Presentation is loading. Please wait.

Presentation is loading. Please wait.

Feature Interactions in Policy-Driven Privacy Management George Yee Larry Korba Network Computing Group Institute for Information Technology National Research.

Published byMagnus Daniel Modified over 9 years ago

Similar presentations

Presentation on theme: "Feature Interactions in Policy-Driven Privacy Management George Yee Larry Korba Network Computing Group Institute for Information Technology National Research."— Presentation transcript:

1 Feature Interactions in Policy-Driven Privacy Management George Yee Larry Korba Network Computing Group Institute for Information Technology National Research Council Canada {George.Yee, Larry.Korba}@nrc-cnrc.gc.ca www.nrc-cnrc.gc.ca/iit FIW’03

2 Contents Introduction Privacy Policies Privacy Policy Interactions Preventing Unexpected Bad Outcomes Conclusions and Future Research FIW’03

3 Introduction Consumer Provider Consumer ProviderConsumer – Proliferation of e-services – Exchange of privacy policies Policy Exchanges  ? Interactions, ? Outcomes How can the bad outcomes be avoided? – Started with negotiation of privacy policies for e-learning FIW’03

4 Privacy Policies Privacy Principles  who, what, purpose, time Privacy Policy: E-learning Owner: E-learning Unlimited Who: Any What: name, address, tel Purpose: identification Time: As long as needed Who: Any What: Course Marks Purpose: Records Time: 1 year Privacy Policy: Book Seller Owner: All Books Online Who: Any What: name, address, tel Purpose: identification Time: As long as needed Who: Any What: credit card Purpose: payment Time: until payment complete Privacy Policy: Medical Help Owner: Nursing Online Who: Any What: name, address, tel Purpose: contact Time: As long as needed Who: Any What: medical condition Purpose: treatment Time: 1 year Privacy Policy: E-learning Owner: Alice Consumer Who: Any What: name, address, tel Purpose: identification Time: As long as needed Who: Any What: Course Marks Purpose: Records Time: 2 years Privacy Policy: Book Seller Owner: Alice Consumer Who: Any What: name, address, tel Purpose: identification Time: As long as needed Privacy Policy: Medical Help Owner: Alice Consumer Who: Any What: name, address, tel Purpose: contact Time: As long as needed Who: Dr. Alexander Smith What: medical condition Purpose: treatment Time: As long as needed FIW’03

5 Privacy Policy Interactions Rules of Policy Exchange –Provider wants more private info; consumer wants to give up less private info –Match: privacy(consumer)  privacy(provider), otherwise mismatch privacy (long time) < privacy (short time) policy upgrade  more privacy policy downgrade  less privacy PP CA PP PA Policy Exchange Consumer Provider FIW’03

6 Privacy Policy Interactions Privacy policy vs. telecom feature –Similarities Privacy policy: handling of private data, Telecom feature: handling of traffic Executions Individual correctness, unexpected outcomes in combination –Differences Telecom FI: side-effects; Policy FI: normal working Certainty of unexpected outcomes FIW’03

7 Privacy Policy Interactions 1 consumer to 1 provider –Policies match; have service If match is last of many failed attempts, provider may be less attractive in other criteria If match after downgrade, may be hidden costs of less privacy Hidden costs of safeguards Unexpected outcomes, e.g. Nursing Online –Policies mismatch; no service Consumer, provider may downgrade their policies Possible denial of service with very serious consequences, e.g. Nursing Online FIW’03

8 Privacy Policy Interactions 1 consumer to n>1 providers –Policies match for at least 1 provider, have service Above 1-1 outcomes for match Consumer may be able to select best provider –Policies mismatch, no service Above 1-1 outcomes for mismatch Consumer may downgrade policy to match best provider PP CA PP1 PA1 PP2 PA2 Consumer PP CA Provider 1 Provider 2 FIW’03

9 Privacy Policy Interactions n>1 consumers to 1 provider –Policies match for at least 1 consumer, have service Above 1-1 outcomes for match Provider may be able to select best consumer –Policies mismatch, no service Above 1-1 outcomes for mismatch Provider may be able to downgrade policy to match best consumer PP1 CA1 PP PA PP PA Consumer 2 Consumer 1 PP2 CA2 Provider FIW’03

