PRIVACY IN EVOLVING SOCIAL NETWORKS Ral Pardo, Musard Balliu, - PowerPoint PPT Presentation

PRIVACY IN EVOLVING SOCIAL NETWORKS Raúl Pardo, Musard Balliu, Gerardo Schneider - @raparuldo NWPT 2015 DataBIN Data-driven Secure Business Intelligence

FACEBOOK PRIVACY SETTINGS Imagine you only want your friends to know your location 2

FACEBOOK PRIVACY SETTINGS 3

FACEBOOK PRIVACY SETTINGS 4

FACEBOOK PRIVACY SETTINGS 5

FACEBOOK PRIVACY SETTINGS ● John's privacy settings ● Raúl's privacy settings 6

FACEBOOK PRIVACY SETTINGS 7

SOCIAL NETWORK GRAPH friendship colleague 8

RELATIONSHIP-BASED ACCESS CONTROL friendship colleague 9

SOCIAL NETWORK MODEL friendship Nobody can know friendRequests colleague 10

FORMAL LANGUAGES ● Knowledge Based Logic - KBL ϕ :: = p ( ⃗ t ) ∣ c m ( i , j ) ∣ a n ( i , j ) ∣ ϕ∧ϕ ∣ ¬ϕ ∣ ∀ x. ϕ ∣ K i ϕ ∣ E G ϕ ∣ S G ϕ ∣ D G ϕ ∣ C G ϕ ● Privacy Policy Language - PPL δ :: = δ∧δ ∣ ⟦ϕ⇒¬α⟧ i ∣ ⟦¬α⟧ i 11

SATISFIABILITY - KBL ● Bob knows Alice's location ⊨ K Bob ● Bob knows that Alice knows Charlie's location friendship ⊨ K Bob K Alice ● Alice and Bob know Bob's friendRequests colleague location ⊨ ¬ E { Alice, Bob } 12

EXAMPLES - KBL ● If I know a post, I know everyone who liked it ∀ x. ∀ u. ∀ i. ∀η( K x post (η ,u )∧ K i like ( i,u, η)⇒ K x like ( i,u, η)) 13

CONFORMANCE - PPL Nobody can know Bob's location ● friendship ⊨ C ⟦¬ S Ag ∖ { Bob } ⟧ Bob where Ag = {Alice, Bob, Charlie} friendRequests colleague 14

EXAMPLES - PPL ● Only people who liked at least one of Bob's posts can join his event Bob joinEvent ⟧ Bob ∀ i . ∀ η . ⟦¬ K Bob like ( i ,Bob, η)⇒¬ P i 15

INSTANTIATIONS 16

17

EVENTS & RULES - FACEBOOK EVT Facebook ={ post , share,like,sendFriendRequest , ... } share(Bob, post(Alice,η), Au) post ( Alice , η)∈ KB Bob ( Alice, Bob )∈ A sharePosts ∀ j ∈ Au KB' j = KB j ∪{ C Au share ( Bob, Alice, η)} share ( bob, post ( Alice , η) , Au ) ⟨ , {{ A i } i ∈Σ , } , KB' , , ⟩ ⟨ , {{ A i } i ∈Σ , } , KB , , ⟩→ 18

DYNAMICS - EPISTEMIC 19

DYNAMICS - TOPOLOGICAL Unfollow 20

DYNAMICS - POLICY Nobody can know Nobody can know Not Privacy Preserving 21

DOES A SN PRESERVE PRIVACY? e ⊨ C ⊨ C Privacy Preserving 22

PRIVACY IN REAL SOCIAL NETWORKS 23

24

REAL-TIME ● Time-stamp all the elements of the framework ● Specify intervals of time in privacy policies [ 18 :00 , 03:00 , Daily ] ⟦¬ K boss ( i ) location ( i )⟧ i 25

SUMMARY ● Formal Privacy Policy Framework (SEFM 2014) – Social Network Model - SN – Knowledge Based Logic – KBL – Privacy Policy Language – PPL – Instantiations ● Evolution of SNs ( submitted to POST 2016) – Formal definition – Privacy preservation – Applied to Facebook and Twitter ● Current and Future work – Relation to Kripke models – Implementation in Diaspora* – Adding Real-time 26