TY - GEN
T1 - Formal specification and verification of user-centric privacy policies for ubiquitous systems
AU - Joshaghani, Rezvan
AU - Sherman, Elena
AU - Black, Stacy
AU - Mehrpouyan, Hoda
N1 - Publisher Copyright:
© 2019 Association for Computing Machinery.
PY - 2019/6/10
Y1 - 2019/6/10
N2 - As our society has become more information oriented, each individual is expressed, defined, and impacted by information and information technology. While valuable, the current state-of-the-art mostly are designed to protect the enterprise/ organizational privacy requirements and leave the main actor, i.e., the user, uninvolved or with the limited ability to have control over his/her information sharing practices. In order to overcome these limitations, algorithms and tools that provide a user-centric privacy management system to individuals with different privacy concerns are required to take into the consideration the dynamic nature of privacy policies which are constantly changing based on the information sharing context and environmental variables. This paper extends the concept of contextual integrity to provide mathematical models and algorithms that enables the creations and management of privacy norms for individual users. The extension includes the augmentation of environmental variables, i.e. time, date, etc. as part of the privacy norms, while introducing an abstraction and a partial relation over information attributes. Further, a formal verification technique is proposed to ensure privacy norms are enforced for each information sharing action.
AB - As our society has become more information oriented, each individual is expressed, defined, and impacted by information and information technology. While valuable, the current state-of-the-art mostly are designed to protect the enterprise/ organizational privacy requirements and leave the main actor, i.e., the user, uninvolved or with the limited ability to have control over his/her information sharing practices. In order to overcome these limitations, algorithms and tools that provide a user-centric privacy management system to individuals with different privacy concerns are required to take into the consideration the dynamic nature of privacy policies which are constantly changing based on the information sharing context and environmental variables. This paper extends the concept of contextual integrity to provide mathematical models and algorithms that enables the creations and management of privacy norms for individual users. The extension includes the augmentation of environmental variables, i.e. time, date, etc. as part of the privacy norms, while introducing an abstraction and a partial relation over information attributes. Further, a formal verification technique is proposed to ensure privacy norms are enforced for each information sharing action.
KW - Formal Methods
KW - Privacy
KW - User-Centric Policies
UR - http://www.scopus.com/inward/record.url?scp=85070984338&partnerID=8YFLogxK
U2 - 10.1145/3331076.3331105
DO - 10.1145/3331076.3331105
M3 - Conference contribution
T3 - ACM International Conference Proceeding Series
BT - Proceedings of the 23rd International Database Applications and Engineering Symposium, IDEAS 2019
A2 - Desai, Bipin C.
T2 - 23rd International Database Applications and Engineering Symposium, IDEAS 2019
Y2 - 10 June 2019 through 12 June 2019
ER -