towards a mechanism for incentivating privacy
play

Towards a mechanism for incentivating privacy Piero Bonatti, Marco - PowerPoint PPT Presentation

Dec 23, 2023 •144 likes •804 views

Towards a mechanism for incentivating privacy Piero Bonatti, Marco Faella, Clemente Galdi, Luigi Sauro Universit` a di Napoli Federico II, Italy Leuven, 14/9/2011 ESORICS11 14/9/2011 Introduction The economic value of user

  1. Towards a mechanism for incentivating privacy Piero Bonatti, Marco Faella, Clemente Galdi, Luigi Sauro Universit` a di Napoli “Federico II”, Italy Leuven, 14/9/2011 ESORICS’11 – 14/9/2011

  2. Introduction The economic value of user profiles Rich user profiles = Money An incentive for providers to collect lots of personal (sensitive) information (and sell it!) user name, birth date, gender, detailed address, credit card information ESORICS’11 – 14/9/2011

  3. Introduction The economic value of user profiles Rich user profiles = Money An incentive for providers to collect lots of personal (sensitive) information (and sell it!) user name, birth date, gender, detailed address, credit card information lots of quasi-identifiers ESORICS’11 – 14/9/2011

  4. Introduction The economic value of user profiles Rich user profiles = Money An incentive for providers to collect lots of personal (sensitive) information (and sell it!) user name, birth date, gender, detailed address, credit card information lots of quasi-identifiers even sex preferences, and political and religious views ESORICS’11 – 14/9/2011

  5. Introduction Privacy-related questions Is all of the profile necessary for deploying services effectively and securely ? ESORICS’11 – 14/9/2011

  6. Introduction Privacy-related questions Is all of the profile necessary for deploying services effectively and securely ? Is anything preventing providers from collecting more and more information ? ESORICS’11 – 14/9/2011

  7. Introduction Privacy-related questions Is all of the profile necessary for deploying services effectively and securely ? Is anything preventing providers from collecting more and more information ? Is there any mechanism for minimizing provider requests? ESORICS’11 – 14/9/2011

  8. Introduction Privacy through competition Many people do care about privacy large groups of Facebook users threatened to leave and join other networks several times Facebook had to stop and reshape some of its new services ESORICS’11 – 14/9/2011

  9. Introduction Privacy through competition Many people do care about privacy large groups of Facebook users threatened to leave and join other networks several times Facebook had to stop and reshape some of its new services Several analysts say that privacy may become a factor of competition ESORICS’11 – 14/9/2011

  10. Introduction Privacy through competition Many people do care about privacy large groups of Facebook users threatened to leave and join other networks several times Facebook had to stop and reshape some of its new services Several analysts say that privacy may become a factor of competition Our ultimate goal: developing mechanisms that moderate profile collection through provider competition ESORICS’11 – 14/9/2011

  11. The first step (this paper) Truthful mechanisms i.e. providers ask for the user information they really need because that’s the best strategy ESORICS’11 – 14/9/2011

  12. The first step (this paper) Truthful mechanisms i.e. providers ask for the user information they really need because that’s the best strategy Second-price auctions (a.k.a. Vickrey’s auctions) perhaps the most popular truthful mechanism ESORICS’11 – 14/9/2011

  13. The first step (this paper) Truthful mechanisms i.e. providers ask for the user information they really need because that’s the best strategy Second-price auctions (a.k.a. Vickrey’s auctions) perhaps the most popular truthful mechanism Technical problems our “currency” (profiles) is only partially ordered there is no “second price” ESORICS’11 – 14/9/2011

  14. The first step (this paper) Truthful mechanisms i.e. providers ask for the user information they really need because that’s the best strategy Second-price auctions (a.k.a. Vickrey’s auctions) perhaps the most popular truthful mechanism Technical problems our “currency” (profiles) is only partially ordered there is no “second price” First technical investigation Is there any truthful mechanism compatible with the structure of our scenarios ? ESORICS’11 – 14/9/2011

