outline Institute for Software Research motivation A Software - - PDF document

▶

Jan 21, 2023 217 likes •262 views

Institute for Software Research outline Institute for Software Research motivation A Software Product Line Approach software product line for Handling Privacy Constraints our privacy-enabling user modeling architecture in Web

SLIDE 1

1

Institute for Software Research

UM05 Workshop on Privacy-Enhanced Personalization Edinburgh, Scotland

A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

Yang Wang and Alfred Kobsa

University of California, Irvine, USA

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 2 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

utline

motivation software product line

ur privacy-enabling user modeling architecture

an example conclusion

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 3 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

motivation

web personalization benefits

both customers and vendors

privacy concerns counteract

the personalization benefits

how to dynamically balance

personalization and privacy?

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 4 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

aims and key characteristics

provide optimal personalization while respecting

privacy laws, regulations and users’ personal privacy preferences

leverage the flexibility of software product line to

address combinatorial complexity of privacy constraints

apply state-of-the-art industry practice for

managing software variants at run time

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 5 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

UniversalFriends.com

bridge physical

distances

foster universal

friendship

recommend

personalized list of likely friends

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 6 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

privacy concerns

complex combinations of:

users’ personal privacy preferences international privacy laws (even trans-border) privacy regulations

SLIDE 2

2

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 7 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

users’ privacy preferences

“only collect my information if I give explicit consent !” “do not store my true name !”

“do not track me !”

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 8 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

privacy laws

EU data protection directive Asia-Pacific Economic Cooperation (APEC)

privacy framework

Organisation for Economic Co-operation and

Development (OECD) privacy guidelines

ver 30 countries already have their own

privacy laws and more countries are coming

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 9 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

data protection laws – year 2003

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 10 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

privacy regulations

sector standards (e.g., in USA)

medical: HIPPA children: COPPA finance: Gramm-Leach-Bliley Act

self-regulation policies

TRUST e Network Advertising Initiative Chinese E-Commerce Trust Consortium

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 11 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

the research question

how can personalized web-based systems maximize the personalization benefits while at the same time being compliant with the privacy constraints that are currently in effect?

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 12 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

revisit the research question

seeking a mechanism to dynamically select user modeling components that comply with the currently prevailing privacy constraints

SLIDE 3

3

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 13 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

user modeling component pool

ne-time machine learning +

fuzzy reasoning with uncertainty

UMC8

ne-time machine learning

UMC7

incremental machine learning

UMC6

fuzzy reasoning with uncertainty

UMC5

rule-based reasoning

UMC4

fuzzy reasoning with uncertainty

UMC3

rule-based reasoning

UMC2

clustering

UMC1 methods used user modeling component

XXX X

data used

XXX X X X X X X X X X X visited pages user-supplied data demographic data Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 14 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

product line architecture

“The common architecture for a set of related products or systems developed by an organization.” [Bosch, 2000] a PLA includes

Stable core: basic functionalities Options: optional features/qualities Variants: alternative features/qualities

A particular architecture instance is selected from the product-line architecture

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 15 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

ur approach

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 16 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

an example

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 17 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 18 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

the privacy constraints

SLIDE 4

4

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 19 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

conclusions

provide optimal personalization while respecting

privacy laws, regulations and users’ personal privacy preferences

leverage the flexibility of software product line to

address combinatory complexity of privacy constraints

apply state-of-the-art industry practice for

managing software variants at run time

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 20 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

project status and future work

currently prototyping the system systematically express privacy constraints a decentralized version privacy kernel

Institute for Software Research PEP05 Yang Wang and Alfred Kobsa 21 A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

1

A Software Product Line Approach for Handling Privacy Constraints in Web Personalization

Yang Wang and Alfred Kobsa

motivation software product line

an example conclusion

motivation

web personalization benefits

both customers and vendors

privacy concerns counteract

the personalization benefits

how to dynamically balance

personalization and privacy?

aims and key characteristics

provide optimal personalization while respecting

privacy laws, regulations and users’ personal privacy preferences

leverage the flexibility of software product line to

address combinatorial complexity of privacy constraints

apply state-of-the-art industry practice for

managing software variants at run time

UniversalFriends.com

bridge physical

distances

foster universal

friendship

recommend

personalized list of likely friends

privacy concerns

complex combinations of:

users’ personal privacy preferences international privacy laws (even trans-border) privacy regulations

2

users’ privacy preferences

“only collect my information if I give explicit consent !” “do not store my true name !”

“do not track me !”

privacy laws

EU data protection directive Asia-Pacific Economic Cooperation (APEC)

privacy framework

Organisation for Economic Co-operation and

Development (OECD) privacy guidelines

privacy laws and more countries are coming

data protection laws – year 2003

privacy regulations

sector standards (e.g., in USA)

self-regulation policies

the research question

how can personalized web-based systems maximize the personalization benefits while at the same time being compliant with the privacy constraints that are currently in effect?

revisit the research question

seeking a mechanism to dynamically select user modeling components that comply with the currently prevailing privacy constraints

3

user modeling component pool

product line architecture

“The common architecture for a set of related products or systems developed by an organization.” [Bosch, 2000] a PLA includes

A particular architecture instance is selected from the product-line architecture

an example

the privacy constraints

4

conclusions

provide optimal personalization while respecting

privacy laws, regulations and users’ personal privacy preferences

leverage the flexibility of software product line to

address combinatory complexity of privacy constraints

apply state-of-the-art industry practice for

managing software variants at run time

project status and future work

currently prototyping the system systematically express privacy constraints a decentralized version privacy kernel

acknowledgements

Alfred Kobsa André van der Hoek Eric Dashofy Yun Huang Norman Su Colleagues at CommerceNet