Security and Privacy in User Modeling

0 Introduction.- 1. User Modeling.- 2. Privacy.- 3. Security.- 4. Requirements for Anonymity and Pseudonymity.- 5. Requirements for Security.- 6. Solutions for Anonymity and Pseudonymity.- 7. Solutions for Security.- 8. Selected User Modeling Components.- 9 Summary and Conclusion.- References.

[1]  Constantine Stephanidis,et al.  Supporting Interface Adaptation: the AVANTI Web-Browser , 1999 .

[2]  Ivan P. Fellegi,et al.  On the Question of Statistical Confidentiality , 1972 .

[3]  Edeltraud Egger Considering Privacy-Aspects in Designing CSCW-Applications , 1993 .

[4]  Jon Orwant,et al.  Heterogeneous learning in the Doppelgänger user modeling system , 2005, User Modeling and User-Adapted Interaction.

[5]  Charles J. Petrie,et al.  Agent-Based Engineering, the Web, and Intelligence , 1996, IEEE Expert.

[6]  Adrian Baldwin,et al.  Towards a more complete model of role , 1998, RBAC '98.

[7]  David F. Ferraiolo,et al.  Role Based Access Control for the World Wide Web , 1997 .

[8]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[9]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[10]  Gultekin Özsoyoglu,et al.  Statistical database design , 1981, TODS.

[11]  Frédéric Cuppens,et al.  Information Flow Controls vs Interference Controls: An Integrated Approach , 1994, ESORICS.

[12]  John F. Barkley,et al.  Comparing simple role based access control models and access control lists , 1997, RBAC '97.

[13]  Michael R. Genesereth,et al.  Logical foundations of artificial intelligence , 1987 .

[14]  Sylvia L. Osborn Mandatory access control and role-based access control revisited , 1997, RBAC '97.

[15]  Richard J. Lipton,et al.  Secure databases: protection against user influence , 1979, TODS.

[16]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[17]  Jr. Allen B. Tucker,et al.  The Computer Science and Engineering Handbook , 1997 .

[18]  Jack Minker,et al.  Logic and Databases: A Deductive Approach , 1984, CSUR.

[19]  John E. Dobson,et al.  Security Models and Enterprise Models , 1988, Database Security.

[20]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[21]  Jeffrey D. Uuman Principles of database and knowledge- base systems , 1989 .

[22]  Elaine Rich,et al.  Building and Exploiting User Models , 1979, IJCAI.

[23]  G. T. Gangemi,et al.  Computer Security Basics , 2006 .

[24]  Constantine Stephanidis,et al.  Adaptable and Adaptive User Interfaces for Disabled Users in the AVANTI Project , 1998, IS&N.

[25]  Frank Linton,et al.  Building user and expert models by long-term observation of application usage , 1999 .

[26]  David A. Farber,et al.  Network security via dynamic process renaming , 1975 .

[27]  Neil C. Rowe Inference-security analysis using resolution theorem-proving , 1989, [1989] Proceedings. Fifth International Conference on Data Engineering.

[28]  Hannes Federrath,et al.  Web MIXes: A System for Anonymous and Unobservable Internet Access , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[29]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[30]  Yossi Matias,et al.  Consistent, yet anonymous, Web access with LPWA , 1999, CACM.

[31]  L. G. Lawrence The role of roles , 1993, Comput. Secur..

[32]  E. Horvitz,et al.  Personalised hypermedia presentation techniques for improving online customer relationships , 2001, The Knowledge Engineering Review.

[33]  Ana Paiva,et al.  TAGUS — A user and learner modeling workbench , 2005, User Modeling and User-Adapted Interaction.

[34]  Alfred Kobsa,et al.  Personalized Hypermedia Information Provision Through Adaptive and Adaptable System Features: User Modelling, Privacy and Security Issues , 1997, IS&N.

[35]  David Mazières,et al.  The design, implementation and operation of an email pseudonym server , 1998, CCS '98.

[36]  D. Kahn The codebreakers : the story of secret writing , 1968 .

[37]  Karen Sparck Jones Realism About User Modeling , 1989 .

[38]  Timothy W. Finin,et al.  A Proposal for a new KQML Specification , 1997 .

[39]  D. Richard Kuhn,et al.  Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems , 1997, RBAC '97.

[40]  Norman S. Matloff Another Look at the Use of Noise Addition for Database Security , 1986, 1986 IEEE Symposium on Security and Privacy.

[41]  Josef Fink,et al.  Putting personalization into practice , 2002, CACM.

[42]  Dorothy E. Denning,et al.  Inference Controls for Statistical Databases , 1983, Computer.

[43]  Alan O. Freier,et al.  The SSL Protocol Version 3.0 , 1996 .

[44]  Keith W. Miller,et al.  Software engineering code of ethics is approved , 1999, CACM.

