Multilateral Privacy Requirements Analysis in Online Social - PowerPoint PPT Presentation

Multilateral Privacy Requirements Analysis in Online Social Networks Seda Gürses COSIC, K.U. Leuven 18. February, 2011 CRID University of Namur, Belgium 1

x close this advertisement security and priv acy in online social networks K.U. Leuven (COSIC, DistriNet, ICRI, HMDB), SPION Vrije Universiteit Brussel (SMIT), University of Ghent (Onderwijskunde), Carnegie Melon University (Heinz College) responsibilization accountability 2 2

x close this advertisement security and priv acy in online social networks trust, reputation and access control SPION identity management legal frameworks anonymous communication feedback and awareness systems behavioral aspects http://www.cosic.esat.kuleuven.be/spion 3 3

outline - introduction to privacy requirements - stakeholder analysis: service provider - SNS access control design - feedback and awareness systems 4 4

privacy? - what is privacy? - what are privacy requirements? - in security engineering: confidentiality 5 5

online social networks (SNS) 6 6

online social networks 7 7

1m Facebook created 2004 8 8

5m 1m the entire Internet all facebook users friends of friends friends Facebook in Highschools Facebook 2004 2005 9 9

12m 5m 1m Facebook available to the PUBLIC (pg13) Highschools Facebook 2006 2004 2005 10 10

12m 5m 1m xss attacks Facebook available to the PUBLIC (pg13) Highschools Facebook 2006 2004 2005 11 11

12m 5m 1m newsfeed xss attacks Facebook available to the PUBLIC (pg13) Highschools Facebook 2006 2004 2005 12 12

12m 5m 1m newsfeed protests xss attacks Facebook available to the 740.000 PUBLIC (pg13) Highschools Facebook 2006 2004 2005 13 13

50m 12m 5m 1m Facebook API protests 740.000 newsfeed xss attacks Highschools Facebook PUBLIC 2007 2004 2005 2006 14 14

50m 12m 5m 1m Facebook API Mobile protests 740.000 newsfeed xss attacks Highschools Facebook PUBLIC 2007 2004 2005 2006 15 15

50m 12m 5m 1m Facebook API Mobile BEACON protests 740.000 newsfeed xss attacks Highschools Facebook PUBLIC 2007 2004 2005 2006 16 16

50m 12m 5m 1m protests 50.000 in Facebook API 3 days Mobile BEACON protests 740.000 newsfeed xss attacks Highschools Facebook PUBLIC 2007 2004 2005 2006 17 17

50m 12m 5m 1m protests bans 50.000 in Facebook API 3 days Mobile BEACON protests 740.000 newsfeed xss attacks Highschools Facebook PUBLIC 2007 2004 2005 2006 18 18

50m 12m 5m 1m protests bans 50.000 in Facebook API 3 days breastfeeding Mobile BEACON protests 740.000 newsfeed xss attacks Highschools Facebook PUBLIC 2007 2004 2005 2006 19 19

50m 12m 5m 1m memorilization protests bans 50.000 in Facebook API 3 days breastfeeding Mobile BEACON protests 740.000 newsfeed xss attacks Highschools Facebook PUBLIC 2007 2004 2005 2006 20 20

100m 50m 12m 5m 1m Canadian Privacy Commissioner bans protests protests 50.000 in 3 days BEACON 740.000 newsfeed Mobile xss attacks Facebook API Highschools Facebook PUBLIC 2008 2004 2005 2006 2007 21 21

100m 50m 12m 5m 1m LIVE FEED Canadian Privacy popularity Commissioner algorithm bans protests protests 50.000 in 3 days BEACON 740.000 newsfeed Mobile xss attacks Facebook API Highschools Facebook PUBLIC 2008 2004 2005 2006 2007 22 22

100m 50m 12m 5m 1m LIVE FEED Canadian Privacy popularity Commissioner algorithm protests 1.600.000 bans protests protests 50.000 in 3 days BEACON 740.000 newsfeed Mobile xss attacks Facebook API Highschools Facebook PUBLIC 2008 2004 2005 2006 2007 23 23

