capacity an abstract model of control over personal data
play

Capacity : an Abstract Model of Control over Personal Data Daniel Le - PowerPoint PPT Presentation

Nov 27, 2023 •474 likes •888 views

Capacity : an Abstract Model of Control over Personal Data Daniel Le Mtayer and Pablo Rauzy planete.inrialpes.fr/people/lemetayer danielle-metayer @ inriafr pablo.rauzy.name pablorauzy @ univ-paris8fr 2019-03-18 @ CNRS, Paris

  1. Capacity : an Abstract Model of Control over Personal Data Daniel Le Métayer and Pablo Rauzy planete.inrialpes.fr/people/lemetayer daniel·le-metayer @ inria·fr pablo.rauzy.name pablo·rauzy @ univ-paris8·fr 2019-03-18 @ CNRS, Paris Journée du GT Méthodes Formelles pour la Sécurité 2019 OA version of the paper: hal-01638190 Pablo Rauzy (Paris 8) Capacity : an Abstract Model of Control over Personal Data GT MFS 2019 1 / 30

  2. Plan Pablo Rauzy (Paris 8) Capacity : an Abstract Model of Control over Personal Data GT MFS 2019 2 / 30 ▶ Control over personnal data ▶ Modeling control ▶ Characterizing control ▶ Evaluating concrete systems

  3. Control over Personal Data → We want a formal framework to specify the notion of control over personal data . Pablo Rauzy (Paris 8) Capacity : an Abstract Model of Control over Personal Data GT MFS 2019 3 / 30 ▶ The notion of privacy by control is predominant in the privacy literature. ▶ However, it lacks a formal definition. ▶ This makes it hard to check for compliance, to compare design options, etc.

  4. Control over Personal Data Control encapsulates the intuition underlying the notion of control over personal data. Pablo Rauzy (Paris 8) Capacity : an Abstract Model of Control over Personal Data GT MFS 2019 4 / 30 ▶ Formally capturing the notion of control is notoriously difficult. ▶ Control is about a potential rather than one particular realization. ▶ Existing control literature (e.g., access control and usage control ) does not really

  5. Control over Personal Data Three dimensions of control over personal data. → Based on this work, we built Capacity . * http://script-ed.org/?p=1927 Pablo Rauzy (Paris 8) Capacity : an Abstract Model of Control over Personal Data GT MFS 2019 5 / 30 ▶ In their 2015 paper*, Lazaro and Le Métayer identified three dimensions of control ▶ These three dimensions corresponds to the capacities for an individual: • to perform actions on their personal data, • to prevent others from performing actions on their personal data, and • to be informed of actions performed by others on their personal data.

  6. Modeling Control with Capacity → Running example for this: rudimentary photo sharing service. Pablo Rauzy (Paris 8) Capacity : an Abstract Model of Control over Personal Data GT MFS 2019 6 / 30 ▶ Capacity ’s goal is to model control over personal data in a very general way. ▶ Thus, guiding principles of its design are abstraction and minimality. ▶ Basically, agents can perform operations on resources in given contexts . ▶ Control is modeled by requirements expressing constraints on those operations.

  7. Modeling Control with Capacity Running example: Album Pablo Rauzy (Paris 8) Capacity : an Abstract Model of Control over Personal Data GT MFS 2019 7 / 30 ▶ This talk uses a simple photo sharing service, named Album , as an example. ▶ Album is a centralized service where: • users can upload, delete, and access photos in their album ; • users can connect to each other to become friends ; • users can see their friends photos ; • users can tag theirs and their friends photos with their name or the names of friends ; • users are notified when they are tagged in a photo by someone else.

