Back to Philip Fong's home page.
Tam Thanh Doan, Reihaneh Safavi-Naini, Shuai Li, Sepideh Avizheh, Muni Venkateswarlu K., and Philip W. L. Fong. Towards a Resilient Smart Home. In Proceedings of the 2018 Workshop on IoT Security and Privacy (IoT S&P'18), pages 15-21, Budapest, Hungary, August 20, 2018.
Lakshya Tandon and Philip W. L. Fong, and Reihaneh Safavi-Naini. HCAP: A History-Based Capability System for IoT Devices. In Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies (SACMAT'18), pages 247-258, Indianapolis, IN, USA.
Syed Zain R. Rizvi and Philip W. L. Fong. Efficient Authorization of Graph Database Queries in an Attribute-Supporting ReBAC Model In Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy (CODASPY'18), pages 204-211, Tempe, AZ, USA, March 19-21, 2018.
Seyed Hossein Ahmadinejad and Philip W. L. Fong. An Enforcement Model for Preventing Inference Attacks in Social Computing Platforms. In Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies (SACMAT'17), pages 55-66, Indianapolis, IN, USA, June 21-23, 2017
Pooya Mehregan and Philip W. L. Fong. Policy Negotiation for Co-owned Resources in Relationship-Based Access Control. In Proceedings of the 21st ACM Symposium on Access Control Models and Technologies (SACMAT'2016), pages 125-136, Shanghai, China, June 6-8, 2016.
Seyed Hossein Ahmadinejad, Philip W. L. Fong, and Rei Safavi-Naini. Privacy and Utility of Inference Control Mechanisms for Social Computing Applications. In Proceedings of the 11th ACM Asia Conference on Computer and Communication Security (ASIACCS'2016), pages 829-840, Xi'an, China, May 30 - June 3, 2016.
Syed Zain Rizvi and Philip W. L. Fong. Interoperability of Relationship- and Role-Based Access Control. In Proceedings of the 6th ACM Conference on Data and Application Security and Privacy (CODASPY'2016), pages 231-242, New Orleans, LA, March 9-11, 2016.
Syed Zain Rizvi, Philip W. L. Fong, Jason Crampton, and James Sellwood. Relationship-Based Access Control for an Open-Source Medical Records System. In Proceedings of the 20th ACM Symposium on Access Control Models and Technologies (SACMAT'2015), pages 113-124, Vienna, Austria, June 1-3, 2015.
Mohammad Jafari, Reihaneh Safavi-Naini, Philip W. L. Fong, and Ken Barker. A Framework for Expressing and Enforcing Purpose-Based Privacy Policies. ACM Transactions on Information and System Security, 17(1), August 2014.
Seyed Hossein Ahmadinejad and Philip W. L. Fong. Unintended Disclosure of Information: Inference Attacks by Third-Party Extensions to Social Network Systems. Computers and Security, 44:75-91, July 2014. Elsevier.
Pooya Mehregan and Philip W. L. Fong. Design Patterns for Multiple Stakeholders in Social Computing. In Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec'2014), Vienna, Austria, July 14-16, 2014.
Ebrahim Tarameshloo and Philip W. L. Fong. Access Control Models for Geo-Social Computing Systems. In Proceedings of the 19th ACM Symposium on Access Control Models and Technologies (SACMAT'2014), pages 115-126, London, Ontario, Canada, June 25-27, 2014.
Mona Hosseinkhani, Philip W. L. Fong, and Sheelagh Carpendale. Papilio: Visualizing Android Application Permissions. To appear in the Proceedings of the 2014 Eurographics Conference on Visualization (EuroVis'2014), Swansea, Wales, UK, June 9-13, 2014.
Ebrahim Tarameshloo, Philip W. L. Fong, and Payman Mohassel. On Protection in Federated Social Computing Systems. In Proceedings of the Fourth ACM Conference on Data and Application Security and Privacy (CODASPY'2014), pages 75-86, San Antonio, TX, USA, March 3-5, 2014.
Philip W. L. Fong, Pooya Mehregan, and Ram Krishnan. Relational Abstraction in Community-Based Secure Collaboration. In Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS'2013), pages 585-598, Berlin, Germany, November 4-8, 2013. The companion technical report appears as Technical Report 2013-1045-12, Department of Computer Science, University of Calgary, Calgary, Alberta, Canada, November 2013.
