Privacy by typing in the $\pi$-calculus

TL;DR

This paper introduces \\Pcalc, a formal calculus based on the \\pi-calculus, to model and verify privacy policies in information systems through a type system ensuring policy compliance.

Contribution

It develops a novel formal framework combining a privacy policy language with a typed \\pi-calculus variant to analyze privacy in information systems.

Findings

Type preservation ensures systems respect privacy policies.

The framework successfully models privacy-aware electronic traffic schemes.

Verification of privacy compliance is feasible via the proposed type system.

Abstract

In this paper we propose a formal framework for studying privacy in information systems. The proposal follows a two-axes schema where the first axis considers privacy as a taxonomy of rights and the second axis involves the ways an information system stores and manipulates information. We develop a correspondence between the above schema and an associated model of computation. In particular, we propose the \Pcalc, a calculus based on the $\pi$-calculus with groups extended with constructs for reasoning about private data. The privacy requirements of an information system are captured via a privacy policy language. The correspondence between the privacy model and the \Pcalc semantics is established using a type system for the calculus and a satisfiability definition between types and privacy policies. We deploy a type preservation theorem to show that a system respects a policy and it is safe if the typing of the system satisfies the policy. We illustrate our methodology via analysis of two use cases: a privacy-aware scheme for electronic traffic pricing and a privacy-preserving technique for speed-limit enforcement.