  8. Modeling Control with Capacity ). GT MFS 2019 Capacity : an Abstract Model of Control over Personal Data Pablo Rauzy (Paris 8) – examples: location, time, relationship between agents, purpose, exposure. – contexts model any external factors relevant to an operation, – examples: connect , upload , tag , access , delete ; – operations model what can be performed on resources, Objects 8 / 30 – examples: usernames ( Pablo ), users’ album ( album Pablo ), and photos ( – resources model data, and typically personal data, – examples: Album (the service) and its users ( Daniel , Pablo , …) ; – agents model users and services, ▶ There are four types of atomic objects in Capacity : • Agents: – the set of agents is A , • Resources: – the set of resources is R , • Operations: – the set of operations is O , • Contexts: – the set of contexts is C ,

  9. Modeling Control with Capacity ). GT MFS 2019 Capacity : an Abstract Model of Control over Personal Data Pablo Rauzy (Paris 8) – examples: location, time, relationship between agents, purpose, exposure. – contexts model any external factors relevant to an operation, – examples: connect , upload , tag , access , delete ; – operations model what can be performed on resources, Objects 8 / 30 – examples: usernames ( Pablo ), users’ album ( album Pablo ), and photos ( – resources model data, and typically personal data, – examples: Album (the service) and its users ( Daniel , Pablo , …) ; – agents model users and services, ▶ There are four types of atomic objects in Capacity : • Agents: – the set of agents is A , • Resources: – the set of resources is R , • Operations: – the set of operations is O , • Contexts: – the set of contexts is C ,

  10. Modeling Control with Capacity ). GT MFS 2019 Capacity : an Abstract Model of Control over Personal Data Pablo Rauzy (Paris 8) – examples: location, time, relationship between agents, purpose, exposure. – contexts model any external factors relevant to an operation, – examples: connect , upload , tag , access , delete ; – operations model what can be performed on resources, Objects 8 / 30 – examples: usernames ( Pablo ), users’ album ( album Pablo ), and photos ( – resources model data, and typically personal data, – examples: Album (the service) and its users ( Daniel , Pablo , …) ; – agents model users and services, ▶ There are four types of atomic objects in Capacity : • Agents: – the set of agents is A , • Resources: – the set of resources is R , • Operations: – the set of operations is O , • Contexts: – the set of contexts is C ,

  11. Modeling Control with Capacity ). GT MFS 2019 Capacity : an Abstract Model of Control over Personal Data Pablo Rauzy (Paris 8) – examples: location, time, relationship between agents, purpose, exposure. – contexts model any external factors relevant to an operation, – examples: connect , upload , tag , access , delete ; – operations model what can be performed on resources, Objects 8 / 30 – examples: usernames ( Pablo ), users’ album ( album Pablo ), and photos ( – resources model data, and typically personal data, – examples: Album (the service) and its users ( Daniel , Pablo , …) ; – agents model users and services, ▶ There are four types of atomic objects in Capacity : • Agents: – the set of agents is A , • Resources: – the set of resources is R , • Operations: – the set of operations is O , • Contexts: – the set of contexts is C ,

  12. Modeling Control with Capacity ). GT MFS 2019 Capacity : an Abstract Model of Control over Personal Data Pablo Rauzy (Paris 8) – examples: location, time, relationship between agents, purpose, exposure. – contexts model any external factors relevant to an operation, – examples: connect , upload , tag , access , delete ; – operations model what can be performed on resources, Objects 8 / 30 – examples: usernames ( Pablo ), users’ album ( album Pablo ), and photos ( – resources model data, and typically personal data, – examples: Album (the service) and its users ( Daniel , Pablo , …) ; – agents model users and services, ▶ There are four types of atomic objects in Capacity : • Agents: – the set of agents is A , • Resources: – the set of resources is R , • Operations: – the set of operations is O , • Contexts: – the set of contexts is C ,

  13. Modeling Control with Capacity Actions , album Pablo ) , , Daniel ) . Pablo Rauzy (Paris 8) Capacity : an Abstract Model of Control over Personal Data GT MFS 2019 9 / 30 ▶ Actions model the application of an operation to a list of parameters in a context. • Action op c ( x 1 , . . . , x n ) is the application of operation op to x 1 , . . . , x n in context c . • Parameters x i can be resources or agents. ▶ Examples: • connect c ( Daniel ) , • upload c ( • tag c ( ▶ The set of actions is ∆ .

