PRIVACY IN EVOLVING SOCIAL NETWORKS Raúl Pardo, Musard Balliu, Gerardo Schneider - @raparuldo NWPT 2015 DataBIN Data-driven Secure Business Intelligence
FACEBOOK PRIVACY SETTINGS Imagine you only want your friends to know your location 2
FACEBOOK PRIVACY SETTINGS 3
FACEBOOK PRIVACY SETTINGS 4
FACEBOOK PRIVACY SETTINGS 5
FACEBOOK PRIVACY SETTINGS ● John's privacy settings ● Raúl's privacy settings 6
FACEBOOK PRIVACY SETTINGS 7
SOCIAL NETWORK GRAPH friendship colleague 8
RELATIONSHIP-BASED ACCESS CONTROL friendship colleague 9
SOCIAL NETWORK MODEL friendship Nobody can know friendRequests colleague 10
FORMAL LANGUAGES ● Knowledge Based Logic - KBL ϕ :: = p ( ⃗ t ) ∣ c m ( i , j ) ∣ a n ( i , j ) ∣ ϕ∧ϕ ∣ ¬ϕ ∣ ∀ x. ϕ ∣ K i ϕ ∣ E G ϕ ∣ S G ϕ ∣ D G ϕ ∣ C G ϕ ● Privacy Policy Language - PPL δ :: = δ∧δ ∣ ⟦ϕ⇒¬α⟧ i ∣ ⟦¬α⟧ i 11
SATISFIABILITY - KBL ● Bob knows Alice's location ⊨ K Bob ● Bob knows that Alice knows Charlie's location friendship ⊨ K Bob K Alice ● Alice and Bob know Bob's friendRequests colleague location ⊨ ¬ E { Alice, Bob } 12
EXAMPLES - KBL ● If I know a post, I know everyone who liked it ∀ x. ∀ u. ∀ i. ∀η( K x post (η ,u )∧ K i like ( i,u, η)⇒ K x like ( i,u, η)) 13
CONFORMANCE - PPL Nobody can know Bob's location ● friendship ⊨ C ⟦¬ S Ag ∖ { Bob } ⟧ Bob where Ag = {Alice, Bob, Charlie} friendRequests colleague 14
EXAMPLES - PPL ● Only people who liked at least one of Bob's posts can join his event Bob joinEvent ⟧ Bob ∀ i . ∀ η . ⟦¬ K Bob like ( i ,Bob, η)⇒¬ P i 15
INSTANTIATIONS 16
17
EVENTS & RULES - FACEBOOK EVT Facebook ={ post , share,like,sendFriendRequest , ... } share(Bob, post(Alice,η), Au) post ( Alice , η)∈ KB Bob ( Alice, Bob )∈ A sharePosts ∀ j ∈ Au KB' j = KB j ∪{ C Au share ( Bob, Alice, η)} share ( bob, post ( Alice , η) , Au ) ⟨ , {{ A i } i ∈Σ , } , KB' , , ⟩ ⟨ , {{ A i } i ∈Σ , } , KB , , ⟩→ 18
DYNAMICS - EPISTEMIC 19
DYNAMICS - TOPOLOGICAL Unfollow 20
DYNAMICS - POLICY Nobody can know Nobody can know Not Privacy Preserving 21
DOES A SN PRESERVE PRIVACY? e ⊨ C ⊨ C Privacy Preserving 22
PRIVACY IN REAL SOCIAL NETWORKS 23
24
REAL-TIME ● Time-stamp all the elements of the framework ● Specify intervals of time in privacy policies [ 18 :00 , 03:00 , Daily ] ⟦¬ K boss ( i ) location ( i )⟧ i 25
SUMMARY ● Formal Privacy Policy Framework (SEFM 2014) – Social Network Model - SN – Knowledge Based Logic – KBL – Privacy Policy Language – PPL – Instantiations ● Evolution of SNs ( submitted to POST 2016) – Formal definition – Privacy preservation – Applied to Facebook and Twitter ● Current and Future work – Relation to Kripke models – Implementation in Diaspora* – Adding Real-time 26
Recommend
More recommend