Pressured by existing regulations such as the EU GDPR, online services must advertise a
personal data protection policy declaring the types and purposes of collected personal data …

Many users implicitly assume that software can only be exploited after it is installed.
However, recent supply-chain attacks demonstrate that application integrity must be ensured …

We present Peekaboo, a new privacy-sensitive architecture for smart homes that leverages
an in-home hub to pre-process and minimize outgoing data in a structured and enforceable …

As increasingly more sensitive data is being collected to gain valuable insights, the need to
natively integrate privacy controls in data analytics frameworks is growing in importance …

Data privacy laws like the EU's GDPR grant users new rights, such as the right to request
access to and deletion of their data. Manual compliance with these requests is error-prone …

Single-sign-on (SSO) authentication employs an identity provider (IdP) to provide users with
an efficient way to authenticate themselves with different service providers and has been …

Continuous compliance with privacy regulations, such as GDPR and CCPA, has become a
costly burden for companies from small-sized start-ups to business giants. The culprit is the …

New laws such as the European Union's General Data Protection Regulation (GDPR) grant
users unprecedented control over personal data stored and processed by businesses …

We present Storm, a web framework that allows developers to build MVC applications with
compile-time enforcement of centrally specified data-dependent security policies. Storm …

Serverless applications consist of functions written in heterogeneous programming
languages, use diverse data stores and communication services, and evolve rapidly …