  14. Modeling Control with Capacity Relations GT MFS 2019 Capacity : an Abstract Model of Control over Personal Data Pablo Rauzy (Paris 8) 10 / 30 ▶ We define three relations on atomic objects: • Pers ( r , a ) expresses that resource r is a personal data of agent a , • In ( r , α ) expresses that resource r is involved in action α , • Trust ( a , b ) expresses that agent a trusts agent b . ▶ Examples: • Pers ( , Pablo ) , • In ( , Pablo ) ) , , tag c ( • Trust ( Pablo , Daniel ) .

  15. Modeling Control with Capacity Requirements GT MFS 2019 Capacity : an Abstract Model of Control over Personal Data Pablo Rauzy (Paris 8) 11 / 30 ▶ A requirement R is a relation Can R ⊆ A × ∆ × P ( A ) × P ( A ) . ▶ Intuitively, Can R ( a , α, E , W ) means that: • agent a can perform action α • only if this action is enabled by all agents in E • while all agents in W have to to be informed of it. ▶ Examples: • Can R ( Pablo , upload c ( , album Pablo ) , { Album } , { Album } ) , • Can R ( Daniel , upload c ( , album Pablo ) , {⊥} , {⊥} ) , • Can R ( Pablo , tag c ( , Daniel ) , { Daniel , Album } , { Daniel , Album } ) . ▶ This single relation can express the three capacities of control of personal data: • when x = a it expresses the capacity of x to perform action α , • when x ∈ E it expresses the capacity of x to prevent action α , • when x ∈ W it expresses the capacity of x to be informed of action α .

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Definition of Resilience the capacity to maintain personal control and robust attitudes in the

Definition of Resilience the capacity to maintain personal control and robust attitudes in the

Definition of Resilience the capacity to maintain personal control and robust attitudes in the face of challenging events and behaviours Derek Mowbray 2010, revised 2013 Resilience The ability to mitigate the effects of stress i.e

458 views • 8 slides
Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views • 47 slides
Personal Control of Your Data Butler Lampson August 8, 2013 Background What is new about

Personal Control of Your Data Butler Lampson August 8, 2013 Background What is new about

Personal Control of Your Data Butler Lampson August 8, 2013 Background What is new about online data? It is: Widespread in time and space Persistent, easy to copy, visible to anybody Accessible : easy to find (by search), connect

545 views • 22 slides
Use Old River Control Complex for Flood Control MRC PRESENTATION APRIL 7, 2017 1 ORCC:

Use Old River Control Complex for Flood Control MRC PRESENTATION APRIL 7, 2017 1 ORCC:

Use Old River Control Complex for Flood Control MRC PRESENTATION APRIL 7, 2017 1 ORCC: Capacity & Crest at Baton 2 Rouge Corps Model of 2016 MS 2016 MS River Flood River Flood 75% Capacity for a week / cut 100% Capacity for 3 weeks

261 views • 8 slides
GDPR what is it? A new data protection framework which puts individuals back in control of

GDPR what is it? A new data protection framework which puts individuals back in control of

GDPR what is it? A new data protection framework which puts individuals back in control of their personal data ICO 12 steps to GDPR compliance 7. Consent 1. Awareness 2. Document the personal data you hold 8. Children 3. Communicating

540 views • 28 slides
Abstract Data Types & Templates 1 Abstract Data Type 2 Data and Abstraction

Abstract Data Types & Templates 1 Abstract Data Type 2 Data and Abstraction

Abstract Data Types & Templates 1 Abstract Data Type 2 Data and Abstraction Operations on data are central to most solutions Think abstractly about data and its management Typically need to Organize data Add data Remove

756 views • 30 slides
Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful

Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful

Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful Reading: Sections 1.1-1.5, 2.1 Data-flow analysis (DFA) A framework for statically proving facts about program data. Focuses on simple, finite

1.04k views • 54 slides
The importance of personal data protection Personal data are accessed and processed exponentially

