal, vol.9, pp.573-627, 1942.
, A partition analysis method to increase program reliability, 1981.
, A Per Model of Secure Information Flow in Sequential Programs, Higher-Order and Symbolic Computation, 2001.
DOI : 10.1007/3-540-49099-X_4
, On the Foundations of Quantitative Information Flow, FOSSACS LNCS, vol.38, issue.1, 2009.
DOI : 10.1137/060651380
, Formal Methods for Privacy, in FM, 2009.
DOI : 10.1007/978-3-642-05089-3_1
, Precisely Measuring Quantitative Information Flow: 10K Lines of Code and Beyond, 2016 IEEE European Symposium on Security and Privacy (EuroS&P), 2016.
DOI : 10.1109/EuroSP.2016.15