Participants Ashwin Machanavajjhala leader Suman Nath scribe Kristen Lefevre Evimaria Terzi Alan Mislove Ranga Raju Vatsavai Jennifer Neville Hakan Hacigumus Mohamed Mokbel ID: 344134
Download Presentation The PPT/PDF document "Privacy workgroup" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Privacy workgroupSlide2
Participants
Ashwin
Machanavajjhala
(leader)
Suman
Nath (scribe)
Kristen
Lefevre
Evimaria
Terzi
Alan
Mislove
Ranga
Raju
Vatsavai
Jennifer Neville
Hakan
Hacigumus
Mohamed Mokbel Slide3
Various Facets
Data security
Data privacy: Secret but useful
Data compliance
User facing: how to specify privacy, do they understand? Avoid surprise
Trust:Slide4
Privacy
Desummarization
of data, reverse of clustering/aggregation
Examples:
Social
:
facebook
releases statistics,
fb
makes friends suggestions, personalized recommendation/ads based on friends' likes
Mobile: publish mobility traces, or aggregates
Issues:
Information propagation through links: S, through correlation of contexts: M
Information granularity small : S
# entities accessing data is large : CSM
Sparser data, higher dimensions: unique for individuals : SM
Multiple owners of data : CS
Different access control policies for different people, different context: SM
Unstructured data: text/speech/pictures: makes access control harder: SM
Location privacy: MSlide5
Data compliance
Many
formal verification
problems: not our area
We can help implementing
efficiently in
system, auditing
, ensuring policies are implemented right
Issues: C
Complexity of auditing diverse systems
Flow of information through multiple parties: compliance (
Zynga
using data through
fb
)
Forget : what if index/models have been built from data
Corporations can by each other
Apps contain third party libraries accessing private data
Do we need mandatory access controlSlide6
User Facing
How to get informed
consent?
Issues:
Users are content manager: SM
Number of decisions is large: share to whom, what context, at what granularity (goal: reduce number of decisions, make the process more intuitive): SM
Unreadable TOS: C (PL?)
Misinterpreting apps as the platform: C (HCI?)
Users don’t understand ease of access of data: CS (HCI?)
Accountability/understandability in model (recommendations/
etc
): SM (Mining?)
What can you learn about me? As a friend, as a random person? (by crowdsourcing?) S (ML
?)