116,347 research outputs found
"If You Can't Beat them, Join them": A Usability Approach to Interdependent Privacy in Cloud Apps
Cloud storage services, like Dropbox and Google Drive, have growing
ecosystems of 3rd party apps that are designed to work with users' cloud files.
Such apps often request full access to users' files, including files shared
with collaborators. Hence, whenever a user grants access to a new vendor, she
is inflicting a privacy loss on herself and on her collaborators too. Based on
analyzing a real dataset of 183 Google Drive users and 131 third party apps, we
discover that collaborators inflict a privacy loss which is at least 39% higher
than what users themselves cause. We take a step toward minimizing this loss by
introducing the concept of History-based decisions. Simply put, users are
informed at decision time about the vendors which have been previously granted
access to their data. Thus, they can reduce their privacy loss by not
installing apps from new vendors whenever possible. Next, we realize this
concept by introducing a new privacy indicator, which can be integrated within
the cloud apps' authorization interface. Via a web experiment with 141
participants recruited from CrowdFlower, we show that our privacy indicator can
significantly increase the user's likelihood of choosing the app that minimizes
her privacy loss. Finally, we explore the network effect of History-based
decisions via a simulation on top of large collaboration networks. We
demonstrate that adopting such a decision-making process is capable of reducing
the growth of users' privacy loss by 70% in a Google Drive-based network and by
40% in an author collaboration network. This is despite the fact that we
neither assume that users cooperate nor that they exhibit altruistic behavior.
To our knowledge, our work is the first to provide quantifiable evidence of the
privacy risk that collaborators pose in cloud apps. We are also the first to
mitigate this problem via a usable privacy approach.Comment: Authors' extended version of the paper published at CODASPY 201
Expectation-Aware Planning: A Unifying Framework for Synthesizing and Executing Self-Explaining Plans for Human-Aware Planning
In this work, we present a new planning formalism called Expectation-Aware
planning for decision making with humans in the loop where the human's
expectations about an agent may differ from the agent's own model. We show how
this formulation allows agents to not only leverage existing strategies for
handling model differences but can also exhibit novel behaviors that are
generated through the combination of these different strategies. Our
formulation also reveals a deep connection to existing approaches in epistemic
planning. Specifically, we show how we can leverage classical planning
compilations for epistemic planning to solve Expectation-Aware planning
problems. To the best of our knowledge, the proposed formulation is the first
complete solution to decision-making in the presence of diverging user
expectations that is amenable to a classical planning compilation while
successfully combining previous works on explanation and explicability. We
empirically show how our approach provides a computational advantage over
existing approximate approaches that unnecessarily try to search in the space
of models while also failing to facilitate the full gamut of behaviors enabled
by our framework
Implanting Life-Cycle Privacy Policies in a Context Database
Ambient intelligence (AmI) environments continuously monitor surrounding individuals' context (e.g., location, activity, etc.) to make existing applications smarter, i.e., make decision without requiring user interaction. Such AmI smartness ability is tightly coupled to quantity and quality of the available (past and present) context. However, context is often linked to an individual (e.g., location of a given person) and as such falls under privacy directives. The goal of this paper is to enable the difficult wedding of privacy (automatically fulfilling users' privacy whishes) and smartness in the AmI. interestingly, privacy requirements in the AmI are different from traditional environments, where systems usually manage durable data (e.g., medical or banking information), collected and updated trustfully either by the donor herself, her doctor, or an employee of her bank. Therefore, proper information disclosure to third parties constitutes a major privacy concern in the traditional studies
- …