28,501 research outputs found
Analyzing Privacy Policies Using Contextual Integrity Annotations
In this paper, we demonstrate the effectiveness of using the theory of
contextual integrity (CI) to annotate and evaluate privacy policy statements.
We perform a case study using CI annotations to compare Facebook's privacy
policy before and after the Cambridge Analytica scandal. The updated Facebook
privacy policy provides additional details about what information is being
transferred, from whom, by whom, to whom, and under what conditions. However,
some privacy statements prescribe an incomprehensibly large number of
information flows by including many CI parameters in single statements. Other
statements result in incomplete information flows due to the use of vague terms
or omitting contextual parameters altogether. We then demonstrate that
crowdsourcing can effectively produce CI annotations of privacy policies at
scale. We test the CI annotation task on 48 excerpts of privacy policies from
17 companies with 141 crowdworkers. The resulting high precision annotations
indicate that crowdsourcing could be used to produce a large corpus of
annotated privacy policies for future research.Comment: 18 pages, 9 figures, 5 table
-MABE: Distributed Multilevel Attribute-Based EMR Management and Applications
Current systems used by medical institutions for the management and transfer
of Electronic Medical Records (EMR) can be vulnerable to security and privacy
threats. In addition, these centralized systems often lack interoperability and
give patients limited or no access to their own EMRs. In this paper, we propose
a novel distributed data sharing scheme that applies the security benefits of
blockchain to handle these concerns. With blockchain, we incorporate smart
contracts and a distributed storage system to alleviate the dependence on the
record-generating institutions to manage and share patient records. To preserve
privacy of patient records, we implement our smart contracts as a method to
allow patients to verify attributes prior to granting access rights. Our
proposed scheme also facilitates selective sharing of medical records among
staff members that belong to different levels of a hierarchical institution. We
provide extensive security, privacy, and evaluation analyses to show that our
proposed scheme is both efficient and practical
Emerging Privacy Issues and Solutions in Cyber-Enabled Sharing Services: From Multiple Perspectives
Fast development of sharing services has become a crucial part of the
cyber-enabled world construction process, as sharing services reinvent how
people exchange and obtain goods or services. However, privacy leakage or
disclosure remains a key concern during the sharing service development
process. While significant efforts have been undertaken to address various
privacy issues in recent years, there is a surprising lack of review for
privacy concerns in the cyber-enabled sharing world. To bridge the gap, in this
study, we survey and evaluate existing and emerging privacy issues relating to
sharing services from various perspectives. Differing from existing similar
works on surveying sharing practices in various fields, our work
comprehensively covers six branches of sharing services in the cyber-enabled
world and selects solutions mostly from the recent five to six years. We
conclude the issues and solutions from three perspectives, namely, from users',
platforms' and service providers' perspectives. Hot topics and less discussed
topics are identified, which provides hints to researchers for their future
studies.Comment: 28 pages, 13 figure
De-anonymizing Social Networks
Operators of online social networks are increasingly sharing potentially
sensitive information about users and their relationships with advertisers,
application developers, and data-mining researchers. Privacy is typically
protected by anonymization, i.e., removing names, addresses, etc.
We present a framework for analyzing privacy and anonymity in social networks
and develop a new re-identification algorithm targeting anonymized
social-network graphs. To demonstrate its effectiveness on real-world networks,
we show that a third of the users who can be verified to have accounts on both
Twitter, a popular microblogging service, and Flickr, an online photo-sharing
site, can be re-identified in the anonymous Twitter graph with only a 12% error
rate.
Our de-anonymization algorithm is based purely on the network topology, does
not require creation of a large number of dummy "sybil" nodes, is robust to
noise and all existing defenses, and works even when the overlap between the
target network and the adversary's auxiliary information is small.Comment: Published in the 30th IEEE Symposium on Security and Privacy, 2009.
The definitive version is available at:
http://www.cs.utexas.edu/~shmat/shmat_oak09.pdf Frequently Asked Questions
are answered at: http://www.cs.utexas.edu/~shmat/socialnetworks-faq.htm
Storing complex data sharing policies with the Min Mask Sketch
More data is currently being collected and shared by software applications
than ever before. In many cases, the user is asked if either all or none of
their data can be shared. We hypothesize that in some cases, users would like
to share data in more complex ways. In order to implement the sharing of data
using more complicated privacy preferences, complex data sharing policies must
be used. These complex sharing policies require more space to store than a
simple "all or nothing" approach to data sharing. In this paper, we present a
new probabilistic data structure, called the Min Mask Sketch, to efficiently
store these complex data sharing policies. We describe an implementation for
the Min Mask Sketch in PostgreSQL and analyze the practicality and feasibility
of using a probabilistic data structure for storing complex data sharing
policies.Comment: 8 pages, 14 figure
Security and Privacy Policy Languages: A Survey, Categorization and Gap Identification
For security and privacy management and enforcement purposes, various policy
languages have been presented. We give an overview on 27 security and privacy
policy languages and present a categorization framework for policy languages.
