AINTNO: Demonstration of Information Accountability on the Web

Slides:

Advertisements

Similar presentations

What is Test Director? Test Director is a test management tool

Advertisements

Privacy-Enhancing Models and Mechanisms for Securing Provenance and its Use October 2010 Lead PI: Ravi Sandhu (UT San Antonio) PIs: Elisa Bertino (Purdue),

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

Deeper Security Analysis of Web-based Identity Federation Apurva Kumar IBM Research – India.

Effective Design of Trusted Information Systems Luděk Novák,

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.

P3P: Platform for Privacy Preferences Charlin Lu Sensitive Information in a Wired World November 11, 2003.

Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

Metadata Presentation by Rick Pitchford Chief Engineer, School of Communication COM 633, Content Analysis Methods Fall 2009.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

BRIEFING TO THE PORTFOLIO COMMITTEE ON THE DPSA’S RISK MANAGEMENT STRATEGY PRESENTATION TO THE PORTFOLIO COMMITTEE 12 MAY

July 25, 2005 PEP Workshop, UM A Single Sign-On Identity Management System Without a Trusted Third Party Brian Richardson and Jim Greer ARIES Lab.

Semantic Web Technologies Lecture # 2 Faculty of Computer Science, IBA.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.

1 1 Interoperating: MIT’s Fusion Center Prototype & JHU/APL’s Back End Attribute Exchange (Identity Management Testbed) January 2013.

Empower your workers and boost productivity Microsoft ® Windows ® Vista Business and Office Small Business 2007 on HP desktops, notebooks and workstations.

Andrew Nash Senior Director of Identity Services Topics in Identity and Payments.

Marketing Systems Group Southern California MRA Education Seminar Presentation September 17, 2005 Privacy and Current Issues.

Demonstration of the Software Prototypes PRIME PROJECT 17 December 2004.

Top 10 Privacy Risks in Web Applications Method, results and some countermeasures 29 May 2015 Florian Stahl (Project Leader) Sponsored by.

Marking Scheme ISM ISM Top-up. Project Contents Abstract, – A one page summary (max. 400 words) of the Intent, work undertaken. Introduction, – An overview.

1 DataSpace MIT Decentralized Information Group Tim Berners-LeeDanny Weitzner Lalana KagalGerry Sussman Hal Abelson Visitors: Joe Pato (HP)Latanya Sweeney.

HTTPA (Accountable Hyper Text Transfer Protocol) PhD Proposal Talk Oshani Seneviratne DIG, MIT CSAIL May 31, 2011.

23-aug-05Intrusion detection system1. 23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion.

Brian Matthews, DeFINE, Pisa 26/11/02 Trust and the Semantic Web Brian Matthews, Business & Information Technology Dept, CLRC

User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

Data Warehousing Data Mining Privacy. Reading Bhavani Thuraisingham, Murat Kantarcioglu, and Srinivasan Iyer Extended RBAC-design and implementation.

PRIVACYRELIABILIT Y SECURITY Secures against attacks Protects confidentiality, integrity, and availability of data and systems Helps manage risk Protects.

HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.

ENHANCING IFRS EXTERNAL REPORTING USING XBRL

Privacy Engineering for Digital Rights Management Systems By XiaoYu Chen.

Evaluation of information. Introduction It is common for people to challenge things they learn It is known that not every information is true Medical.

Future ICT Landscapes – Security and Privacy Challenges & Requirements Simone Fischer-Hübner IVA Workshop, Stockholm 24th May 2012.

FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.

A Generalized Effectuate Strategy for Mash-up Mobile Circumstances A Generalized Effectuate Strategy for Mash-up Mobile Circumstances Project Guide M.J.Jeyasheela.

Low Impact Urban Design and Development: Getting it into practice A presentation by Viv Heslop, Researcher on the LIUDD project.

Application Architecture Internet Architecture David D. Clark MIT CSAIL September 2005.

Alternative Products: Scary Stuff or Good For Business 13 th Annual ACCP Compliance Forum April 28, 2014 Prema K.R. Thiele.

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

28/01/20161 The Future of Online Privacy: Online advertising and behavioral targeting Kristina Irion Third Internet Governance Forum Thursday, 5/12/2008.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.

Castlebridge associates | | Castlebridge changing how people think about information How to Implement the.

