Presentation is loading. Please wait.

Presentation is loading. Please wait.

August 1, 2003SIGIR Implicit Workshop Protecting the Privacy of Observable Behavior in Distributed Recommender Systems Douglas W. Oard University of Maryland.

Similar presentations


Presentation on theme: "August 1, 2003SIGIR Implicit Workshop Protecting the Privacy of Observable Behavior in Distributed Recommender Systems Douglas W. Oard University of Maryland."— Presentation transcript:

1 August 1, 2003SIGIR Implicit Workshop Protecting the Privacy of Observable Behavior in Distributed Recommender Systems Douglas W. Oard University of Maryland oard@umd.edu Anton Leuski USC-ISI leuski@isi.edu Stuart Stubblebine Stubblebine Research Labs stuart@stubblebine.com

2 Takeaway Points Protecting privacy could yield behavior-based evidence about the utility of information objects A framework for thinking about behaviors that we might hope to observe Some initial thoughts on how to architect privacy protection into recommender systems

3 User Profile Matching Information Objects Recommendations RatingObservations

4 Motivations to Provide Ratings Self-interest –Use the ratings to improve system’s user model Economic benefit –If a market for ratings is created Altruism

5 The Problem with Self-Interest Number of Ratings Marginal value to rater Marginal value to community Few Lots Marginal cost

6 Solution: Reduce the Marginal Cost Number of Ratings Marginal value to rater Marginal value to community Few Lots Marginal cost

7 Some Observable Behaviors

8 Behavior Category

9 Minimum Scope

10 Behavior Category Minimum Scope

11 Recommending w/Implicit Feedback Estimate Rating User Model Ratings Server User Ratings Community Ratings Predicted Ratings User Observations User Ratings User Model Estimate Ratings Observations Server Predicted Observations Community Observations Predicted Ratings User Observations

12 Gaining Access to Observations Observe public behavior –Hypertext linking, publication, citing, … Policy protection –EU: Privacy laws –US: Privacy policies + FTC enforcement Architectural assurance of privacy –Distributed architecture –Model and mitigate privacy risks

13 A More Secure Data Flow Item Behavior Feature Recommendation Recommendations IxR Personal Features IxF Behaviors IxB Community Features IxF

14 Low Entropy Attack Community Features IxF Side information IxB For user U adversary Solution space –Read access to IxF requires minimum number of unique contributors. Cryptographic data structure support Controlled mixing.

15 Matrix Difference Attack Community Features (IxF) adversary User U Community Features (IxF)’ Matrix Difference (IxF) - (IxF)’ IxB For user U Solution space –Users can’t control “next hop” –Routing can hide real source and destination

16 Identity Integrity Attack Community Features (IxF) User U Community Features (IxF)’ Matrix Difference (IxF) - (IxF)’ IxB For user U adversary Solution space –Registrar service Blinded Credentials Attribute Membership Credentials

17 Next Steps Collaborative filtering design –Behavior and feature inventories –Behavior->Feature mapping –Recommendation algorithm Security/System Architecture –Protection requirements –Minimize trust required of system entities –Cryptographic mechanisms


Download ppt "August 1, 2003SIGIR Implicit Workshop Protecting the Privacy of Observable Behavior in Distributed Recommender Systems Douglas W. Oard University of Maryland."

Similar presentations


Ads by Google