We show how the current policy languages are represented in the framework and
summarize our interpretation. We show up identified gaps and motivate for the
adoption of policy languages for the specification of privacy-utility trade-off
policies.Comment: 13 pages, 2 figure
Stochastic Privacy
Online services such as web search and e-commerce applications typically rely
on the collection of data about users, including details of their activities on
the web. Such personal data is used to enhance the quality of service via
personalization of content and to maximize revenues via better targeting of
advertisements and deeper engagement of users on sites. To date, service
providers have largely followed the approach of either requiring or requesting
consent for opting-in to share their data. Users may be willing to share
private information in return for better quality of service or for incentives,
or in return for assurances about the nature and extend of the logging of data.
We introduce \emph{stochastic privacy}, a new approach to privacy centering on
a simple concept: A guarantee is provided to users about the upper-bound on the
probability that their personal data will be used. Such a probability, which we
refer to as \emph{privacy risk}, can be assessed by users as a preference or
communicated as a policy by a service provider. Service providers can work to
personalize and to optimize revenues in accordance with preferences about
privacy risk. We present procedures, proofs, and an overall system for
maximizing the quality of services, while respecting bounds on allowable or
communicated privacy risk. We demonstrate the methodology with a case study and
evaluation of the procedures applied to web search personalization. We show how
we can achieve near-optimal utility of accessing information with provable
guarantees on the probability of sharing data
A Model for Privacy-enhanced Federated Identity Management
Identity federations operating in a business or consumer context need to
prevent the collection of user data across trust service providers for legal
and business case reasons. Legal reasons are given by data protection
legislation. Other reasons include business owners becoming increasingly aware
of confidentiality risks that go beyond traditional information security, e.g.,
the numbers of authentications to an EDI service might provide insights into
the volume of invoices, from which one could derive insider information. This
paper proposes extended technical controls supporting three privacy
requirements: a) Limit d Linkability: Two service providers cannot link data
related to a user without the help of a third party, using neither an
identifier nor other identifying attributes like email addresses or payment
data; b) Limited Observability: An identity provider cannot trace which
services a user is using without the help of a third party; c) Non-Disclosure:
Attributes provided to the service provider by an attribute provider are not
disclosed to the identity provider or an intermediate service broker. Using a
hub-and-spoke federation style following the privacy-by-design principle, this
reference architecture addresses the privacy controls mentioned above.Comment: 36 page
PPM: A Privacy Prediction Model for Online Social Networks
Online Social Networks (OSNs) have come to play an increasingly important
role in our social lives, and their inherent privacy problems have become a
major concern for users. Can we assist consumers in their privacy
decision-making practices, for example by predicting their preferences and
giving them personalized advice? To this end, we introduce PPM: a Privacy
Prediction Model, rooted in psychological principles, which can be used to give
users personalized advice regarding their privacy decision-making practices.
Using this model, we study psychological variables that are known to affect
users' disclosure behavior: the trustworthiness of the requester/information
audience, the sharing tendency of the receiver/information holder, the
sensitivity of the requested/shared information, the appropriateness of the
request/sharing activities, as well as several more traditional contextual
factors.Comment: 17 page
A Survey on the Security of Pervasive Online Social Networks (POSNs)
Pervasive Online Social Networks (POSNs) are the extensions of Online Social
Networks (OSNs) which facilitate connectivity irrespective of the domain and
properties of users. POSNs have been accumulated with the convergence of a
plethora of social networking platforms with a motivation of bridging their
gap. Over the last decade, OSNs have visually perceived an altogether
tremendous amount of advancement in terms of the number of users as well as
technology enablers. A single OSN is the property of an organization, which
ascertains smooth functioning of its accommodations for providing a quality
experience to their users. However, with POSNs, multiple OSNs have coalesced
through communities, circles, or only properties, which make
service-provisioning tedious and arduous to sustain. Especially, challenges
become rigorous when the focus is on the security perspective of cross-platform
OSNs, which are an integral part of POSNs. Thus, it is of utmost paramountcy to
highlight such a requirement and understand the current situation while
discussing the available state-of-the-art. With the modernization of OSNs and
convergence towards POSNs, it is compulsory to understand the impact and reach
of current solutions for enhancing the security of users as well as associated
services. This survey understands this requisite and fixates on different sets
of studies presented over the last few years and surveys them for their
applicability to POSNs...Comment: 39 Pages, 10 Figure
- …