The importance of personal data protection Personal data are accessed and processed exponentially

The importance of personal data protection Personal data are accessed and processed exponentially Abuse of personal data exploded Risk of data theft, piracy New Cambridge Analytica scandal almost every week Need to

293 views • 14 slides
Optimal Healing Environments A Key Component of Your Personal Resiliency Plan Personal Healing

Optimal Healing Environments A Key Component of Your Personal Resiliency Plan Personal Healing

Optimal Healing Environments A Key Component of Your Personal Resiliency Plan Personal Healing Capacity Everyone has an inherent healing capacity You can increase your bodys ability to heal by making small changes in your daily life

801 views • 45 slides
(Draft) Personal Data Protection Bill 2018: Rights and entitlements Beni Chugh Research

(Draft) Personal Data Protection Bill 2018: Rights and entitlements Beni Chugh Research

(Draft) Personal Data Protection Bill 2018: Rights and entitlements Beni Chugh Research Associate, Dvara Research CUTS, Capacity Building Workshop on Raising Consumers Awareness Level On Data Protection And Privacy And Impact Of Personal

563 views • 30 slides
Increasing Large-Scale Data Center Capacity by Statistical Power Control Guosai Wang, Shuhao

Increasing Large-Scale Data Center Capacity by Statistical Power Control Guosai Wang, Shuhao

Increasing Large-Scale Data Center Capacity by Statistical Power Control Guosai Wang, Shuhao Wang, Bing Luo, Weisong Shi, Yinghang Zhu, Wenjun Yang, Dianming Hu, Longbo Huang, Xin Jin, Wei Xu Data Centers Expensive to build and operate

900 views • 74 slides
Ontology Domain (world) = a network of states S4 S3 S6 S2 S1 S 7

Ontology Domain (world) = a network of states S4 S3 S6 S2 S1 S 7

Control In Data In Data Out Functional Core Meta data Out Meta data In Control Out Contextor: a Computational Model for Contextual Information Jolle Coutaz, Gatan Rey CLIPS-IMAG, Universit Joseph Fourier, Grenoble, France James L.

508 views • 17 slides
Abstract Data Types (ADTs) The Specification Language" for Data Structures. An ADT Inf

Abstract Data Types (ADTs) The Specification Language" for Data Structures. An ADT Inf

Abstract Data Types (ADTs) The Specification Language" for Data Structures. An ADT Inf 2B: Sequential Data Structures consists of: I a mathematical model of the data; Lecture 3 of ADS thread I methods for accessing and modifying the

95 views • 6 slides
Abstract Data Types (ADT) and C++ Classes 1-15-2013 Abstract Data Types (ADT) & UML

Abstract Data Types (ADT) and C++ Classes 1-15-2013 Abstract Data Types (ADT) & UML

Abstract Data Types (ADT) and C++ Classes 1-15-2013 Abstract Data Types (ADT) & UML C++ Class definition & implementation constructors, accessors & modifiers overloading operators friend functions HW#1 posted

534 views • 36 slides
APDM 6.0 ArcGIS Pipeline Data Model Peter Veenstra APDM Standing Committee Abstract The

APDM 6.0 ArcGIS Pipeline Data Model Peter Veenstra APDM Standing Committee Abstract The

APDM 6.0 ArcGIS Pipeline Data Model Peter Veenstra APDM Standing Committee Abstract The purpose of this workshop is to review the final release of the ArcGIS Pipeline Data Model (APDM) version 6.0. Changes include;

725 views • 40 slides
Constraints in Abstract Model Checking Direct implementation of an abstract interpretation John

Constraints in Abstract Model Checking Direct implementation of an abstract interpretation John

Constraints in Abstract Model Checking Direct implementation of an abstract interpretation John Gallagher 12 1 Roskilde University 2 IMDEA Software Institute, Madrid CP meets CAV Turun, Turkey John Gallagher Constraints in Abstract Model

375 views • 16 slides
Leman Akoglu Stony Brook University http://www.cs.stonybrook.edu/~cse590

