Raúl Pardo will give a talk about his work on Formal Verification of Privacy Policies for Social Networks. Details below.
Raúl Pardo, Prof., ITU.
Formal Verification of Privacy Policies for Social Networks
Online Social Networks (OSNs) are ubiquitous, with more than 70% of internet users being part of them. The pervasive nature of OSNs brings many threats and challenges; privacy being one of them. One mechanism to protect user privacy is to allow users to define privacy policies. These policies define who can know the information of the user. To this end, “the logic of knowledge” (epistemic logic) is a good candidate.
In this talk, I will present a formal framework, based on epistemic logic, to define and reason about privacy policies in OSNs. The framework is generic and can be used to instantiate real OSNs such as Facebook or Twitter. Furthermore, we can express novel types of privacy policies that are not present in existing OSNs. For instance, we can capture implicit disclosure of information, or evolving policies (i.e., policies that change over time). The framework relies on Social Networks Models (SNMs): social graphs enriched with knowledge bases containing the information that each user knows. I will discuss methods to formally verify and enforce privacy policies over execution traces—i.e., sequences of SNMs that capture the effect of the events that users execute. Finally, I will demonstrate a proof-of-concept implementation of this framework on the open-source OSN Diaspora.