Inferring privacy policies for social networking services

@inproceedings{Danezis2009InferringPP,
  title={Inferring privacy policies for social networking services},
  author={George Danezis},
  booktitle={AISec '09},
  year={2009}
}
  • G. Danezis
  • Published in AISec '09 9 November 2009
  • Computer Science
Social networking sites have come under criticism for their poor privacy protection track record. Yet, there is an inherent difficulty in deciding which principals should have access to user's information or actions, without requiring them to constantly manage their privacy settings. We propose to extract automatically such privacy settings, based on the policy that information produced within a social context should remain in that social context, both to ensure privacy as well as maximising… 

Figures from this paper

UPPC: A Flexible User Privacy Policy for Social Networking Services
TLDR
This paper presents a privacy policy model—UPPC—for enhancing privacy and security for ordinary users and uses the Alloy language to formalize the model and the Alloy Analyzer to check for any inconsistencies.
Privacy Protection in Social Networking Services
TLDR
A survey on different approaches proposed to tackle the privacy issue in social networking sites is made, i.e. approaches addressing end users’ active participation, security automation based on machine learning algorithms, and privacy preserving by using a decentralized architecture for social networking services.
Inferring Unknown Privacy Control Policies in a Social Networking System
TLDR
This paper proposes an approach to infer the enforced privacy control policy by an SNS and consequently the unknown policies to the user given the explicit privacy settings and other policies communicated to the users by the SNS.
Privacy wizards for social networking sites
TLDR
A template for the design of a social networking privacy wizard based on an active learning paradigm called uncertainty sampling, which is able to recommend high-accuracy privacy settings using less user input than existing policy-specification tools.
Semantics-Enhanced Privacy Recommendation for Social Networking Sites
TLDR
An intelligent semantics-based privacy configuration system, named SPAC, to automatically recommend privacy settings for SNS users, which learns users' privacy configuration patterns and makes predictions by utilizing machine learning techniques on users' profiles and privacy setting history.
Detecting Privacy Preferences from Online Social Footprints: A Literature Review
TLDR
This document reviews prior studies that tackle this challenging task and make use of users’ online social footprints to discover their desired privacy settings and develops and employs algorithms to automatically predict users' privacy preferences for personalization purposes.
UPP+: A Flexible User Privacy Policy for Social Networking Services
TLDR
This paper presents a privacy policy model—UPP+—for enhancing privacy and security for ordinary users and uses the Alloy language to formalize the model and the Alloy Analyzer to check for any inconsistencies.
Prevent user Data in Social Network using Access Control Strategy
TLDR
This project process fine-grained access control in a social network, and enables users to define policies to govern belonging resources and to input inquiries in order to access a resou rce in the most effective way.
Empowering Evolving Social Network Users with Privacy Rights
TLDR
A comprehensive and novel reference conceptual model for privacy in constantly evolving social networks is proposed and its novelty is established by briefly contrasting it with contemporary research.
On the Use of Formal Methods to Enforce Privacy-Aware Social Networking
This chapter discusses the use of formal techniques and formal verification tools to ensure privacy-aware social networking; hence users of social-networking sites can predict what the consequences
...
...

References

SHOWING 1-10 OF 15 REFERENCES
Privacy suites: shared privacy for social networks
TLDR
A new paradigm is proposed which allows users to easily choose "suites" of privacy settings which have been specified by friends or trusted experts, only modifying them if they wish, which could dramatically increase the privacy protection that most users experience with minimal time investment.
The Privacy Jungle: On the Market for Data Protection in Social Networks
TLDR
The market for privacy in social networks is dysfunctional in that there is significant variation in sites’ privacy controls, data collection requirements, and legal privacy policies, but this is not effectively conveyed to users.
Prying Data out of a Social Network
TLDR
This work examines the difficulty of collecting profile and graph information from the popular social networking website Facebook and describes several novel ways in which data can be extracted by third parties, and demonstrates the efficiency of these methods on crawled data.
Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook
TLDR
It is found that an individual's privacy concerns are only a weak predictor of his membership to the Facebook, and also privacy concerned individuals join the network and reveal great amounts of personal information.
Privacy and contextual integrity: framework and applications
TLDR
This work formalizes some aspects of contextual integrity in a logical framework for expressing and reasoning about norms of transmission of personal information to capture naturally many notions of privacy found in legislation, including those found in HIPAA, COPPA, and GLBA.
Privacy in Enterprise Identity Federation - Policies for Liberty Single Signon
  • B. Pfitzmann
  • Computer Science
    Privacy Enhancing Technologies
  • 2003
TLDR
An analysis of the Liberty Alliance’s specifications for single signon of users across a federation of enterprises demonstrates that identity-management policies are non-trivial even in a limited context.
Privacy stories: confidence in privacy behaviors through end user programming
TLDR
This work makes use of analytical usability techniques to discuss the usability challenges of the current Facebook interface and to inform the design of the proposed alternative, which is described as a work in progress.
Trust Negotiation in Identity Management
TLDR
The authors show how federated identity management systems can better protect users' information when integrated with trust negotiation and serve as the basic context for determining suitable solutions to this issue.
An analysis of security and privacy issues relating to RFID enabled ePassports
TLDR
An interdisciplinary approach to the key security and privacy issues arising from the use of ePassports is taken and how European data protection legislation must be respected and what additional security measures must be integrated in order to safeguard the privacy of the EU ePassport holder is analyzed.
...
...