Leman Akoglu Stony Brook University http://www.cs.stonybrook.edu/~cse590

Leman Akoglu Stony Brook University http://www.cs.stonybrook.edu/~cse590 Users write product reviews on many online sites: Yelp, Amazon, TripAdvisor Data of the form: <userID, productID, review-text,

788 views • 17 slides
Hot State Tax Audit Topics TEI Houston Tax School - State and Local Tax Workshop Jeffrey S. Reed

Hot State Tax Audit Topics TEI Houston Tax School - State and Local Tax Workshop Jeffrey S. Reed

Hot State Tax Audit Topics TEI Houston Tax School - State and Local Tax Workshop Jeffrey S. Reed February 3, 2014 [(212) 506-2104 jr eed@mayerbrown.com Mayer Brown is a global legal services provider comprising legal practices that are separate

583 views • 46 slides
Computer Assisted Proofs Colin R IBA LIP ENS Lyon Course 05 10th Oct. 2014 1 / 18

Computer Assisted Proofs Colin R IBA LIP ENS Lyon Course 05 10th Oct. 2014 1 / 18

Computer Assisted Proofs Colin R IBA LIP ENS Lyon Course 05 10th Oct. 2014 1 / 18 Curry-Howard Correspondence Curry-Howard Correspondence Intuitionistic Predicate Logic 2 / 18 Curry-Howard Correspondence Proof Terms and Translation of

773 views • 44 slides
Advisory Panel on Clinical Trials Winter 2015 Meeting Alexandria, VA January 15, 2015 9:30

Advisory Panel on Clinical Trials Winter 2015 Meeting Alexandria, VA January 15, 2015 9:30

Advisory Panel on Clinical Trials Winter 2015 Meeting Alexandria, VA January 15, 2015 9:30 a.m. to 5:00 p.m. EST 1 Welcome and Plans for the Day Bryan Luce, PhD, MBA, Chief Science Officer, PCORI Elizabeth A. Stuart, PhD, AM (Chair),

694 views • 45 slides
Non-Political Security Learnings from the Mueller Report Arkadiy Tetelman (@arkadiyt) Agenda

Non-Political Security Learnings from the Mueller Report Arkadiy Tetelman (@arkadiyt) Agenda

Non-Political Security Learnings from the Mueller Report Arkadiy Tetelman (@arkadiyt) Agenda Background Blue Team Learnings Questions About Me Arkadiy Tetelman (@arkadiyt) Head of Security at Lob Previously

565 views • 37 slides
Amateur: Augmented Reality Based Vehicle Navigation System Chu Cao 1 , Zhenjiang Li 2 , Pengfei

Amateur: Augmented Reality Based Vehicle Navigation System Chu Cao 1 , Zhenjiang Li 2 , Pengfei

Amateur: Augmented Reality Based Vehicle Navigation System Chu Cao 1 , Zhenjiang Li 2 , Pengfei Zhou 1 , Mo Li 1 Nanyang Technological University 1 , Singapore City University of Hong Kong 2 , Hong Kong, China 12 September 2019 UbiComp19,

858 views • 43 slides
Hyperbolicity singularities in rarefaction waves Alexei Mailybaev Dan Marchesin Moscow State

Hyperbolicity singularities in rarefaction waves Alexei Mailybaev Dan Marchesin Moscow State

Hyperbolicity singularities in rarefaction waves Alexei Mailybaev Dan Marchesin Moscow State University, Russia IMPA, Brazil Outline Structure of rarefaction waves near elliptic boundary regular points of elliptic boundary

296 views • 16 slides
Make a zine, Make a difference Workshop Funded by: A partnership of: Workshop overview

Make a zine, Make a difference Workshop Funded by: A partnership of: Workshop overview

Make a zine, Make a difference Workshop Funded by: A partnership of: Workshop overview Introduction to the RARA project, its goals and the team here today Group exercise discussing: Personal tutoring Attainment Your views/experiences The

310 views • 20 slides

More recommend