[45]  Alan Burns,et al.  On the Meaning of Safety and Security , 1992, Comput. J..

[46]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[47]  Günther Pernul,et al.  Information systems security: Scope, state-of-the-art, and evaluation of techniques , 1995 .

[48]  Al Mullery Intelligence in Services and Networks: Technology for Cooperative Competition , 1997, Lecture Notes in Computer Science.

[49]  Yossi Matias,et al.  How to Make Personalized Web Browising Simple, Secure, and Anonymous , 1997, Financial Cryptography.

[50]  Hannes Federrath,et al.  Project “anonymity and unobservability in the Internet” , 2000, CFP '00.

[51]  Ravi S. Sandhu Role Hierarchies and Constraints for Lattice-Based Access Controls , 1996, ESORICS.

[52]  Ravi S. Sandhu,et al.  Roles versus groups , 1996, RBAC '95.

[53]  Jonathan D. Moffett,et al.  Control principles and role hierarchies , 1998, RBAC '98.

[54]  Sushil Jajodia,et al.  Database Security, V: Status and Prospects, Results of the IFIP WG 11.3 Workshop on Database Security, Shepherdstown, West Virginia, USA, 4-7 November, 1991 , 1992, DBSec.

[55]  Josef Fink,et al.  Transactional consistency in user modeling systems , 1999 .

[56]  Judy Kay,et al.  The justified user model: A viewable explained user model , 2003 .

[57]  Steven P. Reiss Practical Data-Swapping: The First Steps , 1980, IEEE Symposium on Security and Privacy.

[58]  Dov M. Gabbay,et al.  Handbook of logic in artificial intelligence and logic programming (vol. 1) , 1993 .

[59]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[60]  Günther Pernul,et al.  Security Policies for Databases , 1992 .

[61]  Ravi S. Sandhu,et al.  Decentralized user-role assignment for Web-based intranets , 1998, RBAC '98.

[62]  Hermann A. Maurer,et al.  Levels of Anonymity , 1996 .

[63]  K J Biba,et al.  Integrity Considerations for Secure Computer Systems , 1977 .

[64]  D. Richard Kuhn,et al.  A role-based access control model and reference implementation within a corporate intranet , 1999, TSEC.

[65]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[66]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[67]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[68]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[69]  Nancy G. Leveson,et al.  Safeware: System Safety and Computers , 1995 .

[70]  David Maier,et al.  The Theory of Relational Databases , 1983 .

[71]  Vasant Honavar Principles of Artificial Intelligence Fall 2005 Handout , .

[72]  Elaine Rich,et al.  User Modeling via Stereotypes , 1998, Cogn. Sci..

[73]  Sebastiano Trigila Intelligence in Services and Networks: Technology for Ubiquitous Telecom Services , 1998, Lecture Notes in Computer Science.

[74]  Michael A. Covington Speech acts, electronic commerce, and KQML , 1998, Decis. Support Syst..

[75]  Peter J. Denning,et al.  The tracker: a threat to statistical database security , 1979, TODS.

[76]  Markus Jakobsson,et al.  A Practical Mix , 1998, EUROCRYPT.

[77]  Masayuki Abe,et al.  Universally Verifiable Mix-net with Verification Work Indendent of the Number of Mix-servers , 1998, EUROCRYPT.

[78]  Birgit Pfitzmann,et al.  Rechtssicherheit trotz Anonymität in offenen digitalen Systemen , 1990 .

[79]  B. Biddle,et al.  Role Theory: Concepts and Research , 1966 .

[80]  Bradley N. Miller,et al.  GroupLens: applying collaborative filtering to Usenet news , 1997, CACM.

[81]  Carlo Tasso,et al.  A shell for developing non-monotonic user modeling systems , 1994, Int. J. Hum. Comput. Stud..

[82]  Marcus Specht,et al.  ACE - Adaptive Courseware Environment , 2000, AH.

[83]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[84]  Alfred Kobsa,et al.  The user modeling shell system BGP-MS , 2005, User Modeling and User-Adapted Interaction.

[85]  Oren Etzioni,et al.  Privacy interfaces for information management , 1999, CACM.

[86]  Tsau Young Lin,et al.  Database Security XI , 1998, IFIP Advances in Information and Communication Technology.

[87]  Ruth Nelson What is a Secret and What does that have to do with Computer Security? , 1994, Proceedings New Security Paradigms Workshop.

[88]  Paul Syverson,et al.  Onion Routing for Anonymous and Private Internet Connections , 1999 .

[89]  Tim Finin,et al.  Secret Agents - A Security Architecture for the KQML Agent Communication Language , 1995, CIKM 1995.

[90]  T. D. Garvey,et al.  Multilevel security for knowledge based systems , 1990, [1990] Proceedings of the Sixth Annual Computer Security Applications Conference.

