An automata-based approach to evolving privacy policies for social networks
Paper in proceedings, 2016

Online Social Networks (OSNs) are ubiquitous, with more than 70% of Internet users being active users of such networking services. This widespread use of OSNs brings with it big threats and challenges, privacy being one of them. Most OSNs today offer a limited set of (static) privacy settings and do not allow for the definition, even less enforcement, of more dynamic privacy policies. In this paper we are concerned with the specification and enforcement of dynamic (and recurrent) privacy policies that are activated or deactivated by context (events). In particular, we present a novel formalism of policy automata, transition systems where privacy policies may be defined per state. We further propose an approach based on runtime verification techniques to define and enforce such policies. We provide a proof-of-concept implementation for the distributed social network Diaspora, using the runtime verification tool Larva to synthesise enforcement monitors.


Raul Pardo Jimenez

Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)

C. Colombo

University of Malta

Gordon J. Pace

University of Malta

Gerardo Schneider

University of Gothenburg

Lecture Notes in Computer Science

0302-9743 (ISSN)

Vol. 10012 285-301

Subject Categories

Computer and Information Science