Privacy Policies with Modal Logic: The Dynamic Turn

Boella, Guido; Torre, Leendert van der

doi:10.1007/978-3-642-14183-6_15

Cited by 12 publications

(11 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Approaches, such as those proposed in [118,119,120], enable distributed authorisation and delegation, which are also essential given the open, dynamic and distributed nature of AmI environments. The modal-logics-based approaches of [22,121,122] enable a form of centralised control by verifying distributed privacy policies with respect to a set of norms applied to the overall system. Combining all these different aspects in a single logic-based privacy framework will lead to a general-purpose framework for Ambient Intelligence and AAL.…”

Section: Discussionmentioning

confidence: 99%

“…Aucher et al [22,121] study how to formally specify and reason about privacy policies in terms of permitted and forbidden knowledge by using epistemic logic and deontic logic, branches of modal logic.…”

Section: General-purpose Solutionsmentioning

confidence: 99%

“…For example, the privacy policy not Permitting an agent a to Know at the same time both pieces of information p and q may be expressed as follows: ¬P K a (p ∧ q). The logic of [121] then adds dynamics to this statement, by using the [send φ] operator, which reads as "information φ is sent to the agent". This addition allows the inference of the formula K a p → ¬P [send q], read as: "if agent a Knows p, then sending q to agent a is not Permitted".…”

Section: General-purpose Solutionsmentioning

confidence: 99%

See 2 more Smart Citations

Privacy challenges in Ambient Intelligence systems

Caire

Moawad

Efthymiou

et al. 2016

AIS

View full text Add to dashboard Cite

Abstract. Today, privacy is a key concept. It is also one which is rapidly evolving with technological advances, and there is no consensus on a single definition for it. In fact, the concept of privacy has been defined in many different ways, ranging from the "right to be left alone" to being a "commodity" that can be bought and sold. In the same time, powerful Ambient Intelligence (AmI) systems are being developed, that deploy context-aware, personalised, adaptive and anticipatory services. In such systems personal data is vastly collected, stored, and distributed, making privacy preservation a critical issue. The humancentred focus of AmI systems has prompted the introduction of new kinds of technologies, e.g. Privacy Enhancing Technologies (PET), and methodologies, e.g. Privacy by Design (PbD), whereby privacy concerns are included in the design of the system. One particular application field, where privacy preservation is of critical importance is Ambient Assisted Living (AAL). Emerging from the continuous increase of the ageing population, AAL focuses on intelligent systems of assistance for a better, healthier and safer life in their living environment. In this paper, we first build on our previous work, in which we introduced a new tripartite categorisation of privacy as a right, an enabler, and a commodity. Second, we highlight the specific privacy issues raised in AAL. Third, we review and discuss current approaches for privacy preservation. Finally, drawing on lessons learned from AAL, we provide insights on the challenges and opportunities that lie ahead. Part of our methodology is a statistical analysis performed on the IEEE publications database. We illustrate our work with AAL scenarios elaborated in cooperation with the city of Luxembourg.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: General-purpose Solutionsmentioning

confidence: 99%

Section: General-purpose Solutionsmentioning

confidence: 99%

See 1 more Smart Citation

Privacy challenges in Ambient Intelligence systems

Caire

Moawad

Efthymiou

et al. 2016

AIS

View full text Add to dashboard Cite

show abstract

“…Barth et al encoded regulations as messages passed between actors using norms (e.g., permitted and prohibited actions), which is similar to Aucher et al [3]. May encoded privacy regulations in Promela and used the Spin model checker to identify potential conflicts [18].…”

Section: Related Workmentioning

confidence: 99%

Formal analysis of privacy requirements specifications for multi-tier applications

Breaux

Rao

2013

2013 21st IEEE International Requirements Engineering Conference (RE)

View full text Add to dashboard Cite

Companies require data from multiple sources to develop new information systems, such as social networking, e-commerce, and location-based services. Systems rely on complex, multi-stakeholder data supply-chains to deliver value. These data supply-chains have complex privacy requirements: Privacy policies affecting multiple stakeholders (e.g., user, developer, company, government) regulate the collection, use, and sharing of data over multiple jurisdictions (e.g. California, United States, Europe). Increasingly, regulators expect companies to ensure consistency between company privacy policies and company data practices. To address this problem, we propose a methodology to map policy requirements in natural language to a formal representation in Description Logic. Using the formal representation, we reason about conflicting requirements within a single policy and among multiple policies in a data supply chain. Further, we enable tracing data flows within the supply-chain. We derive our methodology from an exploratory case study of the Facebook platform policy. We demonstrate the feasibility of our approach in an evaluation involving Facebook, Zynga and AOL-Advertising policies. Our results identify three conflicts that exist between Facebook and Zynga policies, and one conflict within the AOL Advertising policy.

show abstract

“…In the area of knowledge-based policy verification, Aucher et al [11] define privacy policies in terms of permitted or forbidden knowledge. The dynamic part of their logic deals with sending or broadcasting data.…”

Section: Related Workmentioning

confidence: 99%

Model Checking Agent Knowledge in Dynamic Access Control Policies

Koleini

Ritter

Ryan

2013

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

Abstract. In this paper, we develop a modeling technique based on interpreted systems in order to verify temporal-epistemic properties over access control policies. This approach enables us to detect information flow vulnerabilities in dynamic policies by verifying the knowledge of the agents gained by both reading and reasoning about system information. To overcome the practical limitations of state explosion in model-checking temporal-epistemic properties, we introduce a novel abstraction and refinement technique for temporal-epistemic safety properties in ACTLK (ACTL with knowledge modality K) and a class of interesting properties that does fall in this category.

show abstract

Privacy Policies with Modal Logic: The Dynamic Turn

Cited by 12 publications

References 22 publications

Privacy challenges in Ambient Intelligence systems

Privacy challenges in Ambient Intelligence systems

Formal analysis of privacy requirements specifications for multi-tier applications

Model Checking Agent Knowledge in Dynamic Access Control Policies

Contact Info

Product

Resources

About