---------------------------------------------------------------------------------
2 PhD positions on Language-based Security using Functional Languages
at Chalmers University of Technology, Sweden
---------------------------------------------------------------------------------

Chalmers University of Technology is hiring:

2 PhD students in language-based security using functional languages

* Important dates:

  June 6th 2024 

* Expected starting date: preferably around September 2024 but negotiable.

----
- 1 PhD student in Language-based Security for Data Sharing Platforms
----

https://web103.reachmee.com/ext/I003/304/job?site=5&lang=UK&validator=a72aeedd63ec10de71e46f8d91d0d57c&job_id=12925

In the dynamic landscape of data-driven innovations, there is a
pressing challenge of facilitating data sharing while safeguarding the security
and privacy of shared information. This project, named SecureClean, aims to
develop tools for constructing robust data aggregation and sharing platforms
with verifiable privacy guarantees. The primary objective is to prevent data
leakages and attacks on sensitive information during the data sharing process.
SecureClean adopts a novel approach by integrating language-based type-safe,
high-level functional programming models with trusted execution environments,
choreographic programming, information-flow control, and differential privacy.
The success of the project not only addresses current challenges faced by
industries but also contributes to advancing technology and standards for
secure and responsible data sharing.

----
- 1 PhD student in Language-based Security to support GDPR Compliance
----

https://web103.reachmee.com/ext/I003/304/job?site=5&lang=UK&validator=a72aeedd63ec10de71e46f8d91d0d57c&job_id=12926

To exploit the benefits of digital services, we are often obliged to share some
of our personal data. The growing availability of large-scale personal data
places the challenge of protecting privacy as a major one. The EU GDPR
legislation created awareness of privacy issues and introduced regulatory
constraints to protect citizens' data. Privacy legislation is not exclusive to
Europe; e.g., the California Consumer Privacy Act became effective in 2020 and
is broadly similar to GDPR. Unfortunately, existing technical solutions to
comply with GDPR constitute best-effort countermeasures, and they are limited
in scope and do not provide any security or privacy guarantee.

This project, called EDA, will develop rigorously proven techniques to ensure
that the propagation, storing, and disclosing of personal data are protected by
a wide range of GDPR principles, namely purpose, the right to consent and
withdrawal, transparency & auditing, processing control, data portability, data
minimization, and non-identifiable disclosure.

EDA's methodological novelty is to tackle many GDPR aspects with the same
underlying approach: a novel fusion between language-based information-flow
control and differential privacy. EDA will adopt functional programming
languages as lingua franca and be mathematically proven to be immune to entire
classes of attacks.