Jayalakshmi Balasubramaniam and Philip W. L. Fong. A White-Box Policy Analysis and its Efficient Implementation. In Proceedings of the 18th ACM Symposium on Access Control Models and Technologies (SACMAT'2013), pages 149-160, Amsterdam, The Netherlands, June 12-14, 2013.
Seyed Hossein Ahmadinejad and Philip W. L. Fong. On the Feasibility of Inference Attacks by Third-Party Extensions to Social Network Systems. In Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS'2013), pages 161-166, Hangzhou, China, May 7-10, 2013.
Arif Akram Khan and Philip W. L. Fong. Satisfiability and Feasibility in a Relationship-based Workflow Authorization Model. In Proceedings of the 17th European Symposium on Research in Computer Security (ESORICS'2012), volume 7459 of Lecture Notes in Computer Science, pages 109-126, Pisa, Italy, September 10-14, 2012.
Cheng Xu and Philip W. L. Fong. The Specification and Compilation of Obligation Policies for Program Monitoring. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS'2012), 12 pages, Seoul, South Korea, May 1-3, 2012. A longer version appears as Technical Report 2011-996-08, Department of Computer Science, University of Calgary, Calgary, Alberta, Canada, April 2011.
Mohd Anwar and Philip W. L. Fong. A Visualization Tool for Evaluating Access Control Policies in Facebook-style Social Network Systems. In Proceedings of the 27th ACM Symposium on Applied Computing (SAC'12), Security Track, Riva del Garda, Trento, Italy, March 26-30, 2012.
Glenn Bruns, Philip W. L. Fong, Ida Siahaan, and Michael Huth. Relationship-Based Access Control: Its Expression and Enforcement Through Hybrid Logic. In Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy (CODASPY'2012), pages 117-124, San Antonio, TX, USA, February 7-9, 2012. A longer version appears as Technical Report 2011/12, Department of Computing, Imperial College, London, UK.
Philip W. L. Fong and Ida Siahaan. Relationship-Based Access Control Policies and Their Policy Languages. In Proceedings of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT'11), pages 51-60, Innsbruck, Austria, June 15-17, 2011.
Philip W. L. Fong. Preventing Sybil Attacks by Privilege Attenuation: A Design Principle for Social Network Systems. In Proceedings of the 2011 IEEE Symposium on Security and Privacy (S&P'11), pages 263-278, Oakland, California, USA, May 22-25, 2011.
Seyed Hossein Ahmadinejad, Mohd Anwar, and Philip W. L. Fong. Inference Attacks by Third-Party Extensions to Social Network Systems. In Proceedings of the 3rd IEEE International Workshop on Security and Social Networking (SESOC'11) (published as part of Proceedings for the 2011 IEEE International Conference on Pervasive Computing and Communications Workshops - PERCOM Workshops), pages 282--287, Seattle, Washington, USA, March 21, 2011.
Philip W. L. Fong. Relationship-Based Access Control: Protection Model and Policy Language. In Proceedings of the First ACM Conference on Data and Application Security and Privacy (CODASPY'11), pages 191-202, San Antonio, Taxas, USA, February 21-23, 2011.
Mohammad Jafari, Philip W. L. Fong, Reihaneh Safavi-Naini, Ken Barker, and Nicholas Paul Sheppard. Towards Defining Semantic Foundations for Purpose-Based Privacy Policies. In Proceedings of the First ACM Conference on Data and Application Security and Privacy (CODASPY'11), pages 213-224, San Antonio, Taxas, USA, February 21-23, 2011.
Philip W. L. Fong and Simon Orr. Isolating Untrusted Software Extensions by Custom Scoping Rules. Computer Languages, Systems and Structures, 36(3):268-287, October 2010. Elsevier.
Rainer Bohme, Philip W. L. Fong and Reihaneh Safavi-Naini (Eds.). Information Hiding --- 12th International Conference, IH'2010, Calgary, AB, Canada, June 28--30, 2010, Revised Selected Papers. Lecture Notes in Computer Science, volume 6387, Springer 2010.
Mohd Anwar, Philip W. L. Fong, Xue-Dong Yang, and Howard Hamilton. Visualizing Privacy Implications of Access Control Policies in Social Network Systems. In Proceedings of the 4th International Workshop on Data Privacy Management (DPM'09), volume 5939 of Lecture Notes in Computer Science, pages 106-120, Saint Malo, France, September 24-25, 2009.
