{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,16]],"date-time":"2026-04-16T04:53:32Z","timestamp":1776315212873,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":77,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642050886","type":"print"},{"value":"9783642050893","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-05089-3_1","type":"book-chapter","created":{"date-parts":[[2009,11,3]],"date-time":"2009-11-03T22:31:40Z","timestamp":1257287500000},"page":"1-15","source":"Crossref","is-referenced-by-count":35,"title":["Formal Methods for Privacy"],"prefix":"10.1007","author":[{"given":"Michael Carl","family":"Tschantz","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jeannette M.","family":"Wing","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"1_CR1","unstructured":"Boyd, D.: Why youth (heart) social network sites: The role of networked publics in teenage social life. In: Buckingham, D. (ed.) MacArthur Foundation Series on Digital Learning\u2013Youth, Identity, Digital Media Volume. MIT Press, Cambridge (2007)"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Warren, B.: The right to privacy. Harvard Law Review IV(5) (1890)","DOI":"10.2307\/1321160"},{"key":"1_CR3","unstructured":"National Research Council: Engaging privacy and information technology in a digital age. In: Waldo, J., Lin, H.S., Millett, L.I. (eds.) National Research Council of the National Academies. The National Academies Press, Washington (2007)"},{"key":"1_CR4","first-page":"962","volume":"39","author":"E. Bloustein","year":"1964","unstructured":"Bloustein, E.: Privacy as an aspect of human dignity: An answer to dean prosser. New York University Law Review\u00a039, 962 (1964)","journal-title":"New York University Law Review"},{"key":"1_CR5","doi-asserted-by":"crossref","DOI":"10.4159\/harvard.9780674332485","volume-title":"An Anatomy of Values","author":"C. Fried","year":"1970","unstructured":"Fried, C.: An Anatomy of Values. Harvard University Press, Cambridge (1970)"},{"key":"1_CR6","first-page":"233","volume":"12","author":"T. Gerety","year":"1977","unstructured":"Gerety, T.: Redefining privacy. Harvard Civil Rights-Civil Liberties Law Review\u00a012, 233\u2013296 (1977)","journal-title":"Harvard Civil Rights-Civil Liberties Law Review"},{"key":"1_CR7","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1086\/292105","volume":"89","author":"R. Gerstein","year":"1978","unstructured":"Gerstein, R.: Intimacy and privacy. Ethics\u00a089, 76\u201381 (1978)","journal-title":"Ethics"},{"key":"1_CR8","volume-title":"Regulating Intimacy: A New Legal Paradigm","author":"J. Cohen","year":"2002","unstructured":"Cohen, J.: Regulating Intimacy: A New Legal Paradigm. Princeton University Press, Princeton (2002)"},{"key":"1_CR9","first-page":"323","volume":"4","author":"J. Rachels","year":"1975","unstructured":"Rachels, J.: Why privacy is important. Philosophy and Public Affairs\u00a04, 323\u2013333 (1975)","journal-title":"Philosophy and Public Affairs"},{"issue":"3","key":"1_CR10","doi-asserted-by":"publisher","first-page":"421","DOI":"10.2307\/795891","volume":"89","author":"R. Gavison","year":"1980","unstructured":"Gavison, R.: Privacy and the limits of law. Yale Law Journal\u00a089(3), 421\u2013471 (1980)","journal-title":"Yale Law Journal"},{"key":"1_CR11","doi-asserted-by":"publisher","first-page":"383","DOI":"10.2307\/3478805","volume":"48","author":"W.L. Prosser","year":"1960","unstructured":"Prosser, W.L.: Privacy. California Law Review\u00a048, 383 (1960)","journal-title":"California Law Review"},{"issue":"3","key":"1_CR12","doi-asserted-by":"publisher","first-page":"477","DOI":"10.2307\/40041279","volume":"154","author":"D.J. Solove","year":"2006","unstructured":"Solove, D.J.: A taxonomy of privacy. University of Pennsylvania Law Review\u00a0154(3), 477\u2013560 (2006)","journal-title":"University of Pennsylvania Law Review"},{"key":"1_CR13","first-page":"479","volume":"381","author":"Supreme Court of the United States","year":"1965","unstructured":"Supreme Court of the United States: Griswold v. Connecticut. United States Reports 381, 479 (1965)","journal-title":"Connecticut. United States Reports"},{"key":"1_CR14","first-page":"438","volume":"405","author":"Supreme Court of the United States","year":"1972","unstructured":"Supreme Court of the United States: Eisenstadt v. Baird. United States Reports 405, 438 (1972)","journal-title":"Baird. United States Reports"},{"key":"1_CR15","first-page":"113","volume":"410","author":"Supreme Court of the United States","year":"1973","unstructured":"Supreme Court of the United States: Roe v. Wade. United States Reports 410, 113 (1973)","journal-title":"Wade. United States Reports"},{"key":"1_CR16","first-page":"918","volume":"538","author":"Supreme Court of the United States","year":"2003","unstructured":"Supreme Court of the United States: Lawrence v. Texas. United States Reports 538, 918 (2003)","journal-title":"Texas. United States Reports"},{"key":"1_CR17","first-page":"186","volume":"478","author":"Supreme Court of the United States","year":"1986","unstructured":"Supreme Court of the United States: Bowers v. Hardwick. United States Reports 478, 186 (1986)","journal-title":"Hardwick. United States Reports"},{"key":"1_CR18","doi-asserted-by":"crossref","first-page":"295","DOI":"10.1080\/15236803.1998.12022042","volume":"4","author":"J. Thomson","year":"1975","unstructured":"Thomson, J.: The right to privacy. Philosophy and Public Affairs\u00a04, 295\u2013314 (1975)","journal-title":"Philosophy and Public Affairs"},{"key":"1_CR19","first-page":"269","volume":"12","author":"W. Parent","year":"1983","unstructured":"Parent, W.: Privacy, morality and the law. Philosophy and Public Affairs\u00a012, 269\u2013288 (1983)","journal-title":"Philosophy and Public Affairs"},{"key":"1_CR20","unstructured":"Supreme Court of the United States: Olmstead v. United States. United States Reports 277, 438 (1928)"},{"key":"1_CR21","unstructured":"Supreme Court of the United States: Katz v. United States. United States Reports 389, 347 (1967)"},{"key":"1_CR22","first-page":"227","volume":"476","author":"Supreme Court of the United States","year":"1986","unstructured":"Supreme Court of the United States: Dow Chemical Co. v. United States. United States Reports 476, 227 (1986)","journal-title":"United States Reports"},{"key":"1_CR23","unstructured":"Supreme Court of the United States: Florida v. Riley. United States Reports 488, 455 (1989)"},{"key":"1_CR24","first-page":"276","volume":"460","author":"Supreme Court of the United States","year":"1983","unstructured":"Supreme Court of the United States: United States v. Knotts. United States Reports 460, 276 (1983)","journal-title":"United States Reports"},{"key":"1_CR25","first-page":"705","volume":"468","author":"Supreme Court of the United States","year":"1984","unstructured":"Supreme Court of the United States: United States v. Karo. United States Reports 468, 705 (1984)","journal-title":"United States Reports"},{"key":"1_CR26","unstructured":"New Hampshire Supreme Court: Hamberger v. Eastman. Atlantic Reporter 206, 239 (1964)"},{"key":"1_CR27","unstructured":"Supreme Court of the United States: Kyllo v. United States. United States Reports 533, 27 (2001)"},{"key":"1_CR28","unstructured":"Secretary\u2019s Advisory Committee on Automated Personal Data Systems: Records, computers, and the rights of citizens. Technical report, U.S. Department of Health, Education, and Welfare (July 1973)"},{"key":"1_CR29","unstructured":"Francis, T.: Spread of records stirs fears of privacy erosion. The Wall Street Journal, December 28 (2006)"},{"key":"1_CR30","unstructured":"Benzel, T.V.: Analysis of a kemel verification. In: Proceedings of the IEEE Symposium on Security and Privacy (1984)"},{"key":"1_CR31","doi-asserted-by":"crossref","unstructured":"Silverman, J.: Reflections on the verification of the security of an operating system kernel. In: Proceedings of the Ninth ACM Symposium on Operating Systems Principles, Bretton Woods, New Hampshire (1983)","DOI":"10.1145\/800217.806623"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: sel4: Formal verification of an os kernel. In: Proceedings of the 22nd ACM Symposium on Operating Systems Principles, Big Sky, Montana (October 2009)","DOI":"10.1145\/1629575.1629596"},{"issue":"6","key":"1_CR33","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1109\/TIT.1976.1055638","volume":"22","author":"W. Diffie","year":"1976","unstructured":"Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory\u00a022(6), 644\u2013654 (1976)","journal-title":"IEEE Transactions on Information Theory"},{"issue":"2","key":"1_CR34","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"R.L. Rivest","year":"1978","unstructured":"Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM\u00a021(2), 120\u2013126 (1978)","journal-title":"Commun. ACM"},{"key":"1_CR35","doi-asserted-by":"crossref","unstructured":"Chaum, D.: Secret ballot receipts: True voter-verifiable elections. IEEE J. Security and Privacy, 38\u201347 (2004)","DOI":"10.1109\/MSECP.2004.1264852"},{"key":"1_CR36","doi-asserted-by":"crossref","unstructured":"Benaloh, J., Tuinstra, D.: Receipt-free secret ballot elections. In: Proceedings of the 26th Annual ACM symposium on Theory of Computing, Montreal, Canada (1994)","DOI":"10.1145\/195058.195407"},{"key":"1_CR37","unstructured":"Rivest, R.L., Smith, W.D.: Three voting protocols: Threeballot, vav, and twin. In: EVT 2007: Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology, Berkeley, CA, USA, p. 16. USENIX Association (2007)"},{"issue":"2","key":"1_CR38","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1145\/293411.293443","volume":"42","author":"D.M. Goldschlag","year":"1999","unstructured":"Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Onion routing. Commun. ACM\u00a042(2), 39\u201341 (1999)","journal-title":"Commun. ACM"},{"issue":"1","key":"1_CR39","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1145\/974121.974131","volume":"3","author":"V.S. Verykios","year":"2004","unstructured":"Verykios, V.S., Bertino, E., Fovino, I.N., Provenza, L.P., Saygin, Y., Theodoridis, Y.: State-of-the-art in privacy preserving data mining. ACM SIGMOD Record\u00a03(1), 50\u201357 (2004)","journal-title":"ACM SIGMOD Record"},{"key":"1_CR40","unstructured":"National Research Council: Protecting Individual Privacy in the Struggle Against Terrorists. The National Academies Press, Washington (2008)"},{"key":"1_CR41","unstructured":"Bergstein, B.: Research explores data mining, privacy. USA Today, June 18 (2008)"},{"key":"1_CR42","unstructured":"Geambasu, R., Kohno, T., Levy, A., Levy, H.M.: Vanish: Increasing data privacy with self-destructing data. In: Proceedings of the USENIX Security Symposium, Montreal, Canada (August 2009)"},{"key":"1_CR43","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/CSFW.2002.1021805","volume-title":"CSFW 2002: Proceedings of the 15th IEEE workshop on Computer Security Foundations","author":"J. Halpern","year":"2002","unstructured":"Halpern, J., O\u2019Neill, K.: Secrecy in multiagent systems. In: CSFW 2002: Proceedings of the 15th IEEE workshop on Computer Security Foundations, Washington, DC, USA, pp. 32\u201346. IEEE Computer Society, Los Alamitos (2002), http:\/\/www.kevinoneill.org\/papers\/secrecy.pdf"},{"key":"1_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"363","DOI":"10.1007\/978-3-540-30576-7_20","volume-title":"Theory of Cryptography","author":"S. Chawla","year":"2005","unstructured":"Chawla, S., Dwork, C., McSherry, F., Smith, A., Wee, H.: Toward privacy in public databases. In: Kilian, J. (ed.) TCC 2005. LNCS, vol.