  15. The Formal Framework – Auction-like mechanism V 0.0 Protocol: User asks for a service 1 ESORICS’11 – 14/9/2011

  16. The Formal Framework – Auction-like mechanism V 0.0 Protocol: User asks for a service 1 Providers respond with their information requests, e.g. 2 { login, password } or { credit-card, ID } ESORICS’11 – 14/9/2011

  17. The Formal Framework – Auction-like mechanism V 0.0 Protocol: User asks for a service 1 Providers respond with their information requests, e.g. 2 { login, password } or { credit-card, ID } User selects provider (user ∼ auctioneer, providers ∼ bidders) 3 ESORICS’11 – 14/9/2011

  18. The Formal Framework – Auction-like mechanism V 0.0 Protocol: User asks for a service 1 Providers respond with their information requests, e.g. 2 { login, password } or { credit-card, ID } User selects provider (user ∼ auctioneer, providers ∼ bidders) 3 Information items (called credentials ) are not equally sensitive { prepaid-card } ≺ { birthdate,zip } (strict partial order) ESORICS’11 – 14/9/2011

  19. The Formal Framework – Auction-like mechanism V 0.0 Protocol: User asks for a service 1 Providers respond with their information requests, e.g. 2 { login, password } or { credit-card, ID } User selects provider (user ∼ auctioneer, providers ∼ bidders) 3 Information items (called credentials ) are not equally sensitive { prepaid-card } ≺ { birthdate,zip } (strict partial order) Simplifying assumptions (to be dropped) providers offer functionally equivalent services information-disclosure costs only (e.g. flight booking like Kayak, Momondo, ...) ESORICS’11 – 14/9/2011

  20. The Formal Framework – Auction-like mechanism V 0.0 Protocol: User asks for a service 1 Providers respond with their information requests, e.g. 2 { login, password } or { credit-card, ID } User selects provider (user ∼ auctioneer, providers ∼ bidders) 3 Information items (called credentials ) are not equally sensitive { prepaid-card } ≺ { birthdate,zip } (strict partial order) Simplifying assumptions (to be dropped) providers offer functionally equivalent services information-disclosure costs only (e.g. flight booking like Kayak, Momondo, ...) ⇓ users choose providers based on information requests only repeated service usage has no additional costs ESORICS’11 – 14/9/2011

  21. The Formal Framework – User privacy constraints V 0.0 User privacy constraints (user policy): maximal disclosable sets { zip,nationality } or { credit-card, birthdate } ESORICS’11 – 14/9/2011

  22. The Formal Framework – User privacy constraints V 0.0 User privacy constraints (user policy): maximal disclosable sets { zip,nationality } or { credit-card, birthdate } zip is OK; credit-card + birthdate is OK ESORICS’11 – 14/9/2011

  23. The Formal Framework – User privacy constraints V 0.0 User privacy constraints (user policy): maximal disclosable sets { zip,nationality } or { credit-card, birthdate } zip is OK; credit-card + birthdate is OK zip + birthdate not releasable ESORICS’11 – 14/9/2011

  24. The Formal Framework – User privacy constraints V 0.0 User privacy constraints (user policy): maximal disclosable sets { zip,nationality } or { credit-card, birthdate } zip is OK; credit-card + birthdate is OK zip + birthdate not releasable Admissible requests Let adm be the set of all requests (sets of items) that satisfy the user’s privacy preferences ESORICS’11 – 14/9/2011

  25. The Formal Framework – Provider policy V 0.0 Provider policy: minimal acceptable sets (for service access) { login,password } or { credit-card, exp-date,username,... } ESORICS’11 – 14/9/2011

  26. The Formal Framework – Provider policy V 0.0 Provider policy: minimal acceptable sets (for service access) { login,password } or { credit-card, exp-date,username,... } login + password + credit-card is OK ESORICS’11 – 14/9/2011

  27. The Formal Framework – Provider policy V 0.0 Provider policy: minimal acceptable sets (for service access) { login,password } or { credit-card, exp-date,username,... } login + password + credit-card is OK login + credit-card not enough ESORICS’11 – 14/9/2011

