Analyzing Causes of Privacy Mismatches in Service Oriented Architecture

Internet users want controlled disclosure of their private data. They are concerned about what personal information they may reveal inadvertently while accessing websites. Intelligent systems can alleviate user’s concern by assessing website’s data practices automatically, assuming machine readable privacy policies. In case of mismatch with user expectations, these systems can also help both parties reviewing their privacy statements by providing useful information. In the context of the collaborative research project PrimeLife (Privacy and Identity Management for Europe in Life), IBM, SAP, ULD, W3C and European Microsoft Innovation Center (EMIC) are working on new languages to define privacy policies. Specifying logic-based languages is important to enable reasoning on mismatches, i.e. understanding why service’s privacy policy does not match user’s privacy preferences. This master thesis, done with EMIC, uses domain specific language to specify privacy and focuses on mechanisms to analyze mismatches and to propose modifications for getting a match, at a higher abstraction level, e.g. DSL. In case of mismatch, this guidance permits the user judging the required amendments and make the right choice thereby, i.e. reject service’s policy or modify her preference accordingly. Another concern of this work is separating different aspects of a privacy management system and link them effectively as required. The proposed approach is validated by developing a proof-of-concept prototype implementation with Microsoft’s textual DSL tool, MGrammar and an existing formal language, Formula.

[1]  Gregory Neven,et al.  Downstream Usage Control , 2010, POLICY.

[2]  Clare-Marie Karat,et al.  Optimizing a policy authoring framework for security and privacy policies , 2010, SOUPS.

[3]  Laurent Bussard,et al.  S4P: A Generic Language for Specifying Privacy Preferences and Policies , 2010 .

[4]  Laurent Bussard,et al.  Obligation Language and Framework to Enable Privacy-Aware SOA , 2009, DPM/SETOP.

[5]  W. No,et al.  A Gap in Perceived Importance of Privacy Policies between Individuals and Companies , 2009, 2009 World Congress on Privacy, Security, Trust and the Management of e-Business.

[6]  Ken Barker,et al.  A Model for Privacy Policy Visualization , 2009, 2009 33rd Annual IEEE International Computer Software and Applications Conference.

[7]  Lorrie Faith Cranor,et al.  A "nutrition label" for privacy , 2009, SOUPS.

[8]  George Yee An Automatic Privacy Policy Agreement Checker for E-services , 2009, 2009 International Conference on Availability, Reliability and Security.

[9]  Harald Zwingelberg,et al.  UI prototypes : Policy administration and presentation (version 1) , 2009 .

[10]  A. Vedder Privacy, een conceptuele articulatie , 2009 .

[11]  David W. Chadwick,et al.  Enforcing "sticky" security policies throughout a distributed application , 2008, MidSec '08.

[12]  Clare-Marie Karat,et al.  Evaluating assistance of natural language policy authoring , 2008, SOUPS '08.

[13]  Scott D. Mainwaring,et al.  Privacy Issues and Human-Computer Interaction , 2008 .

[14]  Wolfram Schulte,et al.  The Power of Rich Syntax for Model-based Development , 2008 .

[15]  Clare-Marie Karat,et al.  Usability Challenges in Security and Privacy Policy-Authoring Interfaces , 2007, INTERACT.

[16]  Andrew D. Gordon,et al.  SecPAL: Design and semantics of a decentralized authorization language , 2010, J. Comput. Secur..

[17]  Almut Herzog,et al.  Linköping Studies in Science and Technology Usable Security Policies for Runtime Environments , 2022 .

[18]  Anne H. Anderson,et al.  A comparison of two privacy policy languages: EPAL and XACML , 2006, SWS '06.

[19]  Clare-Marie Karat,et al.  An empirical study of natural language parsing of privacy policy rules using the SPARCLE policy workbench , 2006, SOUPS '06.

[20]  M Mernik,et al.  When and how to develop domain-specific languages , 2005, CSUR.

[21]  Hui Wu,et al.  Grammar-driven generation of domain-specific language testing tools , 2005, OOPSLA '05.

[22]  John Karat,et al.  Privacy in information technology: Designing to enable privacy policy management in organizations , 2005, Int. J. Hum. Comput. Stud..

[23]  Oliver Günther,et al.  Privacy in e-commerce: stated preferences vs. actual behavior , 2005, CACM.

[24]  Hui Wu,et al.  Weaving a debugging aspect into domain-specific language grammars , 2005, SAC '05.

[25]  Sören Preibusch Implementing Privacy Negotiations in E-Commerce Discussion Papers , 2005 .

[26]  Michael Backes,et al.  Efficient comparison of enterprise privacy policies , 2004, SAC '04.

[27]  Marc Moreno Maza,et al.  Debugging a high level language via a unified interpreter and compiler runtime environment , 2004 .

[28]  Julia Brande Earp,et al.  Innovative web use to learn about consumer behavior and online privacy , 2003, CACM.

[29]  George Yee,et al.  Bilateral e-services negotiation under uncertainty , 2003, 2003 Symposium on Applications and the Internet, 2003. Proceedings..

[30]  Lorrie Faith Cranor,et al.  Use of a P3P user agent by early adopters , 2002, WPES '02.

[31]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[32]  Internet users and online privacy: a study assessing whether Internet users' privacy is adequately protected , 2001, Proceedings of the 23rd International Conference on Information Technology Interfaces, 2001. ITI 2001..

[33]  P. Resnick,et al.  Protocols for automated negotiations with buyer anonymity and seller reputations , 2000 .

[34]  Mark S. Ackerman,et al.  Privacy in e-commerce: examining user scenarios and privacy preferences , 1999, EC '99.

[35]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[36]  Mark S. Ackerman,et al.  Privacy critics: UI components to safeguard users' privacy , 1999, CHI Extended Abstracts.

[37]  Donna L. Hoffman,et al.  Building consumer trust online , 1999, CACM.

[38]  Lorrie Faith Cranor Putting it together: Internet privacy: a public concern , 1998, NTWK.

[39]  J. Ferrante High level language debugging with a compiler , 1983, SIGSOFT '83.

[40]  Warren Teitelman,et al.  The interlisp reference manual , 1974 .