\u00a03378, pp. 363\u2013385. Springer, Heidelberg (2005)"},{"key":"1_CR45","doi-asserted-by":"crossref","unstructured":"Jones, R., Kumar, R., Pang, B., Tomkins, A.: I Know What You Did Last Summer: Query Logs and User Privacy. In: Proceedings of the Sixteenth ACM Conference on Information and Knowledge Management, Lisbon, Portugal (2007)","DOI":"10.1145\/1321440.1321573"},{"key":"1_CR46","doi-asserted-by":"crossref","unstructured":"Kumar, R., Novak, J., Pang, B., Tomkins, A.: On anonymizing query logs via token-based hashing. In: Proceedings of the 16th International Conference on World Wide Web, Banff, Alberta, Canada (2007)","DOI":"10.1145\/1242572.1242657"},{"key":"1_CR47","first-page":"111","volume-title":"SP 2008: Proceedings of the 2008 IEEE Symposium on Security and Privacy","author":"A. Narayanan","year":"2008","unstructured":"Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: SP 2008: Proceedings of the 2008 IEEE Symposium on Security and Privacy, Washington, DC, USA, pp. 111\u2013125. IEEE Computer Society, Los Alamitos (2008)"},{"issue":"5","key":"1_CR48","doi-asserted-by":"publisher","first-page":"557","DOI":"10.1142\/S0218488502001648","volume":"10","author":"L. Sweeney","year":"2002","unstructured":"Sweeney, L.: k-Anonymity: A model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl.-Based Syst.\u00a010(5), 557\u2013570 (2002)","journal-title":"Int. J. Uncertain. Fuzziness Knowl.-Based Syst."},{"issue":"1","key":"1_CR49","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1145\/1217299.1217302","volume":"1","author":"A. Machanavajjhala","year":"2007","unstructured":"Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: \u2113-Diversity: Privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data\u00a01(1), 3 (2007)","journal-title":"ACM Trans. Knowl. Discov. Data"},{"key":"1_CR50","doi-asserted-by":"crossref","unstructured":"Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: IEEE 23rd International Conference on Data Engineering. ICDE 2007, April 15-20, pp. 106\u2013115 (2007)","DOI":"10.1109\/ICDE.2007.367856"},{"key":"1_CR51","doi-asserted-by":"publisher","first-page":"689","DOI":"10.1145\/1247480.1247556","volume-title":"SIGMOD 2007: Proceedings of the 2007 ACM SIGMOD international conference on Management of data","author":"X. Xiao","year":"2007","unstructured":"Xiao, X., Tao, Y.: m-Invariance: Towards privacy preserving re-publication of dynamic datasets. In: SIGMOD 2007: Proceedings of the 2007 ACM SIGMOD international conference on Management of data, pp. 689\u2013700. ACM Press, New York (2007)"},{"key":"1_CR52","unstructured":"Federal Committee on Statistical Methodology: Statistical disclosure limitation methodology. Statistical Policy Working Paper 22 (2005)"},{"key":"1_CR53","first-page":"429","volume":"15","author":"T. Dalenius","year":"1977","unstructured":"Dalenius, T.: Towards a methodology for statistical disclosure control. Statistik Tidskrift\u00a015, 429\u2013444 (1977)","journal-title":"Statistik Tidskrift"},{"key":"1_CR54","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11787006_1","volume-title":"Automata, Languages and Programming","author":"C. Dwork","year":"2006","unstructured":"Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol.\u00a04052, pp. 1\u201312. Springer, Heidelberg (2006)"},{"key":"1_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/11681878_14","volume-title":"Theory of Cryptography","author":"C. Dwork","year":"2006","unstructured":"Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol.