Gerardo Schneider Dept. of Computer Science and Engineering - - PowerPoint PPT Presentation
Gerardo Schneider Dept. of Computer Science and Engineering Chalmers | Univ. of Gothenburg gerardo@cse.gu.se http://www.cse.chalmers.se/~gersch/ Contracts and Computation Workshop Gteborg, 2 Nov 2017 Consent to give us access to your
gerardo@cse.gu.se http://www.cse.chalmers.se/~gersch/
Göteborg, 2 Nov 2017
Gerardo Schneider 2
“Consent to give us access to your contacts” App: Give me your contact list! Tel: Sure! Here it is!
Why we do so? We don’t read the ToS “All or nothing”: Accept it or don’t install it
Gerardo Schneider 3
Conformance Monitoring and Enforcement
Gerardo Schneider 4
5 AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
Contract Analyzer
PPol FPPol Monitor Generator NL Privacy Policy Analyzer
Privacy Policy Analyzer
FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
ToS
6 ToS AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
PPol FPPol Monitor Generator NL Privacy Policy Analyzer
Privacy Policy Analyzer
FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
Contract Analyzer
7 AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
Contract Analyzer
PPol FPPol Monitor Generator NL Privacy Policy Analyzer FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
ToS
8 AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
Contract Analyzer
PPol FPPol Monitor Generator NL Privacy Policy Analyzer FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
Privacy Policy Analyzer
ToS
9 AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
Contract Analyzer
PPol FPPol Monitor Generator NL Privacy Policy Analyzer FPPol System MPPol AFToS
Privacy Policy Analyzer
ToS
10 AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
Contract Analyzer
PPol FPPol Monitor Generator NL Privacy Policy Analyzer
Privacy Policy Analyzer
FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
ToS
11 AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
PPol FPPol Monitor Generator NL Privacy Policy Analyzer
Privacy Policy Analyzer
FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
ToS
(1) (2) (3)
Counter() example) Analyzer) NL)to) CNL) CNL)to) FL) Contract) Analyzer) Monitor) Gener.) Run;me) Viola;on) Analyzer) Sta;c) Viola;on) Analyzer)
Run/me' Sta/c'
NLCon& CNLCon& eCon& Prop& Lib& AeCon& CEx& Log& Mon& Sys& QL&
Gerardo Schneider
Normative texts: specifications, requirements, legal contracts, regulations, directives, work descriptions, …
12
Gerardo Schneider 13
(1) (2) (3)
Counter() example) Analyzer) NL)to) CNL) CNL)to) FL) Contract) Analyzer) Monitor) Gener.) Run;me) Viola;on) Analyzer) Sta;c) Viola;on) Analyzer)
Run/me' Sta/c'
NLCon& CNLCon& eCon& Prop& Lib& AeCon& CEx& Log& Mon& Sys& QL&
Gerardo Schneider 14
A (simple) CNL to translate into CL
CL: A formal language for contracts CLAN: A conflict analyzer
Simple monitor extraction algorithm
* Cristian Prisacariu et al
(1) (2) (3)
Counter() example) Analyzer) NL)to) CNL) CNL)to) FL) Contract) Analyzer) Monitor) Gener.) Run;me) Viola;on) Analyzer) Sta;c) Viola;on) Analyzer)
Run/me' Sta/c'
NLCon& CNLCon& eCon& Prop& Lib& AeCon& CEx& Log& Mon& Sys& QL&
Gerardo Schneider 15
Gerardo Schneider 16
* John J. Camilleri et al (since 2014…) * Enrique Martínez et al (2012-2013) * Proof-of-concept prototype: http://remu.grammaticalframework.org/contracts/verifier/
Gerardo Schneider 17
18 AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
Contract Analyzer
PPol FPPol Monitor Generator NL Privacy Policy Analyzer
Privacy Policy Analyzer
FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
ToS
Gerardo Schneider 19
Gerardo Schneider 20
* Raúl Pardo et al
PPL • Privacy Policy Language KBL • Knowledge-Based Logic EKB • Knowledge Base
PPF: Privacy Policy Framework For Social Networks
”Evolving” policies:
Interpreted over Social Graphs
Gerardo Schneider 21
22 ToS AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
Contract Analyzer
PPol FPPol Monitor Generator NL Privacy Policy Analyzer
Privacy Policy Analyzer
FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
Gerardo Schneider 23
Gerardo Schneider 24
25 ToS AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
Contract Analyzer
PPol FPPol Monitor Generator NL Privacy Policy Analyzer
Privacy Policy Analyzer
FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
NLP Enforcement Abstraction level of the formal lang. and the CNL Scalability…
“Operationalization” Semantic Analysis
Gerardo Schneider
Gerardo Schneider
Projects? Phd Students? Postdocs? ENGINEERS!?
28 ToS AFToS Conformance Checker OK Not OK Applica1on Installer Agree FToS Par0ally Verified FToS Contract Verifier Contract Annotator NL Contract Analyzer QL Prop OK Not OK
Contract Analyzer
PPol FPPol Monitor Generator NL Privacy Policy Analyzer
Privacy Policy Analyzer
FPPol System MPPol AFToS
Runtj tjme me C Che hecking cking
Gerardo Schneider 29