Policy Aware Social Miner

Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2013.Cataloged from PDF version of thesis.Includes bibliographical references (p. 67-69).The Policy Aware Social Miner (PASM) project focuses on creating awareness of how seemingly harmless social data might reveal sensitive information about a person, which could be potentially abused. It seeks to define good practices around social data mining. PASM allows people to create policies governing the use of their personal information on social networks. Using linked data, PASM semantically enhances the usage restrictions to ensure that potentially sensitive information is identified and appropriate policies are enforced. PASM also enables people to provide refutations for other information about them that is found on the Web. PASM encourages consumers of social information on the Web to use the mined data appropriately by enforcing data policies before returning the search results. PASM provides a solution to the following issue of privacy in social data mining - although people know that searches for data about them are possible, they have no way to either control the data that is put on the Web by others or indicate how they would like to restrict use of their own data. In a user study conducted to measure the performance of PASM in identifying sensitive posts as compared to the study participants, PASM obtained an F-Measure of 84% and an accuracy of 80%. Interestingly, PASM demonstrated a higher recall than precision, a property that was valued by the study participants as all but one participant indicated that they would prefer receiving false positives rather than false negatives.by Sharon Myrtle Paradesi.S.M

GlobalIdentifier: Unexpected Personal Social Content with Data on the Web

The past year has seen a growing public awareness of the privacy risks of social networking through personal information that people voluntarily disclose. A spotlight has accordingly been turned on the disclosure policies of social networking sites and on mechanisms for restricting access to personal information on Facebook and other sites. But this is not sufficient to address privacy concerns in a world where Web-based data mining tools can let anyone infer information about others by combining data from multiple sources. To illustrate this, we are building a demonstration data miner, GlobalInferencer, that makes inferences about an individual?s lifestyle and other behavior. GlobalInferencer uses linked data technology to perform unified searches across Facebook, Flickr, and public data sites. It demonstrates that controlling access to personal information on individual social networking sites is not an adequate framework for protecting privacy, or even for supporting valid inferencing. In addition to access restrictions, there must be mechanisms for maintaining the provenance of information combined from multiple sources, for revealing the context within which information is presented, and for respecting the accountability that determines how information should be used

User-controlled privacy for personal mobile data

Thesis: Elec. E. in Computer Science, Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2014.Cataloged from PDF version of thesis.Includes bibliographical references (pages 81-82).Smartphones collect a wide range of sensor data, ranging from the basic, such as location, accelerometer, and Bluetooth, to the more advanced, such as heart rate. Mobile apps on the Android and iOS platforms provide users with "all-or-nothing" controls during installation to get permission for data collection and use. Users have to either agree to have the app collect and use all the requested data or not use the app at all. This is slowly changing with the iOS framework, which now allows users to turn off location sharing with specific apps even after installation. MIT Living Lab platform is a mobile app development platform that uses openPDS to provide MIT users with personal data stores but currently lacks user controls for privacy. This thesis presents PrivacyMate, a suite of tools for MIT Living Labs that provide user-controllable privacy mechanisms for mobile apps. PrivacyMate aims to enable users to maintain better control over their mobile personal data. It extends the model of iOS and allows users to select or deselect various types of data (more than just location information) for collection and use by apps. Users can also provide temporal and spatial specifications to indicate a context in which they are comfortable sharing their data with certain apps. We incorporate the privacy mechanisms offered by PrivacyMate into two mobile apps built on the MIT Living Lab platform: ScheduleME and MIT-FIT. ScheduleME enables users to schedule meetings without disclosing either their locations or points of interest. MIT-FIT enables users to track personal and aggregate high-activity regions and times, as well as view personalized fitness-related event recommendations. The MIT Living Lab team is planning to eventually deploy PrivacyMate and MIT-FIT to the entire MIT community.by Sharon Myrtle Paradesi.Elec. E. in Computer Scienc

Integrating behavioral trust in web service compositions

Algorithms for composing Web services (WS) traditionally utilize the functional and quality-of-service parameters of candidate services to decide which services to include in the composition. Users often have differing experiences with a WS. While trust in a WS is multi-faceted and consists of security and behavioral aspects, our focus in this paper is on the latter. We adopt a formal model for trust in a WS, which meets many of our intuitions about trustworthy WSs. We hypothesize predictors of a positive experience with a WS and conduct a small pilot study to explore correlations between subjects ’ experiences with WSs in a composition and the predictor values for those WSs. Furthermore, we show how we may derive trust for compositions from trust models of individual services. We conclude by presenting and evaluating a novel framework, called Wisp, that utilizes the trust models and, in combination with any WS composition tool, chooses compositions to deploy that are deemed most trustworthy.

A Semantic Framework for Content-based Access Controls

Abstract-Social networking sites provide role-or group-based access controls to help users specify their privacy settings. However, information posted on these sites is often intentionally or unintentionally leaked and has caused harm or distress to users. In this paper, we investigate possible improvements to existing implementations by introducing content-based access control policies using Linked Data. Users are able to specify the type of content in the form of tags or keywords in order to indicate which information they wish to protect from certain roles (for example employment), groups or individuals. Providing all possible keywords matching a specific topic may be too time consuming and prone to error for users. Hence using Linked Data we enrich the provided keywords by identifying other meaningful and related concepts. This paper presents the implementation and challenges of developing such a semantic framework. We have qualitatively evaluated this framework using 23 participants. Feedback from participants suggests that such a framework will help ease privacy concerns while posting and sharing social network content