\u00a03876, pp. 265\u2013284. Springer, Heidelberg (2006)"},{"key":"1_CR56","volume-title":"SIGMOD 2009: Proceedings of the 2009 ACM SIGMOD international conference on Management of data","author":"F. McSherry","year":"2009","unstructured":"McSherry, F.: Privacy integrated queries: An extensible platform for privacy-preserving data analysis. In: SIGMOD 2009: Proceedings of the 2009 ACM SIGMOD international conference on Management of data. ACM, New York (to appear, 2009), http:\/\/research.microsoft.com\/apps\/pubs\/?id=80218"},{"key":"1_CR57","doi-asserted-by":"crossref","unstructured":"Korolova, A., Kenthapadi, K., Mishra, N., Ntoulas, A.: Releasing search queries and clicks privately. In: Proceedings of the 2009 International World Wide Web Conference, Madrid, Spain (2009)","DOI":"10.1145\/1526709.1526733"},{"key":"1_CR58","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1145\/248155.238781","volume":"30","author":"G.C. Necula","year":"1996","unstructured":"Necula, G.C., Lee, P.: Safe kernel extensions without run-time checking. SIGOPS Oper. Syst. Rev.\u00a030(SI), 229\u2013243 (1996)","journal-title":"SIGOPS Oper. Syst. Rev."},{"key":"1_CR59","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1109\/RISP.1994.296590","volume-title":"SP 1994: Proceedings of the 1994 IEEE Symposium on Security and Privacy","author":"J. McLean","year":"1994","unstructured":"McLean, J.: A general theory of composition for trace sets closed under selective interleaving functions. In: SP 1994: Proceedings of the 1994 IEEE Symposium on Security and Privacy, Washington, DC, USA, p. 79. IEEE Computer Society, Los Alamitos (1994)"},{"key":"1_CR60","doi-asserted-by":"crossref","unstructured":"Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proceedings of the IEEE Symposium on Security and Privacy (1982)","DOI":"10.1109\/SP.1982.10014"},{"key":"1_CR61","unstructured":"Powers, C., Schunter, M.: Enterprise privacy authorization language (EPAL 1.2). W3C Member Submission (November 2003)"},{"key":"1_CR62","volume-title":"Web Privacy with P3P","author":"L.F. Cranor","year":"2002","unstructured":"Cranor, L.F.: Web Privacy with P3P. O\u2019Reilly, Sebastopol (2002)"},{"issue":"2","key":"1_CR63","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1145\/1165734.1165735","volume":"13","author":"L.F. Cranor","year":"2006","unstructured":"Cranor, L.F., Guduru, P., Arjula, M.: User interfaces for privacy agents. ACM Trans. Comput.-Hum. Interact.\u00a013(2), 135\u2013178 (2006)","journal-title":"ACM Trans. Comput.-Hum. Interact."},{"key":"1_CR64","first-page":"184","volume-title":"SP 2006: Proceedings of the 2006 IEEE Symposium on Security and Privacy","author":"A. Barth","year":"2006","unstructured":"Barth, A., Datta, A., Mitchell, J.C., Nissenbaum, H.: Privacy and contextual integrity: Framework and applications. In: SP 2006: Proceedings of the 2006 IEEE Symposium on Security and Privacy, Washington, DC, USA, pp. 184\u2013198. IEEE Computer Society, Los Alamitos (2006)"},{"key":"1_CR65","unstructured":"Nissenbaum, H.: Privacy as contextual integrity. Washington Law Review\u00a079(1) (2004)"},{"key":"1_CR66","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1109\/SECPRI.2001.924289","volume-title":"SP 2001: Proceedings of the 2001 IEEE Symposium on Security and Privacy","author":"H. Mantel","year":"2001","unstructured":"Mantel, H.: Preserving information flow properties under refinement. In: SP 2001: Proceedings of the 2001 IEEE Symposium on Security and Privacy, Washington, DC, USA, p. 78. IEEE Computer Society, Los Alamitos (2001)"},{"key":"1_CR67","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1007\/3-540-45251-6_8","volume-title":"FME 2001: Formal Methods for Increasing Software Productivity","author":"J. J\u00fcrjens","year":"2001","unstructured":"J\u00fcrjens, J.: Secrecy-preserving refinement. In: Oliveira, J.N., Zave, P. (eds.) FME 2001. LNCS, vol.