IFIP Logo
Sign in for Members and Observers

IFIP WG1.3 Foundations of System Specification


Talk "A formal framework for privacy policies"

by Gerardo Schneider

Sat, 27 June 2015 at 03:00 pm in Nijmegen, The Netherlands

Joint work with: Raúl Pardo

Abstract: Social Network Services (SNSs) have changed the way people communicate, bringing many benefits but also the possibility of new threats. Privacy is one of them. We present here a framework to write privacy policies for SNSs and to reason about such policies in the presence of events making the network to evolve. The framework includes a model of SNSs, a logic to specify properties and reason about the knowledge of SNS users, and a formal language to write privacy policies. To describe how SNSs evolve, we provide operational semantics rules which are classified into four categories: epistemic, topological, policy, and hybrid, depending on whether the events under consideration change the knowledge of the SNS' users, the structure of the social graph, the privacy policies, or a combination of the above, respectively. We have instantiated the above in order to formalize Twitter and Facebook behaviour, and prove that it is privacy-preserving. The paper in attachment only presents the "static" case. The case for "evolving SNS" is under submission. * R. Pardo and G. Schneider. A formal privacy policy framework for social networks. In SEFM'14, vol. 8702 of LNCS, pages 378-392. Springer, 2014.

Slides
Paper