[91]  Elaine Rich Users are individuals: individualizing user models , 1999, Int. J. Hum. Comput. Stud..

[92]  John McLean,et al.  Reasoning About Security Models , 1987, 1987 IEEE Symposium on Security and Privacy.

[93]  José Meseguer,et al.  Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.

[94]  Timothy W. Finin GUMS — A General User Modeling Shell , 1989 .

[95]  R. Dierstein The Concept of Secure Information Processing Systems and their Basic Functions. , 1990 .

[96]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[97]  Gustavus J. Simmons,et al.  Contemporary Cryptology: The Science of Information Integrity , 1994 .

[98]  Mary Ellen Zurko,et al.  Separation of duty in role-based environments , 1997, Proceedings 10th Computer Security Foundations Workshop.

[99]  Francis Y. L. Chin Security in statistical databases for queries with small counts , 1978, TODS.

[100]  Joachim Biskup,et al.  Sicherheit in Informationssystemen - Gewährleistung und Begrenzung des Informationsflusses , 1991, VIS.

[101]  Craig Hunt TCP/IP Network Administration , 1992 .

[102]  John Anderson,et al.  Pragmatic User Modelling in a Commercial Software System , 1997 .

[103]  Andreas Pfitzmann,et al.  Networks without user observability , 1987, Comput. Secur..

[104]  Jeffrey D. Ullman,et al.  Principles Of Database And Knowledge-Base Systems , 1979 .

[105]  Randall P. Wolf,et al.  Protecting databases from inference attacks , 1997, Comput. Secur..

[106]  Ravi Sandhu Access Control: The Neglected Frontier , 1996, ACISP.

[107]  Alfred Kobsa,et al.  User Interfaces for All , 1999 .

[108]  Matthew Morgenstern,et al.  Controlling logical inference in multilevel database systems , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[109]  Wolfgang Pohl,et al.  Mechanisms for Flexible Representation and Use of Knowledge in User Modeling Shell Systems , 1997 .

[110]  Charles J. Petrie,et al.  JATLite: A Java Agent Infrastructure with Message Routing , 2000, IEEE Internet Comput..

[111]  Ifip Tc,et al.  Security and Control of Information Technology in Society, Proceedings of the IFIP TC9/WG9.6 Working Conference on Security and Control of Information Technology in Society on board M/S Illich and ashore at St. Petersburg, Russia, 12-17 August, 1993 , 1994, Security and Control of Information Technology in Society.

[112]  John H. Gerdes,et al.  Anonymous mechanisms in group decision support systems communication , 1998, Decis. Support Syst..

[113]  Rita C. Summers Secure Computing: Threats and Safeguards , 1996 .

[114]  Ravi S. Sandhu,et al.  Role activation hierarchies , 1998, RBAC '98.

[115]  Dogan Kesdogan,et al.  Stop-and-Go-MIXes Providing Probabilistic Anonymity in an Open System , 1998, Information Hiding.

[116]  Robert Boguslaw,et al.  Privacy and Freedom , 1968 .

[117]  Martin Davis First order logic , 1993 .

[118]  Tom Peters,et al.  Computerized monitoring and online privacy , 1999 .

[119]  Wolfgang Pohl,et al.  Logic-Based Representation and Reasoning for User Modeling Shell Systems , 2004, User Modeling and User-Adapted Interaction.

[120]  Alfred Kobsa,et al.  Adaptable and adaptive information provision for all users, including disabled and elderly people , 1998, New Rev. Hypermedia Multim..

[121]  Jan Schlörer Disclosure from Statistical Databases: Quantitative Aspects of Trackers , 1980, ACM Trans. Database Syst..

[122]  Winfried Lamersdorf,et al.  Trends in Distributed Systems for Electronic Commerce , 1998, Lecture Notes in Computer Science.

[123]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[124]  Gultekin Özsoyoglu,et al.  Data Dependencies and Inference Control in Multilevel Relational Database Systems , 1987, 1987 IEEE Symposium on Security and Privacy.

[125]  Mark Chapman,et al.  Hiding the Hidden: A software system for concealing ciphertext as innocuous text , 1997, ICICS.

[126]  Alfred Kobsa,et al.  Adaptivität und Benutzermodellierung in interaktiven Softwaresystemen , 1993, KI.

[127]  Michael K. Reiter,et al.  Anonymous Web transactions with Crowds , 1999, CACM.

[128]  W. Ryan,et al.  Privacy and freedom: Alan F. Westin Atheneum Publishers, $10 , 1967 .

[129]  Ravi S. Sandhu,et al.  The URA97 Model for Role-Based User-Role Assignment , 1997, DBSec.

[130]  Alexander Schill,et al.  A Java-Based Distributed Platform for Multilateral Security , 1998, Trends in Distributed Systems for Electronic Commerce.