TY - GEN
T1 - Modeling of Personalized Privacy Disclosure Behavior
T2 - 16th International Conference on Availability, Reliability and Security, ARES 2021
AU - Mehdy, A. K.M.Nuhil
AU - Mehrpouyan, Hoda
N1 - Publisher Copyright:
© 2021 ACM.
PY - 2021/8/17
Y1 - 2021/8/17
N2 - In order to create user-centric and personalized privacy management tools, the underlying models must account for individual users' privacy expectations, preferences, and their ability to control their information sharing activities. Existing studies of users' privacy behavior modeling attempt to frame the problem from a request's perspective, which lack the crucial involvement of the information owner, resulting in limited or no control of policy management. Moreover, very few of them take into the consideration the aspect of correctness, explainability, usability, and acceptance of the methodologies for each user of the system. In this paper, we present a methodology to formally model, validate, and verify personalized privacy disclosure behavior based on the analysis of the user's situational decision-making process. We use a model checking tool named UPPAAL to represent users' self-reported privacy disclosure behavior by an extended form of finite state automata (FSA), and perform reachability analysis for the verification of privacy properties through computation tree logic (CTL) formulas. We also describe the practical use cases of the methodology depicting the potential of formal technique towards the design and development of user-centric behavioral modeling. This paper, through extensive amounts of experimental outcomes, contributes several insights to the area of formal methods and user-tailored privacy behavior modeling.
AB - In order to create user-centric and personalized privacy management tools, the underlying models must account for individual users' privacy expectations, preferences, and their ability to control their information sharing activities. Existing studies of users' privacy behavior modeling attempt to frame the problem from a request's perspective, which lack the crucial involvement of the information owner, resulting in limited or no control of policy management. Moreover, very few of them take into the consideration the aspect of correctness, explainability, usability, and acceptance of the methodologies for each user of the system. In this paper, we present a methodology to formally model, validate, and verify personalized privacy disclosure behavior based on the analysis of the user's situational decision-making process. We use a model checking tool named UPPAAL to represent users' self-reported privacy disclosure behavior by an extended form of finite state automata (FSA), and perform reachability analysis for the verification of privacy properties through computation tree logic (CTL) formulas. We also describe the practical use cases of the methodology depicting the potential of formal technique towards the design and development of user-centric behavioral modeling. This paper, through extensive amounts of experimental outcomes, contributes several insights to the area of formal methods and user-tailored privacy behavior modeling.
KW - behavioral analysis
KW - formal methods
KW - privacy
KW - security
KW - user behavior modeling
UR - http://www.scopus.com/inward/record.url?scp=85113246483&partnerID=8YFLogxK
U2 - 10.1145/3465481.3470102
DO - 10.1145/3465481.3470102
M3 - Conference contribution
AN - SCOPUS:85113246483
T3 - ACM International Conference Proceeding Series
BT - 16th International Conference on Availability, Reliability and Security, ARES 2021
Y2 - 17 August 2021 through 20 August 2021
ER -