\u00a02021, pp. 135\u2013152. Springer, Heidelberg (2001)"},{"key":"1_CR68","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/11787006_10","volume-title":"Automata, Languages and Programming","author":"R. Alur","year":"2006","unstructured":"Alur, R., \u010cern\u00fd, P., Zdancewic, S.: Preserving secrecy under refinement. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol.\u00a04052, pp. 107\u2013118. Springer, Heidelberg (2006)"},{"key":"1_CR69","doi-asserted-by":"crossref","unstructured":"Clarkson, M.R., Schneider, F.B.: Hyperproperties. In: Proceedings of IEEE Computer Security Foundations Symposium (June 2008)","DOI":"10.1109\/CSF.2008.7"},{"key":"1_CR70","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/3-540-45139-0_7","volume-title":"Model Checking Software","author":"T. Ball","year":"2001","unstructured":"Ball, T., Rajamani, S.: Automatically validating temporal safety properties of interfaces. In: Dwyer, M.B. (ed.) SPIN 2001. LNCS, vol.\u00a02057, p. 103. Springer, Heidelberg (2001)"},{"key":"1_CR71","unstructured":"Cowan, C., Wagle, P., Pu, C., Beattie, S., Walpole, J.: Buffer overflows: Attacks and defenses for the vulnerability of the decade. In: SANS 2000 (1999)"},{"key":"1_CR72","unstructured":"Newsome, J., Song, D.: Dynamic taint analysis: Automatic detection, analysis, and signature generation of exploit attacks on commodity software. In: Network and Distributed Systems Security Symposium (February 2005)"},{"key":"1_CR73","first-page":"31","volume-title":"CSFW 2005: Proceedings of the 18th IEEE workshop on Computer Security Foundations","author":"M.R. Clarkson","year":"2005","unstructured":"Clarkson, M.R., Myers, A.C., Schneider, F.B.: Belief in information flow. In: CSFW 2005: Proceedings of the 18th IEEE workshop on Computer Security Foundations, Washington, DC, USA, pp. 31\u201345. IEEE Computer Society, Los Alamitos (2005)"},{"key":"1_CR74","doi-asserted-by":"crossref","first-page":"321","DOI":"10.3233\/JCS-2007-15302","volume":"15","author":"D. Clark","year":"2007","unstructured":"Clark, D., Hunt, S., Malacaria, P.: A static analysis for quantifying information flow in a simple imperative language. Journal of Computer Security\u00a015, 321\u2013371 (2007)","journal-title":"Journal of Computer Security"},{"key":"1_CR75","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1145\/1255329.1255336","volume-title":"PLAS 2007: Proceedings of the 2007 workshop on Programming languages and analysis for security","author":"S. McCamant","year":"2007","unstructured":"McCamant, S., Ernst, M.D.: A simulation-based proof technique for dynamic information flow. In: PLAS 2007: Proceedings of the 2007 workshop on Programming languages and analysis for security, pp. 41\u201346. ACM, New York (2007)"},{"key":"1_CR76","unstructured":"Newsome, J., Song, D.: Influence: A quantitative approach for data integrity. Technical Report CMU-CyLab-08-005, CyLab, Carnegie Mellon University (February 2008)"},{"key":"1_CR77","unstructured":"Tschantz, M.C., Nori, A.V.: Measuring the loss of privacy from statistics. In: Gulwani, S., Seshia, S.A. (eds.) Proceedings of the 1st Workshop on Quantitative Analysis of Software (QA 2009), Technical Report UCB\/EECS-2009-93, Electrical Engineering and Computer Sciences, University of California at Berkeley, pp. 27\u201336 (June 2009)"}],"container-title":["Lecture Notes in Computer Science","FM 2009: Formal Methods"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-05089-3_1.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T02:47:31Z","timestamp":1606186051000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-05089-3_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642050886","9783642050893"],"references-count":77,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-05089-3_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009]]}}}