Conformance Verification of Privacy Policies Xiang Fu Assistant Professor Department of Computer Science Hofstra University.

Slides:



Advertisements
Similar presentations
A Logic Specification for Usage Control Xinwen Zhang, Jaehong Park Francesco Parisi-Presicce, Ravi Sandhu George Mason University SACMAT 2004.
Advertisements

Policy Auditing over Incomplete Logs: Theory, Implementation and Applications Deepak Garg 1, Limin Jia 2 and Anupam Datta 2 1 MPI-SWS (work done at Carnegie.
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
Verification of DSMLs Using Graph Transformation: A Case Study with Alloy Zekai Demirezen 1, Marjan Mernik 1,2, Jeff Gray 1, Barrett Bryant 1 1 Department.
Overcoming Barriers to Access to Health Care by Immigrant Families Sonal Ambegaokar, Health Project Manager National Immigration Law Center March 4, 2013.
– Seminar in Software Engineering Cynthia Disenfeld
Satisfiability Modulo Theories (An introduction)
Alan Shaffer, Mikhail Auguston, Cynthia Irvine, Tim Levin The 7th OOPSLA Workshop on Domain-Specific Modeling October 21-22, 2007 Toward a Security Domain.
Implementing Reflective Access Control in SQL Lars E. Olson 1, Carl A. Gunter 1, William R. Cook 2, and Marianne Winslett 1 1 University of Illinois at.
1 University of Toronto Department of Computer Science © 2001, Steve Easterbrook Lecture 10: Formal Verification Formal Methods Basics of Logic first order.
Model Checking Inputs: A design (in some HDL) and a property (in some temporal logic) Outputs: Decision about whether or not the property always holds.
David Abarca, Instructor Del Mar College Computer Corner Online Shopping.
3/5/2009Computer systems1 Analyzing System Using Data Dictionaries Computer System: 1. Data Dictionary 2. Data Dictionary Categories 3. Creating Data Dictionary.
Process Model for Access Control Wael Hassan University of Ottawa Luigi Logrippo, Université du Québec en Outaouais.
Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.
Dr. Xiang Fu Assistant Professor Department of Computer Science Hofstra University.
1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.
Enterprise Privacy Promises and Enforcement Adam Barth John C. Mitchell.
Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.
Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.
Semantic Web services selection based on context information Hong Qing Yu Department of Computer Science 22th May 2007.
Chapter 2: IS Building Blocks Objectives
Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.
An OWL based schema for personal data protection policies Giles Hogben Joint Research Centre, European Commission.
Modeling Systems Requirements: Events and Things.
Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.
INTERNET PRIVACY Marketing companies The cookie leak security hole in the HTML messages The Web Bug Can we trust the privacy.
OHT 11.1 © Marketing Insights Limited 2004 Chapter 9 Analysis and Design EC Security.
Florida Information Protection Act of 2014 (FIPA).
Section 28.1 Marketing Information Chapter 28 marketing research Section 28.2 Issues in Marketing Research.
Near East University Department of Computer Engineering E-COMMERCE FOR LAPTOPS SELLING COMPANY Abdul Halim Abu Kuwaik
PRIVACY IN COMPUTING BY: Engin and Will. WHY IS PRIVACY IMPORTANT? They can use your computer to attack others (money, revenge) They can use your computer.
1 Introduction to Software Engineering Lecture 1.
Lecture 1: Overview of CSCI 485 Notes: I presented parts of this lecture as a keynote at Educator’s Symposium of OOPSLA Shahram Ghandeharizadeh Associate.
Chapter 1 Introduction to Databases. 1-2 Chapter Outline   Common uses of database systems   Meaning of basic terms   Database Applications  
1 Incorporating Data Mining Applications into Clinical Guidelines Reza Sherafat Dr. Kamran Sartipi Department of Computing and Software McMaster University,
1 ICOM 5016 – Introduction to Database System Project # 1 Dr. Manuel Rodriguez-Martinez Department of Electrical and Computer Engineering University of.
1 UNIVERSITY of PENNSYLVANIAGrigoris Karvounarakis November 04 Specification and Verification of Data-driven Web Services Alin Deutsch, Liying Sui, Victor.
McGraw-Hill/Irwin Copyright © 2007 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 2 Information System Building Blocks.
Author: Alex Groce, Daniel Kroening, and Flavio Lerda Computer Science Department, Carnegie Mellon University Pittsburgh, PA Source: R. Alur and.
Database Systems Lecture 1. In this Lecture Course Information Databases and Database Systems Some History The Relational Model.
1 UNIVERSITY of PENNSYLVANIAGrigoris Karvounarakis December 04 Verification of Data-Intensive Web Services Grigoris Karvounarakis University of Pennsylvania.
Towards End-to-End Privacy Control in the Outsourcing of Marketing Activities: A Web Service Integration Patrick C. K. HungDickson K.W. Chiu W.W. FungWilliam.
PolicyMorph: Interactive Policy Model Transformations for a Logical ABAC Framework Michael LeMay Omid Fatemieh Carl A. Gunter.
Reasoning about the Behavior of Semantic Web Services with Concurrent Transaction Logic Presented By Dumitru Roman, Michael Kifer University of Innsbruk,
Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford) Helen Nissenbaum (NYU)
Towards End-to-End Privacy Control in the Outsourcing of Marketing Activities: A Web Service Integration Patrick C. K. Hung Dickson K.W. Chiu W.W. Fung.
E-Commerce E-Commerce Security?? Instructor: Safaa S.Y. Dalloul E-Business Level Try to be the Best.
Page 1 Renzo Angles and Claudio Gutierrez University of Chile ACM Computing Surveys, 2008 Survey of Graph Database Models.
TRANSACTIONAL DATA. TRANSACTION DATA THE COLLECTED INFORMATION ABOUT THE SELL AND PURCHASE TRANSACTION IS THE ACTIVITIES THAT OCCUR EVERY TIME YOU BUY.
Finding bugs with a constraint solver daniel jackson. mandana vaziri mit laboratory for computer science issta 2000.
On Combining Multi-formalism Knowledge to Select Models for Model Transformation Testing Sagar Sen (1 st year PhD student), Benoit Baudry, Jean-Marie Mottu.
Lecture 1: Overview of CSCI 485 Shahram Ghandeharizadeh Associate Professor Computer Science Department University of Southern California Presented by:
Model Checking Early Requirements Specifications in Tropos Presented by Chin-Yi Tsai.
Composing semantic Web services under constraints E.Karakoc, P.Senkul Journal: Expert Systems with Applications 36 (2009)
Database Development Lifecycle
Introduction to Database Systems
The Components of Information Systems
Generating Pieces of Web Applications with Type-Level Programming
CS422 Principles of Database Systems Course Overview
External Services & Frameworks
Introduction to Database Systems
The Components of Information Systems
Lifting Propositional Interpolants to the Word-Level
Towards a Generic On Line Auditing Tool (OLAT)
WorldWidePIN Corporation
Research Challenges in Enterprise Privacy Authorization Language
Computer Security: Art and Science, 2nd Edition
Information System Building Blocks
Lecture 1: Overview of CSCI 485 Notes: I presented parts of this lecture as a keynote at Educator’s Symposium of OOPSLA Shahram Ghandeharizadeh Director.
Presentation transcript:

