English
Related papers

Related papers: Extending Expressive Access Policies with Privacy …

200 papers

In this paper we present ZKlaims: a system that allows users to present attribute-based credentials in a privacy-preserving way. We achieve a zero-knowledge property on the basis of Succinct Non-interactive Arguments of Knowledge (SNARKs).…

Cryptography and Security · Computer Science 2019-08-21 Martin Schanzenbach , Thomas Kilian , Julian Schütte , Christian Banse

Many languages and algebras have been proposed in recent years for the specification of authorization policies. For some proposals, such as XACML, the main motivation is to address real-world requirements, typically by providing a complex…

Cryptography and Security · Computer Science 2011-11-28 Jason Crampton , Charles Morisset

Privacy concerns in machine learning systems have grown significantly with the increasing reliance on sensitive user data for training large-scale models. This paper introduces a novel framework combining Probably Approximately Correct…

Cryptography and Security · Computer Science 2026-02-13 Guilhem Repetto , Nojan Sheybani , Gabrielle De Micheli , Farinaz Koushanfar

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus…

Software Engineering · Computer Science 2015-08-18 Andrea Margheri , Rosario Pugliese , Francesco Tiezzi

Large language models (LLMs) are increasingly utilized in domains such as finance, healthcare, and interpersonal relationships to provide advice tailored to user traits and contexts. However, this personalization often relies on sensitive…

Cryptography and Security · Computer Science 2025-04-25 Hiroki Watanabe , Motonobu Uchikoshi

Web services are important in the processing of personal data in the World Wide Web. In light of recent data protection regulations, this processing raises a question about consent or other basis of legal processing. While a consent must be…

Software Engineering · Computer Science 2020-11-06 Kalle Hjerppe , Jukka Ruohonen , Ville Leppänen

Access control systems are widely used means for the protection of computing systems. They are defined in terms of access control policies regulating the accesses to system resources. In this paper, we introduce a formally-defined,…

Software Engineering · Computer Science 2017-01-02 Andrea Margheri , Massimiliano Masi , Rosario Pugliese , Francesco Tiezzi

For security and privacy management and enforcement purposes, various policy languages have been presented. We give an overview on 27 security and privacy policy languages and present a categorization framework for policy languages. We show…

Cryptography and Security · Computer Science 2015-12-02 Saffija Kasem-Madani , Michael Meier

Zero-knowledge proofs (ZKPs) enable computational integrity and privacy by allowing one party to prove the truth of a statement without revealing underlying data. Compared with alternatives such as homomorphic encryption and secure…

Cryptography and Security · Computer Science 2026-04-14 Ryan Lavin , Xuekai Liu , Hardhik Mohanty , Logan Norman , Giovanni Zaarour , Bhaskar Krishnamachari

Data protection laws such as GDPR aim to give users unprecedented control over their personal data. Compliance with these regulations requires systematically considering information flow and interactions among entities handling sensitive…

Programming Languages · Computer Science 2025-08-07 Chinmayi Prabhu Baramashetru , Paola Giannini , Silvia Lizeth Tapia Tarifa , Olaf Owe

User authentication is one of the most important aspects for secure communication between services and end-users over the Internet. Service providers leverage Single-Sign On (SSO) to make it easier for their users to authenticate…

Cryptography and Security · Computer Science 2025-10-10 Kaustabh Barman , Fabian Piper , Sanjeet Raj Pandey , Axel Kuepper

Implicit authentication consists of a server authenticating a user based on the user's usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication…

Cryptography and Security · Computer Science 2015-03-03 Josep Domingo-Ferrer , Qianhong Wu , Alberto Blanco-Justicia

Cloud compute systems allow administrators to write access control policies that govern access to private data. While policies are written in convenient languages, such as AWS Identity and Access Management Policy Language, manually written…

Software Engineering · Computer Science 2025-03-17 Adarsh Vatsa , Pratyush Patel , William Eiers

We present ZK-SecreC, a domain-specific language for zero-knowledge proofs. We present the rationale for its design, its syntax and semantics, and demonstrate its usefulness on the basis of a number of non-trivial examples. The design…

The enforcement of sensitive policies in untrusted environments is still an open challenge for policy-based systems. On the one hand, taking any appropriate security decision requires access to these policies. On the other hand, if such…

Cryptography and Security · Computer Science 2013-12-24 Muhammad Rizwan Asghar

LLMs driven products were increasingly prevalent in our daily lives, With a natural language based interaction style, people may potentially leak their personal private information. Thus, privacy policy and user agreement played an…

Human-Computer Interaction · Computer Science 2024-06-27 Shuning Zhang , Haobin Xing , Xin Yi , Hewu Li

Passwords are ubiquitous and most commonly used to authenticate users when logging into online services. Using high entropy passwords is critical to prevent unauthorized access and password policies emerged to enforce this requirement on…

Cryptography and Security · Computer Science 2018-02-15 Khoa Nguyen , Benjamin Hong Meng Tan , Huaxiong Wang

Least privilege is a core security principle: grant each request only the minimum access needed to achieve its goal. Deployed language models almost never follow it, instead being exposed through a single API endpoint that serves all users…

Cryptography and Security · Computer Science 2026-03-05 Paulius Rauba , Dominykas Seputis , Patrikas Vanagas , Mihaela van der Schaar

Access control is a security mechanism designed to ensure that only authorized users can access specific resources. Cross-domain access control involves access to resources across different organizations, institutions, or applications.…

Cryptography and Security · Computer Science 2025-12-01 Aiyao Zhang , Xiaodong Lee , Zhixian Zhuang , Jiuqi Wei , Yufan Fu , Botao Peng

Large language models (LLMs) are primarily accessed via commercial APIs, but this often requires users to expose their data to service providers. In this paper, we explore how users can stay in control of their data by using privacy…

Computation and Language · Computer Science 2025-10-21 Guillem Ramírez , Alexandra Birch , Ivan Titov
‹ Prev 1 2 3 10 Next ›