Iulia Bastys

PhD student in Computer Science
Department of Computer Science and Engineering
Chalmers University of Technology

Email: bastys [at] chalmers [dot] se

Address: EDIT 6449
Rännvägen 6B
41296 Gothenburg, Sweden

I am a PhD student in the Information Security division at Chalmers, where I started in October 2017. My supervisor is Andrei Sabelfeld.

My research mainly focuses on enforcing system security via information-flow control (IFC), a type of program analysis technique for ensuring that sensitive data does not flow to undesired sinks (through the use of e.g., type systems or runtime monitors).

Publications Teaching Service Misc

Publications

[Papers] [Posters] [Theses]

Papers

Automatic Annotation of Confidential Data in Java Code
Iulia Bastys, Pauline Bolignano, Franco Raimondi, Daniel Schoepe
In The 14th International Symposium on Foundations & Practice of Security (FPS), 2021
[Paper] [Slides] [Video]
Clockwork: Tracking Remote Timing Attacks
Iulia Bastys, Musard Balliu, Tamara Rezk, and Andrei Sabelfed
In Proceedings of the IEEE Computer Security Foundations Symposium (CSF), 2020
[Paper] [Full version with proofs] [Supplementary material] [Slides] [Video]
Securing IoT Apps
Musard Balliu, Iulia Bastys, and Andrei Sabelfeld
In IEEE Security and Privacy Magazine (Special Issue on Internet of Things), 2019
[Paper]
Tracking Information Flow via Delayed Output: Addressing Privacy in IoT and Emailing Apps
Iulia Bastys, Frank Piessens, and Andrei Sabelfed
In Nordic Conference on Secure Systems (NordSec), 2018
[Paper] [Slides]
Prudent Design Principles for Information Flow Control
Iulia Bastys, Frank Piessens, and Andrei Sabelfeld
In Proceedings of the Workshop on Programming Languages and Analysis for Security (PLAS), 2018
[Paper] [Slides]
If This Then What? Controlling Flows in IoT Apps
Iulia Bastys, Musard Balliu, and Andrei Sabelfeld
In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2018
[Paper] [Supplementary material] [Slides] [Video]
Towards an Architecture for Pseudonymous E-Commerce: Applying Privacy by Design to Online Shopping
Sebastian Pape, Daniel Tasche, Iulia Bastys, Akos Grosz, Jörg Lässig, and Kai Rannenberg
In SICHERHEIT, 2018
[Paper]
Type Systems for Information Flow Control: The Question of Granularity
Vineet Rajani, Iulia Bastys, Willard Rafnsson, and Deepak Garg
Invited article in ACM SIGLOG News 4 (1), 6-21, 2017
[Paper] [Full version with proofs: Technical Report MPI-SWS TR-2016-012]
Asymmetric Secure Multi-Execution with Declassification
Iulia Boloşteanu (Bastys) and Deepak Garg
In Proceedings of the International Conference on Principles of Security and Trust (POST), 2016
[Paper] [Full version with proofs] [Slides]

Posters

Securing IoT Apps. Iulia Bastys, Musard Balliu, and Andrei Sabelfeld. Poster at the 4th IEEE European Symposium on Security and Privacy (Euro S&P), 2019.
Security in Web-based Workflows. Thomas Bauereiss, Abhishek Bichhawat, Iulia Boloşteanu (Bastys), Peter Faymonville, Bernd Finkbeiner, Deepak Garg, Richard Gay, Sergey Grebenshchikov, Christian Hammer, Dieter Hutter, Ondřej Kunčar, Peter Lammich, Heiko Mantel, Christian Müller, Andrei Popescu, Markus Rabe, Vineet Rajani, Helmut Seidl, Markus Tasch, and Leander Tentrup. Poster at the 36th Symposium on Security and Privacy (S&P), 2015.

Theses

Principled Flow Tracking in IoT and Low-Level Applications. PhD Thesis, Chalmers University of Technology, 2022.
A Principled Approach to Securing IoT Apps. Licentiate Thesis, Chalmers University of Technology, 2018.
Asymmetric Secure Multi-Execution. Master Thesis, Saarland University, 2016.

Service

Program committee member

PriSC 2022.

Reviewer

ACM Computing Survey 2021.

External reviewer

CSF 2022, Euro S&P 2022, CSF 2021, Euro S&P 2021, CSF 2020, CCS 2019, S&P 2018, BIOSIG 2017, ESORICS 2017, SENSYBLE 2017, IFIP Sec 2017, TACAS 2015, CISIM 2012.

Teaching

Databases (TDA357) | [LP3 2021]
Algorithms and Data Structures (TDA417) | [LP2 2021] [LP2 2020]
Introduction to Functional Programming (TDA555) | [LP1 2021] [LP1 2020]
Principles of Concurrent Programming (TDA384) | [LP3 2018] [LP1 2018] [LP3 2017]
Programming Languages Techniques (DAT151) | [LP2 2018]
Mobile Business II (Lecture) | [SS 2017]
Logics in Security (Advanced seminar) | [WS 2014]
Security (Core lecture) | [WS 2012]
Cryptography (Core lecture) | [SS 2012]
Procedural programming (Basic lecture) | [WS 2009]

Misc

Check out my popular presentation explaining IFC in terms of a board game with zombies 🧟. It was part of an assignment on micro-teaching and the inspiration came from the original game, Zombicide.