  28. The Formal Framework – Provider policy V 0.0 Provider policy: minimal acceptable sets (for service access) { login,password } or { credit-card, exp-date,username,... } login + password + credit-card is OK login + credit-card not enough Fulfilling disclosures Let ful ( pol i ) be all sets of items that satisfy provider i ’s policy ESORICS’11 – 14/9/2011

  29. The Formal Framework – Provider requests (strategies) V 0.0 Request � policy they have the same structure, though (a list of info sets) req i denotes the information request of provider i (its strategy ) ESORICS’11 – 14/9/2011

  30. The Formal Framework – Provider requests (strategies) V 0.0 Request � policy they have the same structure, though (a list of info sets) req i denotes the information request of provider i (its strategy ) Providers may ask for larger information sets { credit-card, ID, SSN } or ... ESORICS’11 – 14/9/2011

Recommend

Discussion of Privacy as a Tool for Robust Mechanism Design

Discussion of Privacy as a Tool for Robust Mechanism Design

Discussion of Privacy as a Tool for Robust Mechanism Design in Large Markets Leeat Yariv General Theme Interpret differenAal privacy as a

275 views • 25 slides
Algorithms for Differential Privacy: Exponential & Median Mechanism CompSci 590.03

Algorithms for Differential Privacy: Exponential & Median Mechanism CompSci 590.03

Algorithms for Differential Privacy: Exponential & Median Mechanism CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 7 : 590.03 Fall 12 1 Recap: Differential Privacy For every pair of inputs For every output that differ in one

445 views • 29 slides
Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy Generalized definition of differential privacy allowing for a (supposedly small) additive factor Used in a variety of applications A query mechanism M is (

1.27k views • 43 slides
UA-Driven Privacy Mechanism for SIP draft-ietf-sip-ua-privacy-02 Mayumi Munakata Shida Schubert

UA-Driven Privacy Mechanism for SIP draft-ietf-sip-ua-privacy-02 Mayumi Munakata Shida Schubert

IETF72 SIP - Jul. 31, 2008 UA-Driven Privacy Mechanism for SIP draft-ietf-sip-ua-privacy-02 Mayumi Munakata Shida Schubert Takumi Ohba UA-Driven Privacy (draft-ietf-sip-ua-privacy-02) Mayumi M. Changes from 01

432 views • 5 slides
Entropy-minimizing Mechanism for Differential Privacy of Discrete-time Linear Feedback Systems

Entropy-minimizing Mechanism for Differential Privacy of Discrete-time Linear Feedback Systems

Entropy-minimizing Mechanism for Differential Privacy of Discrete-time Linear Feedback Systems Yu Wang, Zhenqi Huang, Sayan Mitra and Geir E. Dullerud September 25, 2014 General Question Trade-off between privacy and accuracy: a

587 views • 19 slides
Data Privacy, Mechanism Design and Learning Steven Wu University of Pennsylvania ITCS

Data Privacy, Mechanism Design and Learning Steven Wu University of Pennsylvania ITCS

Data Privacy, Mechanism Design and Learning Steven Wu University of Pennsylvania ITCS 2016 Graduating Bits Differential Privacy [DMNS06] Basic query release problem: release aggregate statistics on sensitive data (e.g. medical

213 views • 4 slides
DNT: 1 Mozillas Do Not Track Mechanism Alex Fowler, Global Privacy & Public Policy Leader,

DNT: 1 Mozillas Do Not Track Mechanism Alex Fowler, Global Privacy & Public Policy Leader,

DNT: 1 Mozillas Do Not Track Mechanism Alex Fowler, Global Privacy & Public Policy Leader, Mozilla W3C Web & User Privacy Tracking Workshop April 28, 2011 Shape Market via Code & User Adoption Problem Goals People unaware

335 views • 9 slides
Privacy as a tool for Robust Mechanism Design in Large Markets Aaron