100m 350m 50m 12m 5m 1m cyberbullying unlimited license to user content bans protests Canadian Privacy Commissioner protests 50.000 in 3 days BEACON 740.000 newsfeed protests Mobile xss attacks Facebook API 1.600.000 Highschools LIVE FEED Facebook PUBLIC 2009 2004 2005 2006 2007 2008 24 24

100m 350m 50m 12m 5m 1m cyberbullying unlimited license to user content protests bans protests Canadian Privacy Commissioner protests 50.000 in 3 days BEACON 740.000 newsfeed protests Mobile xss attacks Facebook API 1.600.000 Highschools LIVE FEED Facebook PUBLIC 2009 2004 2005 2006 2007 2008 25 25

100m 350m 50m 12m 5m 1m cyberbullying unlimited license to user content protests user voting bans protests Canadian Privacy Commissioner protests 50.000 in 3 days BEACON 740.000 newsfeed protests Mobile xss attacks Facebook API 1.600.000 Highschools LIVE FEED Facebook PUBLIC 2009 2004 2005 2006 2007 2008 26 26

100m 350m 50m 12m 5m 1m cyberbullying friends unlimited license lists to user content protests user voting bans protests Canadian Privacy Commissioner protests 50.000 in 3 days BEACON 740.000 newsfeed protests Mobile xss attacks Facebook API 1.600.000 Highschools LIVE FEED Facebook PUBLIC 2009 2004 2005 2006 2007 2008 27 27

100m 350m 50m 12m 5m 1m cyberbullying friends unlimited license lists to user content protests Canadian user voting Privacy Commissioner bans protests Canadian Privacy Commissioner protests 50.000 in 3 days BEACON 740.000 newsfeed protests Mobile xss attacks Facebook API 1.600.000 Highschools LIVE FEED Facebook PUBLIC 2009 2004 2005 2006 2007 2008 28 28

100m 350m 50m 12m 5m 1m cyberbullying friends unlimited license lists to user content protests Canadian user voting Privacy Commissioner bans protests Canadian Privacy Commissioner protests 50.000 in 3 days BEACON 740.000 newsfeed protests Mobile xss attacks Facebook API 1.600.000 Highschools LIVE FEED Facebook PUBLIC 2009 2004 2005 2006 2007 2008 29 29

100m 350m 400m 50m 12m 5m 1m facebook google cyberbullying bans protests protests Canadian Privacy Commissioner protests user 50.000 in 3 days BEACON friends lists 740.000 voting newsfeed protests Mobile unlimited xss attacks Facebook API 1.600.000 license to Highschools LIVE FEED Facebook PUBLIC user content 2010 2004 2005 2006 2007 2008 2009 30 30

100m 350m 400m 50m 12m 5m 1m facebook google CONNECTIONS cyberbullying bans protests protests Canadian Privacy Commissioner protests user 50.000 in 3 days BEACON friends lists 740.000 voting newsfeed protests Mobile unlimited xss attacks Facebook API 1.600.000 license to Highschools LIVE FEED Facebook PUBLIC user content 2010 2004 2005 2006 2007 2008 2009 31 31

100m 400m 50m 12m 5m 1m facebook chat leak google CONNECTIONS cyberbullying bans protests protests Canadian Privacy Commissioner protests user 50.000 in 3 days BEACON friends lists 740.000 voting newsfeed protests Mobile unlimited xss attacks Facebook API 1.600.000 license to Highschools LIVE FEED Facebook PUBLIC user content 2010 2004 2005 2006 2007 2008 2009 32 32

100m 400m 50m 12m 5m 1m FACECLOAK SCRAMBLE NOYB cyberbullying bans protests protests Canadian Privacy Commissioner protests user 50.000 in 3 days BEACON friends lists 740.000 voting newsfeed chat protests Mobile facebook unlimited leak google xss attacks Facebook API 1.600.000 CONNECTIONS license to Highschools LIVE FEED Facebook PUBLIC user content 2010 2004 2005 2006 2007 2008 2009 33 33

