Download Contextual Integrity in PORTIA

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Aerodynamics wikipedia , lookup

Fluid dynamics wikipedia , lookup

Rheology wikipedia , lookup

Transcript
Contextual Integrity
in
PORTIA
PI: Helen Nissenbaum
Students: Timothy Weber & Michael Zimmer
New York University
In collaboration with: Sam Hawala (U.S. Census)
Dan Boneh (Stanford)
Embedding Values in Design:
Constitutive Activities
• Discovery
Discovering the values relevant to a project
• Translation
Realizing values in design features
– Operationalization**
Finding correct concrete expression of value
– Implementation**
Specifying design features per operationalized values
• Verification
Verifying that it worked
Privacy as Contextual Integrity
In a given setting, contextual integrity is
maintained when norms of information
flow -- appropriateness and
transmission --are respected; it is
violated otherwise.
Norms of Contextual Integrity
• Norms of Appropriateness
– Govern types/categories of information (e.g. fields in a database)
• Norms of Transmission
– Principles governing of flow of information from agent to agent
• A1 shares info voluntarily with A2
• A2 infers information about A1
• A1 is mandated to share info with A2 (e.g. earnings to IRS)
• Confidentiality: A1 shares with A2; A2 may not share further
• Commercial exchange: A2 buys information about A1
• Reciprocity? Information about A1 flows to A2; vice versa?
• Entitlement: A2 is entitled to information about A1
• Etc.
Applying CI as a Decision
Heuristic
A. What is the governing context?
B. What type of information is at issue?
C. According to what transmission
principles (flow and actors)?
Red flag if CI is violated.
CI in PORTIA: Current work
1. Refine conceptual framework
• Book
2. “Proof of Concept” in User spaces
• Model information flow policies and question
selection in context of US Census in terms of
norms of information flow (Hawala & Weber) P
• Cybercrime and cyber-policing
3. Implement CI in PORTIA technical projects
• Vehicle Safety Communication System
(Boneh & Zimmer) P
CI in PORTIA: Future work
1. Conceptual Framework
• Address problem of conservatism
• Complete book
2. Analysis of User Spaces
• More cases (healthcare; cyber-policing)
3. Technical Implementation
• More cases (“privacy-sensitive data mining”;
aggregation and profiling, e.g. Choicepoint,
differential authorization)