Philip W. L. Fong, Mohd Anwar and Zhen Zhao. A Privacy Preservation Model for Facebook-Style Social Network Systems. In Proceedings of the 14th European Symposium on Research In Computer Security (ESORICS'09), volume 5789 of Lecture Notes in Computer Science, pages 303-320, Saint Malo, France, September 21-23, 2009. A longer version appears as Technical Report 2009-926-05, Department of Computer Science, University of Calgary, Calgary, Alberta, Canada, April 2009.
Philip W. L. Fong. Reading a Computer Science Research Paper. Inroads -- SIGCSE Bulletin, 41(2):138-140, June 2009.
Fei Yan and Philip W. L. Fong. Efficient IRM Enforcement of History-Based Access Control Policies. In Proceedings of the Fourth ACM Symposium on Information, Computer and Communication Security (ASIACCS'09), pages 35-46, Sydney, Australia, March 10-12, 2009. A longer version of the paper appears as Technical Report CS-2008-03, ISBN 0-7731-0653-7, November 2008.
Boting Yang and Philip W. L. Fong. Two NP-Complete Problems in Software Security. In Proceedings of the International Conference on Relations, Orders and Graphs: Interaction with Computer Science (ROGICS'08), Mahdia, Tunisia, May 12-17, 2008.
Philip W. L. Fong. Discretionary Capability Confinement. International Journal of Information Security, 7(2):137-154, April 2008. Springer. A preliminary draft of this paper appeared as Technical Report CS-2006-03, ISBN 0-7731-0568-9, July 2006.
Philip W. L. Fong. Reasoning about Safety Properties in a JVM-like Environment. Science of Computer Programming, 67(2-3):278-300, July 2007. Elsevier.
Philip W. L. Fong and Simon Orr. A Module System for Isolating Untrusted Software Extensions. In Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC'06), pages 203-212, Miami Beach, Florida, USA, December 11-15, 2006.
Philip W. L. Fong. Discretionary Capability Confinement. In Proceedings of the 11th European Symposium On Research In Computer Security (ESORICS'06), volume 4189 of Lecture Notes in Computer Science, pages 127-144, Hamburg, Germany, September 18-20, 2006. Springer.
Philip W. L. Fong. Link-Time Enforcement of Confined Types for JVM Bytecode. In Proceedings of the Third Annual Conference on Privacy, Security and Trust (PST'05), pages 191-202, St. Andrews, New Brunswick, Canada, October 12-14, 2005.
Philip W. L. Fong. Pluggable verification modules: An extensible protection mechanism for the JVM. In Proceedings of the 19th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'04), pages 404-418, Vancouver, BC, Canada, October 24-28, 2004. [postscript] [pdf]
Philip W. L. Fong. Access control by tracking shallow execution history. In Proceedings of the 2004 IEEE Symposium on Security and Privacy (S&P'04), pages 43-55, Berkeley, California, USA, May 9-12, 2004. [postscript] [pdf]
Philip W. L. Fong. Proof Linking: Modular Verification Architecture for Mobile Code Systems. PhD Dissertation, School of Computing Science, Simon Fraser University, Burnaby, BC, Canada V5A 1S6, January 2004. [postscript] [pdf]
Philip W. L. Fong and Robert D. Cameron. Proof linking: Distributed verification of Java classfiles in the presence of multiple classloaders. In Proceedings of the USENIX Java Virtual Machine Research and Technology Symposium (JVM'01), pages 53-66, Monterey, California, USA, April 23-24, 2001. [postscript] [pdf]
Philip W. L. Fong and Robert D. Cameron. Proof linking: Modular verification of mobile programs in the presence of lazy, dynamic linking. ACM Transactions on Software Engineering and Methodology, 9(4):379-409, October 2000. [postscript] [pdf]
Philip W. L. Fong and Robert D. Cameron. Proof linking: An architecture for modular verification of dynamically-linked mobile code. In Proceedings of the Sixth ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE'98), pages 222-230, Orlando, Florida, USA, November 3-5, 1998. [postscript] [pdf]
Premkumar T. Devanbu, Philip W. L. Fong, and Stuart G. Stubblebine. Techniques for trusted software engineering. In Proceedings of the 20th International Conference on Software Engineering (ICSE'98), pages 126-135, Kyoto, Japan, April 19-25, 1998. [postscript] [pdf]
Philip W. L. Fong. A Quantitative Study of Hypothesis Selection. Master thesis, Department of Computer Science, University of Waterloo, Ontario, Canada, 1995.
Philip W. L. Fong. A Quantitative Study of Hypothesis Selection. In Twelfth International Conference on Machine Learning (ICML-95), pages 226-234, Tachoe City, California, USA, July 9-12, 1995. [postscript]