Concordia University - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

Concordia University

Description:

4. Conflict Resolution. 5. Implementation. 6. Conclusion. Privacy Introduction ... Conflict Inspection and Resolution. 4. Snowflake Metadata Schema. Snowflake ... – PowerPoint PPT presentation

Number of Views:1329
Avg rating:3.0/5.0
Slides: 24
Provided by: usersEncs
Category:

less

Transcript and Presenter's Notes

Title: Concordia University


1
A Hierarchical Approach to the Specification of
Privacy Preferences
  • Concordia University

2
Outline
  • 1. Introduction and Theoretical Background
  • 2. Hierarchies in Preferences
  • 3. Specifying Preferences with Hierarchies
  • 4. Conflict Resolution
  • 5. Implementation
  • 6. Conclusion

3
Privacy Introduction
How to protect privacy?
4
Theoretic Background
  • 1. Hippocratic Databases
  • Privacy Metadata (Policy and Preference)
  • Compliance Auditing
  • K-anonymity
  • .etc
  • 2. P3P and APPEL
  • Policy and Preference in standard
  • Defined for web interface to collect data
  • XML machine readable preference
  • Preference expressed with APPEL rules

5
Related Work
  • 1. Minimal Disclosure in Hierarchical
    Hippocratic Databases with Delegation
  • Framework for preference negotiation
  • 2. Determining User Privacy Preferences by
    Asking the Right Questions An Automated
    Approach
  • Ask users for their privacy preferences
  • 3. A Security Policy Model for Clinical
    Information Systems
  • Traditional confidentiality and intergrity
    model

6
Architecture
(Privacy-Policy and Privacy-Authorization)
Use Private Data based on Authorizations
7
HDB Privacy Metadata (Preference)
  • Three dimensions existing in this table
  • Private Data (Columns Table and Attribute)
  • Purpose
  • Data Recipients (Authorized-User)

8
Hierarchies in each Dimension
  • Private Data Data Recipients
    Purpose

9
Disclosure Inheritance with Hierarchies
  • 1. Represent the hierarchies by Posets in each
    dimension
  • (D, D), (R, R), (P, P)
  • 2. Compare the nodes with different semantics
  • Private Data Sensitivity
  • Data Recipients Position Ranking
    (Privilege)
  • Purpose Purpose and Sub-purpose Relation
  • 3. Provide nodes for disclosure

10
Disclosure Inheritance (Contd)
  • 4. Compute the nodes to be disclosed in all three
    dimensions in terms of semantics
  • 5. Privacy Preference Poset
  • ltM, gt where MD?R?P, and is the
  • composition of the three relations D,
    R
  • and P.

11
Options for Specifying Preferences
Option 1 Explicitly specify what to disclose
and what to be kept private.
D X or D M-X
ltM, gt Privacy preference poset
X To be disclosed or kept private
12
Options (Contd)
Option 2 Partially utilize disclosure
inheritance Specify a range to be disclosed,
and exceptions.
D d?x?X, ?y?Y, y d x - Z. ltM, gt
Privacy preference poset X, Y Upper bounds and
lower bounds Z To be kept private
13
Options (Contd)
  • Option 3 Fully utilize disclosure
    inheritance Specify ranges for disclosing and
    keeping private.
  • D d?x?X, ?y?Y, y d x - p?w?W, ?z?Z, w
    p z.

ltM, gt Privacy preference poset X, Y Upper
bounds and lower bounds for disclosure Z, W
Upper bounds and lower bounds for keeping private
14
Conflict Resolution
  • Why we need conflict resolution?
  • 1. Disclosure set storage in database
  • Exist overlap and conflict in different
    sets
  • 2. Preference specified over time
  • For the same patient

Meta-policies defined to resolve conflicts
15
Latest Take Precedence
  • Overriding the existing preferences with the new
    preference
  • Option 1 D1 D0 ? X (if X is to be disclosed)
    or D1 D0 -X (if X is to be kept private).
  • Option 2 D1 D0 ? d?x?X, ?y?Y, y d x -
    Z.
  • Option 3 D1 D0 ? d?x?X, ?y?Y, y d x -
    p? w?W,? z?Z, w p z.

16
Disclosure Take Precedence
  • Any conflict caused by the negative part will be
    ignored.
  • Option 1 D1 D0 ? X (if X is to be disclosed)
    or D1 D0 (if X is to be kept private).
  • Option 2 D1 D0 ? (d?x?X, ?y?Y, y d x
    - Z)
  • Option 3 D1 D0 ? (d?x?X, ?y?Y, y d x
    - p?w?W, ?z?Z, w p z).

17
Private Take Precedence
  • A user can disallow a disclosure even if it has
    previously been consented upon.
  • Option 1, 2, 3 the same as Latest Take
    Precedence meta-policy in our implementation

Because we store preferences as the form of
disclosure sets
If we store preference with disclosed and private
sets separately, we can simply compute the final
disclosure set as ?Di-?Xi.
18
Implementation
  • 1. Web Interface for Preferences
  • (APPEL integrated)
  • 2. Generate Disclosure Set
  • 3. Conflict Inspection and Resolution
  • 4. Snowflake Metadata Schema

19
Snowflake Metadata Schema
20
Snowflake Metadata (Contd)
21
Implementation Architecture
22
Conclusion
  • Observed hierarchies naturally exist
  • Proposed disclosure inheritance semantics
  • Described several options to specify
  • preferences with hierarchies
  • 4. Resolved potential conflicts
  • 5. Implemented

23
  • Thank you!
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Concordia University" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!