100m 400m 50m 12m 5m 1m cyberbullying bans protests protests Canadian Privacy Commissioner protests FACECLOAK user 50.000 in 3 days NOYB BEACON friends lists 740.000 SCRAMBLE voting newsfeed chat protests Mobile facebook unlimited leak google xss attacks Facebook API 1.600.000 CONNECTIONS license to Highschools LIVE FEED Facebook PUBLIC user content 2010 2004 2005 2006 2007 2008 2009 34 34

100m 400m 50m 12m 5m 1m cyberbullying bans protests protests Canadian Privacy Commissioner protests FACECLOAK user 50.000 in 3 days NOYB BEACON friends lists 740.000 SCRAMBLE voting newsfeed chat protests Mobile facebook unlimited leak google xss attacks Facebook API 1.600.000 CONNECTIONS license to Highschools LIVE FEED Facebook PUBLIC user content 2010 2004 2005 2006 2007 2008 2009 35 35

100m 500m 50m 12m 5m 1m Homeland Discriminatory Security Behavioral Profiling friends NHS Aliens reveals data to User IDs Facebook revealed to Third Parties cyberbullying bans protests protests Canadian Privacy Commissioner protests FACECLOAK user 50.000 in 3 days NOYB BEACON friends lists 740.000 SCRAMBLE voting newsfeed chat protests Mobile facebook unlimited leak google xss attacks Facebook API 1.600.000 CONNECTIONS license to Highschools LIVE FEED Facebook PUBLIC user content 2010 2004 2005 2006 2007 2008 2009 36 36

- all of these are (somehow) about privacy and the design of the system - how do we deal with these issues when developing systems? - specifically: during requirements engineering 37 37

multilateral privacy requirements engineering - reconcile: - privacy notions (legal & surveillance studies) - privacy solutions (computer science) - in a social context (online SNS) - multilaterally - during requirements engineering 38 38

Multilateral Privacy Requirements Analysis in Online Social - PowerPoint PPT Presentation

Multilateral Privacy Requirements Analysis in Online Social Networks Seda Grses COSIC, K.U. Leuven 18. February, 2011 CRID University of Namur, Belgium 1 x close this advertisement security and priv acy in online social networks K.U.

Opinions on the multilateral framework for trade and investment in agriculture: Analysis of an

Privacy in Online Transactions 515030910619 Introduction Online shopping is an

and Privacy in Online Social Networks Ralph Gross Alessandro Acquisti Presenter: Chris Kelley

Engineering Privacy By Design Seda Grses COSIC, ESAT K.U. Leuven Belgium 1 Outline -

Tutorial: Online Shopping Based on Chapter 10 of Maciaszek, L.A. (2007): Requirements Analysis and

Examples of Multilateral Cooperation Mechanisms Using Databases Vicente Paolo Yu III Meeting of

APIs and Mobile and Online Privacy Scene-setting, Regulations and Controversies W3C Device API

ONLINE PRIVACY Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Some of the

Student Privacy Protection in Online Classrooms Semester Project - SPRING Lab Supervised by

Building Blocks for Privacy- Preserving Decentralized Online Social Networks iSocial Summer

Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Multilateral Bargaining November 20, 2012 Multilateral Bargaining A group of individuals

Requirements Analysis Overview What is requirement ? Classification of requirements

CS 5150 So(ware Engineering 6. Requirements Analysis William Y. Arms Requirements Requirements

Understanding users' requirements with respect to privacy: A

Requirements Analysis Modeling Requirements analysis modeling helps transition from elicitation

Finding Clients via Twitter We Listen. We Create. We Continue. RichBrown Quick by Design Head

11-830 Computational Ethics for NLP Lecture 13: Fake News and Influencing Elections Fake News

DeTail Reducing the Tail of Flow Completion Times in Datacenter Networks David Zats, Tathagata

Crawling Structured Data Crawling, session 10 CS6200: Information Retrieval Slides by: Jesse

Content Editors Training Course 2 In this session we will introduce Content Editors to the new

Project, News I 24 people per group. List of students looking for project partners on the

Course Organization Sofuware Architecture KU (706.707) Sran Dombi 2020-10-07 Institute

Correlation Clustering Bounding and Comparing Methods Beyond ILP Micha Elsner and Warren Schudy