PrePaMS: Privacy-Preserving Participant Management for Studies with Rewards

Felix will introduce PrePaMS, an efficient participation management system that supports prerequisite checks and reward procedures in a privacy-preserving way. By using a set of proven cryptographic primitives and mechanisms, participations are protected so that service providers and organizers cannot derive the identity of participants even within the reward process.

Social psychology and its potential effect on security when developing software systems

In this talk, Lucas will address the under-researched area of combining social psychology findings with the construction of secure software systems.

Transport-Level Privacy for Instant Messaging

In this talk, I will present DenIM (Deniable Instant Messaging), a novel protocol built on the idea of hiding traffic to make it unobservable to an adversary by piggybacking it on observable traffic. We posit that resilience to traffic analysis must be directly supported by major IM services themselves, and must be done in a low-latency manner without breaking existing features. Hence, DenIM is designed both for compatibility and performance; DenIM is a variant of the Signal protocol—commonly used for strong encryption in instant messaging services, and, DenIM’s bandwidth overhead scales with the volume of regular traffic, as opposed to scaling with time or the number of users.

Applying Cryptography’s Real/Ideal Paradigm to PL Security

Alley will argue in favor of using the real/ideal paradigm for defining security in a programming languages context, even when systems are entirely non-probabilistic.

From GDPR to Information Flow Semantics

Inevitably, personal data is transferred from EU to third countries. GDPR should follow this data wherever it is transferred. How can this requirement be enforced in practice? Currently, data transfers from EU to third countries are mostly regulated by legal agreements between data exporters and data importers. But these agreements tend to be complicated, unforeseeable, and ultimately inefficient. Technology can be employed to automatically ensure that transferred data is used by a third country is a way that does not violate GDPR. This talk explores information flow control as a tool to enforce GDPR, before it dives into new information flow semantics.

Keeping Humans on the Loop when Designing and Operating Autonomous Systems

Rebekka will present techniques to build autonomous systems that are aware of humans and their changing preferences. Traditionally, autonomous systems have been designed to automate tasks for a set of predefined objectives (e.g., to reduce energy consumption and minimize cost). These objectives often need to be traded off against each other and might have to be changed over time. In this talk, Rebekka will explain how humans can be kept “on the loop” when working with autonomous systems and their quality trade-offs.

Victor Morel's introductory talk - Design and analysis of technical systems for humans

Victor will present in this introductory talk his past work on informed consent in the IoT, and his research perspectives for the CyberSecIT project. The first part of his presentation will summarize his PhD work, including a short video demonstration. The second part will introduce his interdisciplinary experience within the Sustainable Computing Lab in Vienna on the standardization of consent in the IoT. Finally, the third part will expose his research perspectives for the CyberSecIT project with the iSec group at Chalmers.

Practical problems in enforcing Data Protection by Design & by Default - the perspective of a Data Protection Authority

Marit will explain various difficulties of enforcing Art. 25 GDPR from the perspective of a supervisory authority. She will compare the deficiencies in this area with the situation of implementing "security-by-design" approaches. Also, current trends stemming from technology design and from recent court decisions will be discussed concerning their relevance for compliance with data protection requirements. To achieve built-in data protection, Marit will present her "wish list" that addresses stakeholders such as researchers, developers, academic teachers, data protection officers, lawyers and the data protection authorities themselves.

CatNap: a Protocol for Server-aided Proximity Testing

In this talk we will look at the protocol that allows two parties who know their locations on a Euclidean plane to check whether they are within distance R of each other or not. A distinguishing feature of this protocol is that it does not require the parties to communicate with each other directly and be online at the same time. We introduce a pair of servers to which one client may submit their data and go offline with the other client coming online later, finishing the protocol and fetching the matching result. We build the protocols by combining existing off-the-shelf Cryptographic techniques. Interestingly, the protocol has better parameters (w.r.t. performance and security) than some of the hand-crafted protocols. So the importance of our protocol is in showing what can be achieved in this field “for free” using the generic techniques, and setting the bar for anyone who tries to make a “smarter” protocol for this problem in the future. During the talk we will have an intro to how Multi-Party Computation protocols work, then show how our CatNap is built from them, and finally discuss the practical implications of this work.

TypeScript Analysis in Prime Video

TypeScript is a typed version of JavaScript widely used across Amazon, but poses challenges for static analysis: The language supports many intricate features used in practice, such as callbacks and higher-order functions, dynamic field access, and asynchronous code. At the same time, the size of industrial code bases such as the Prime Video application makes a highly precise whole-program analysis intractable. In this talk, we present how we approach this trade-off in Prime Video with a lightweight whole-program analysis followed by a more precise goal-directed analysis of potential bug locations. Our goal-directed analysis uses an imprecise call graph and points-to information generated upfront to guide a more expensive goal-directed analysis that attempts to prove that potential bugs cannot happen via abstract interpretation backed by an SMT solver.