JuliaSoft presents Taint Analysis to Support GDPR @ ENISA’s Annual Privacy Forum 2018

June is a hot month for conferences: just back from FormaliSE2018 in Sweden, we head to Barcelona for ENISA’s Annual Privacy Forum (APF18)!

During the session “Privacy Implementation” on Wednesday, Pietro Ferrara will discuss how static program analysis can be applied to track how sensitive data is automatically managed by a software, and if such software could leak some of this data. In the paper Tailoring Taint Analysis to GDPR, he and co-authors Luca Olivieri (JuliaSoft) and Fausto Spoto (University of Verona) formalize and discuss how taint analysis can be extended and augmented in order to detect potential unintended leakages of sensitive data.

The technique, already implemented as part of the Julia Static Analysis solution, can support organizations in their GDPR and privacy policy compliance process. Starting from the specification of how sensitive data is retrieved and how it could be leaked, and what types of leakages are allowed by the privacy policy established by the controller of sensitive data, Julia applies standard taint analysis to detect potential leakages, reconstructs the flow to check if the flow is allowed or not, and reports full details about all the flows not allowed by the privacy policy.

About the conference:

ENISA’s Annual Privacy Forum (APF18) takes place on the 13th and 14th June 2018 in Barcelona, in co-operation with DG CONNECT, ENISA, the Universitat Politècnica de Catalunya · BarcelonaTech (UPC) and Telefonica.

Scope:

The re-calibrated legal framework in the EU as manifested by the promulgation of the General Data Protection Regulation (GDPR), is key in an effort to better control the processing of personal data. Additionally, the forthcoming Regulation on Privacy and Electronic Communications is expected to give new impetus to the way privacy is protected in electronic communications. Even the best legislative efforts cannot keep up to speed with the pace of innovative technology and business models that challenge the way personal data is processed and privacy is protected across the EU and beyond; therefore, examining what is at stake and where threats thereto originate from becomes of paramount importance.

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Start typing and press Enter to search