Conformance Verification of Privacy Policies Xiang Fu Assistant Professor Department of Computer Science Hofstra University

Outline Motivation PV Framework Privacy Properties in Temporal Logic Verification using Alloy Conclusion

Introduction

Web App: Consumer and Producer of INFORMATION Web App SSN Credit Card Medical Record Address Shopping Preference Online Marketing Identity Collection SSN Business Partners Shopping Habits

Privacy Verification Problem Web App Your SSN never be forwarded CC destroyed after transaction Function as PROMISED?

Challenges Business Procedures DB Ops Servlets P3P Privacy Policy Model Checker

PV Framework P rivacy V erification Framework 1. Servlet Control/Data Flow 2. Information Flow 3. Data Operations

Data Model Entity Data Item Operator Servlet Database Business Organization Stakeholder Atomic Real-Being Countable Set CC Card SSN Med Record Transaction ID Name Primitive Type System Flattened Model

Example: Bookstore App Entities

Example: Bookstore App Data Types

Actions Know(e, d) entity data At any moment for any e and d, Know(e,d) is defined Action: transition system expressed using first order on Know predicates

Example: Charge Credit Card Free var, input variable All entities All data

Modeling Privacy Policy Typical Examples: P3P and EPAL Defines: ▫(1) What to protect? ▫(2) Who can receive it? ▫(3) How long?

P3P Example

Temporal Logic for P3P CTL-FO = CTL + First Order Quantifiers Credit Card Info Regularly Purged from DB & is not leaked for any credit cardfor any entities

Verification (1) Translate from PV to Alloy (2) Translate CTL-FO to Alloy Predicates (3) Verification using Alloy

Modeling World Schema module bookstore //1. world schema abstract sig Object {} abstract sig WA, Env, Data extends Object {} abstract sig Actions, Entities extends WA {} … Web App. Set of All Data Items Servlets

Modeling System State Model the transition relation sig State{ know: (WA + Env) -> Data, prev: one State, actstate: Actions -> actionStatus }{ all x: Actions | some status: actionStatus | x -> status in actstate }

Modeling Action pred pChargeCC[s,s’: State, d:CC]{ ChargeCC->READY in s.actstate and ( s’.know = s.know + {DB->d} + {Bank->d} && s’.prev=s && s’.actstate = s.actstate -.. ) }

Modeling CTL-FO Formula pred ef[s:State, d:Data]{ some s’: State | (CEO->d in s’.know) && s in s’.*prev } pred fa[s:State]{ all d: Data | (DB->d in s.know) => ef[s,d] } assert AGProperty{ all s: State | fa[s] }

Initial Experiments StateClausesConstr. Time (ms) Solver Time (ms) 5431k k k Objects

Conclusion PV Framework for Reasoning about Privacy Verification Paradigm using Alloy Problems …

Future Directions (1) Static Program Analysis  Path Transducer Model (Servlet)  Information Flow (Business Rules, Access Right Policies) (2) Customized Relational Constraint Solvers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.