1 / 6

Privacy and Contextual Integrity: Framework and Applications

Privacy and Contextual Integrity: Framework and Applications. Adam Barth, Anupam Datta, John C. Mitchell (Stanford) Helen Nissenbaum (NYU). Broad Goal. Protect privacy of individuals Restrict transmission of sensitive data State restrictions in a formal policy language

marcy
Download Presentation

Privacy and Contextual Integrity: Framework and Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy and Contextual Integrity:Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford) Helen Nissenbaum (NYU)

  2. Broad Goal • Protect privacy of individuals • Restrict transmission of sensitive data • State restrictions in a formal policy language • Precisely express privacy legislation • HIPAA (Medical privacy rule) • GLBA (Financial privacy legislation) • COPPA (Privacy protection for children online)

  3. Framework Overview • Privacy model: communicating agents • Agents take on roles • Information abstracted by type • Agent reasoning through computation rules • “Alice gives Bob a type of info about Charlie” • Language based on Linear Temporal Logic • Temporal conditions essential for privacy • Captures opt-in, opt-out, confidentiality, etc • Standard LTL tools applicable

  4. Policy Relations and Operations • Policy compliance crystallizes • Strong compliance • Agents can meet future requirements • Requires computing LTL satisfiability (PSPACE) • Weak compliance • Agents need only meet present requirements • Computable efficiently using LTL tableau • Policy refinement reduces to implication • Combination: conjunction and disjunction

  5. Applications: Privacy in legislation • HIPAA • Hospitals can give protected health information about patients to health care providers • GLBA • Financial institutions must notify consumers if they share their non-public personal information with non-affiliated companies, but the notification may occur either before or after the information sharing occurs

  6. Related Work • Role-based access control • No subjects, attributes, or temporal conditions • XACML • Attributes handled incorrectly (inheritance) • Combination occurs functionally, not logically • EPAL • Obligations treated as uninterpreted symbols • Can only enforce week compliance • P3P • Contains only simple opt-in / opt-out conditions

More Related