Data Warehousing Data Mining Privacy. Reading FarkasCSCE Spring

WATER INTEGRITY GLOBAL OUTLOOK 2016 Clean water needs clean governance.

WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Managing Trust Professor Richard Walton CB. Exam Question The importance of Trust in Data Protection (This essay should discuss the relationship between.

Module: Software Engineering of Web Applications Dr. Samer Odeh Hanna 1.

Module: Software Engineering of Web Applications

Privacy principles Individual written policies

Secure Software Confidentiality Integrity Data Security Authentication

Joseph JaJa, Mike Smorul, and Sangchul Song

The Systems Engineering Context

Shavonne Henry, Nikia Clarke, David Heymann, Brandon Knight

Service Organization Control (SOC)

Introduction to Cyber Security

Introduction and Basic Concepts

Nettest An implementation of BEREC’s recommendations

Module: Software Engineering of Web Applications

سياسة الإفصاح والشفافية ببنك التنمية الصناعية

PLUG-N-HARVEST ID: H2020-EU

Policy reasoning A policy is a set of norms that define optimal behavior of agents in a system What does policy reasoning usually entail ? Proving that.

Module: Software Engineering of Web Applications

Data Warehousing Data Mining Privacy

Revisited under the GDPR Hugh Jones - Sytorus

HP ALM Introduction.

Report of the Marine Spatial Data Infrastructures Working Group (MSDIWG) to IRCC10 Goa, India 4th – 6th June.

18734: Foundations of Privacy

Presentation transcript:

AINTNO: Demonstration of Information Accountability on the Web Joe Pato, HP Labs & MIT CSAIL Sharon Paradesi, Ian Jacobi, Fuming Shih and Sam Wang MIT CSAIL

The Siren Song Social networking is about sharing Source of social capital Creates bonds of belonging 10/7/2011 PASSAT 2011

People Want to Share Sharing But leads to loss of control Within an intended community For a given purpose But leads to loss of control Information Wants to be Free 10/7/2011 PASSAT 2011

The Rocky Shore 10/7/2011 PASSAT 2011

Conventional Privacy Protection Techniques Limit disclosure Apply access controls Anonymize or deidentify content Privacy is complex 10/7/2011 PASSAT 2011

Information Accountability Accountability focuses on misuse and harm redress 10/7/2011 PASSAT 2011

Abstract Accountable Systems Clearly expressed policy and intent Transparency and automatic detection of misuse Redress 10/7/2011 PASSAT 2011

Abstract Accountable Systems Clearly expressed policy and intent Transparency and automatic detection of misuse Redress Policy is difficult to know and express Omniscience is “difficult” to achieve as is determination of intent Suitable Public Policy can be messy and take long to achieve 10/7/2011 PASSAT 2011

Simplified Accountable Systems “Omniscient” Accountability Advocate Incident Investigation Justifications Data Consumer Aggrieved Data Subject Social Network Data Usage Restrictions Data Consumption 10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011

Implementation Architecture 10/7/2011 PASSAT 2011

Data Gathering Engine 10/7/2011 PASSAT 2011

Challenges for Information Accountability Incentives When does a data subject open access? Why does a data consumer supply justifications? Who serves as an Accountability Advocate? 10/7/2011 PASSAT 2011

Challenges for Information Accountability User Responsibility Can a user shelter from consequences? “#NotIntendedToBeAFactualStatement” 10/7/2011 PASSAT 2011

Challenges for Information Accountability Data Ownership & Provenance Third-party ownership Tracking correctness and attribution 10/7/2011 PASSAT 2011

Challenges for Information Accountability Context Incorrect inference due to incomplete knowledge How to integrate with provenance model 10/7/2011 PASSAT 2011

Conclusion Information Accountability aims to encourage responsible use of information by: combining clearly expressed usage policies with systems for detecting misuse, and offering the social tools to provide redress. 10/7/2011 PASSAT 2011

Questions? For additional information: Run the demo: These slides: joe.pato <at> hp.com Run the demo: http://dice.csail.mit.edu/aintno/ui/ These slides: http://dig.csail.mit.edu/2011/Papers/PASSAT_AINTNO/AINTNO-passat-talk.pdf http://dig.csail.mit.edu/2011/Papers/PASSAT_AINTNO/AINTNO-passat-talk.pptx 10/7/2011 PASSAT 2011

10/7/2011 PASSAT 2011