Privacy as a tool for Robust Mechanism Design in Large Markets Aaron

Privacy as a tool for Robust Mechanism Design in Large Markets Aaron Roth Based on joint works with: Rachel Cummings, Jus;n Hsu, Zhiyi Huang, Sampath

644 views • 30 slides
Higher-Order Relational Refinement Types for Mechanism Design and Differential Privacy Gilles

Higher-Order Relational Refinement Types for Mechanism Design and Differential Privacy Gilles

Higher-Order Relational Refinement Types for Mechanism Design and Differential Privacy Gilles Barthe 1 , Marco Gaboardi 2 , Emilio Jess Gallego Arias 3 , 4 , Justin Hsu 4 , Aaron Roth 4 , Pierre-Yves Strub 1 1 IMDEA Software, 2 University of

1.16k views • 77 slides
Mechanism Design in Large Games: Incentives and Privacy. Aaron Roth Joint work with Michael

Mechanism Design in Large Games: Incentives and Privacy. Aaron Roth Joint work with Michael

Mechanism Design in Large Games: Incentives and Privacy. Aaron Roth Joint work with Michael Kearns, Mallesh Pai, Jon Ullman Consider the following scenario. GPS assisted navigation. You type in your destination, Google tells you a

776 views • 52 slides
A Privacy-Restoring Mechanism for Offline RFID Systems Gildas Avoine Iwen Coisel Tania Martin

A Privacy-Restoring Mechanism for Offline RFID Systems Gildas Avoine Iwen Coisel Tania Martin

A Privacy-Restoring Mechanism for Offline RFID Systems Gildas Avoine Iwen Coisel Tania Martin Universit e catholique de Louvain Belgium April 16, 2012 [WiSec12, Tucson, AZ, USA] Goal of our Paper Authentication protocol that

1.08k views • 43 slides
Differen'al*Privacy:*Basics* CompSci(590.03( Instructor:(Ashwin(Machanavajjhala(

Differen'al*Privacy:*Basics* CompSci(590.03( Instructor:(Ashwin(Machanavajjhala(

Differen'al*Privacy:*Basics* CompSci(590.03( Instructor:(Ashwin(Machanavajjhala( Lecture*2*:*590.03*Fall*16* 1* Outline*of*lecture* Differen'al*Privacy* Basic*Algorithms* Laplace*Mechanism* Composi'on*Theorems* Exercise* *

912 views • 34 slides
$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
Decentralized Tech - The Next 5 Years Conrad Barski, M.D. CEO, Forward Blockchain Privacy

Decentralized Tech - The Next 5 Years Conrad Barski, M.D. CEO, Forward Blockchain Privacy

Decentralized Tech - The Next 5 Years Conrad Barski, M.D. CEO, Forward Blockchain Privacy "The digital signing mechanism in Bitcoin & Ethereum is the most secure one ever created" "The digital signing mechanism in Bitcoin

828 views • 35 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

Presentation Slides $ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

429 views • 13 slides
CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies US Privacy Laws Sources: Baase: A Gift of Fire and Quinn: Ethics for the Information Age Ethics Spring 2010 Privacy 1 Privacy The original

725 views • 45 slides
Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is

1.01k views • 76 slides
Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in many ways over the years. Usually privacy is concerned with the individual human being. We may talk about privacy as the control over your own

230 views • 21 slides
Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario https://www.ipc.on.ca/images/resources/7foundationalprinciples.pdf Privacy by Design Let's have it! Article 25 European

1.32k views • 118 slides
Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy. College Bescherming Persoonsgegevens (CBP) What is privacy? Users must be able to determine for themselves when, how, to what extent and

798 views • 45 slides
Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

ECE598NB Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics Course Structure Privacy Define privacy Privacy History Privacy has always existed Cities / large populations have made

173 views • 14 slides
Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential

Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential

Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential Privacy Gilles Barthe, Marco Gaboardi, Emilio Jess Gallego Arias, Justin Hsu, Aaron Roth, Pierre-Yves Strub UPenn-Mines ParisTech, IMDEA Software

905 views • 89 slides

More recommend