10 Preventing Unexpected Bad Outcomes Consumer and provider agents negotiate privacy policies to mitigate or eliminate bad outcomes –Reduce number of mismatches –Force consideration of policy implications Nursing Online (Provider)Alice (Consumer) OK if a nurse on our staff sees your medical condition? No, only Dr. Alexander Smith can see my medical condition. We cannot provide you with any nursing service unless we know your medical condition. OK, I’ll see Dr. Smith instead. You are putting yourself at risk. What if you need emergency medical help for your condition and Dr. Smith is not available? You are right. Do you have any doctors on staff? Yes, we always have doctors on call. OK to allow them to know your medical condition? That is acceptable. FIW’03

11 Conclusions and Future Research Privacy policies may be expressed in terms of who, what, purpose, and time Agent proxies for consumers and providers exchange and compare privacy policies prior to service initiation Such exchanges can lead to unexpected interaction outcomes with negative consequences Rather than simple matching, privacy policies need to be negotiated, reducing or eliminating harmful interaction outcomes Future research: –Policies can change over time  revisit agreed policies? –Other methods in conjunction with negotiation? –Experiment with privacy negotiation prototype FIW’03

Download ppt "Feature Interactions in Policy-Driven Privacy Management George Yee Larry Korba Network Computing Group Institute for Information Technology National Research."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Project Management.

Project Management.
Financial Recovery. Financial Recovery 2 Welcome 1. Agenda 2. Ground Rules 3. Introductions.

Financial Recovery. Financial Recovery 2 Welcome 1. Agenda 2. Ground Rules 3. Introductions.
March 25, 20131 The Blundellsands Surgery Patient Reference Group Questionnaire Results Monday, March 25 th 2013.

March 25, The Blundellsands Surgery Patient Reference Group Questionnaire Results Monday, March 25 th 2013.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.

Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.
Address Verification Service (AVS). Introduction Introduction o The internet Address Verification System (I-AVS) is a business service for resolving the.

Address Verification Service (AVS). Introduction Introduction o The internet Address Verification System (I-AVS) is a business service for resolving the.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
My Policies and Some Advice for Doing Well in this Course.

My Policies and Some Advice for Doing Well in this Course.
Negotiated Privacy and Security Policies for Web Services George Yee (Joint work with Larry Korba) www.iit-iti.nrc-cnrc.gc.ca/personnel/yee_george_e.html.

Negotiated Privacy and Security Policies for Web Services George Yee (Joint work with Larry Korba)
Hazard Identification, Risk Assessment and Risk Control

Hazard Identification, Risk Assessment and Risk Control
2005 1 HTTP HyperText Transfer Protocol Part 3.

HTTP HyperText Transfer Protocol Part 3.
2014 Assessors Program Purpose: Discuss SRC expectations for the Assessors Program in 2014. Agenda: 1)Formal / Informal Assessments 2)Review the following:

2014 Assessors Program Purpose: Discuss SRC expectations for the Assessors Program in Agenda: 1)Formal / Informal Assessments 2)Review the following:
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
Understand business credit and risk management.

Understand business credit and risk management.
© Chery F. Kendrick & Kendrick Technical Services.

© Chery F. Kendrick & Kendrick Technical Services.
 By: Mallory Mayert & Brooke Atkins.  Introduction Introduction  Why This Topic? Why This Topic?  Harmful Effects Harmful Effects  How to Choose.

 By: Mallory Mayert & Brooke Atkins.  Introduction Introduction  Why This Topic? Why This Topic?  Harmful Effects Harmful Effects  How to Choose.
Consumer Law. Introduction Caveat emptor Consumer-Person who buys goods and services from a seller – Right to be correctly informed of quality, price.

Consumer Law. Introduction Caveat emptor Consumer-Person who buys goods and services from a seller – Right to be correctly informed of quality, price.

Similar presentations

Ads by Google