Kambiz Ghazinour

Monitoring and recommending privacy settings in social networks

Ensuring privacy of users of social networks is probably an unsolvable conundrum. It seems, however, that informed use of the existing privacy options by the social network participants may alleviate - or even prevent - some of the more drastic privacy-averse incidents. Unfortunately, recent surveys show that an average user is either not aware of these options or does not use them, probably due to their perceived complexity. It is therefore reasonable to believe that tools assisting users with two tasks: 1) understanding their social network behavior in terms of their privacy settings and broad privacy categories, and 2) recommending reasonable privacy options, will be a valuable tool for everyday privacy practice in a social network context. This paper presents early research that shows how simple machine learning techniques may provide useful assistance in these two tasks to Facebook users.

Analysis of social networking privacy policies

As the use of social networks becomes more widespread and commonplace, users are beginning to question how their privacy is protected by social networks. In this paper, we review a privacy taxonomy for data storage polices and models and extend it to support social networking. We then apply the extended taxonomy to the privacy policies of six commonly used social networks, and present our findings with regards to how the published privacy policies of these social networks protect the privacy of users in reality.

A Model for Privacy Policy Visualization

Privacy is a leading concern for anyone that utilizes computing resources whether shopping on the Internet or visiting their doctor. Legislative acts require enterprises and data collectors to protect the privacy of their customers and data owners. Although privacy policy frameworks such as P3P assist data collectors in demonstrating their privacy policies to customers (i.e. publishing privacy policy on websites), insufficient research has been reported to help users visualize privacy policies. This paper presents a privacy policy visualization model based on the predicates of a privacy policy model. The key contribution is to provide a visualization model that facilitates understanding the policies for the data owners and provides the opportunity for the policy officers to better understand the designed policies. Finally, we demonstrate the model with a use case drawn from the policies of an online social network.

A Lattice-Based Privacy Aware Access Control Model

As the amount of data being collected by service providers increases, privacy concerns increase for the data owners that must provide private data to get services. Legislative acts require enterprises protect the privacy of their customers and privacy policy frameworks such as P3P assist enterprises in demonstrating their privacy policies to customers (i.e. publishing privacy policy on websites). Unfortunately, defining these standards does not guarantee that the privacy policies are actually enforced since privacy is not central to conventional access control models. Furthermore, a privacy-preserving model should consider the privacy preferences of both data provider and data collector. This paper presents a Lattice-based Privacy Aware Access Control (LPAAC) Model. The key contribution is providing a privacy preserving model that enforces privacy policies and facilitates customization of privacy agreements and preferences of both data providers and organizations that collect data.

YOURPRIVACYPROTECTOR, A recommender system for privacy settings in social networks

Ensuring privacy of users of social networks is probably an unsolvable conundrum. At the same time, an informed use of the existing privacy options by the social network participants may alleviate - or even prevent - some of the more drastic privacy-averse incidents. Unfortunately, recent surveys show that an average user is either not aware of these options or does not use them, probably due to their perceived complexity. It is therefore reasonable to believe that tools assisting users with two tasks: 1) understanding their social net behavior in terms of their privacy settings and broad privacy categories, and 2)recommending reasonable privacy options, will be a valuable tool for everyday privacy practice in a social network context. This paper presents YourPrivacyProtector, a recommender system that shows how simple machine learning techniques may provide useful assistance in these two tasks to Facebook users. We support our claim with empirical results of application of YourPrivacyProtector to two groups of Facebook users.

Capturing P3P semantics using an enforceable lattice-based structure

With the increasing amount of data collected by service providers, privacy concerns increase for data owners who must provide private data to receive services. Legislative acts require service providers to protect the privacy of customers. Privacy policy frameworks, such as P3P, assist the service providers by describing their privacy policies to customers (e.g. publishing privacy policy on websites). Unfortunately, providing the policies alone does not guarantee that they are actually enforced. Furthermore, a privacy-preserving model should consider the privacy preferences of both the data provider and collector. This paper discusses the challenges in development of capturing privacy predicates in a lattice structures. A use case study is presented to show the applicability of the lattice approach to a specific domain. We also present a comprehensive study on applying a lattice-based approach to P3P. We show capturing privacy elements of P3P in a lattice format facilitates managing and enforcing policies presented in P3P and accommodates the customization of privacy practices and preferences of data and service providers. We also propose that the outcome of this approach can be used on lattice-based privacy aware access control models [8].

Detecting Health-Related Privacy Leaks in Social Networks Using Text Mining Tools

In social media, especially in social networks, users routinely share personal information. In such sharing, they might inadvertently reveal some personal health information, an essential part of their private information. In this work, we present a tool for detection of personal health information (PHI) in a social network site, MySpace. We analyze the PHI with the use of two well-known medical resources MedDRA and SNOMED. We introduce a new measure – Risk Factor of Personal Information – that assesses a possibility of a term to disclose personal health information. We synthesize a profile of a potential PHI leak in a social network, and we demonstrate that this task benefits from the emphasis on the MedDRA and SNOMED terms.

A Usability Study on the Privacy Policy Visualization Model

Privacy policies are known to be one of the least favorite pieces of any website, software installation or any other agreement between a service provider and data provider. Due to the extreme importance of privacy policies, there have been attempts to make privacy policies more readable to the users. The Privacy Policy Visualization Model (PPVM) is considered to be the first model that simplifies the policies by visualizing them to the users. Although it is an important attempt towards privacy awareness, it is important to examine the usability of this privacy enhancing technology. This paper studies the usability of such model at the user level. We evaluate the PPVM based on STARP heuristic evaluation framework to inspect privacy usability vulnerabilities and suggest some solutions to overcome some usability problems encountered during evaluation.

A privacy preserving model bridging data provider and collector preferences

With the increasing amount of data collected by service providers, privacy concerns increase for data owners who provide private data to receive services. Legislative acts require service providers to protect the privacy of customers. Privacy policy frameworks, such as P3P, assist them by describing their privacy policies to customers (e.g. publishing privacy policy on websites). Unfortunately, providing the policies alone does not guarantee that they are actually enforced because privacy is not a key feature of conventional access control models. A privacy-preserving model should consider the privacy preferences of both the data provider and collector. This paper briefly develops a Lattice-based Privacy Aware Access Control (LPAAC) Model that enforces privacy policies, facilitates customization of privacy agreements, and accommodates preferences of both data and service providers. We demonstrate our models design and feasibility with corresponding privacy catalogues. Examples clarify the usability, and we provide the implementation of our privacy catalogues that show the efficiency and scalability of our model.

Classification of Image Distortions Based on Features Evaluation

No Reference Image Quality Assessment (NR-IQA) refers to algorithms that predict the quality of distorted image where the reference image is not available. NR-IQA algorithms are divided into two categories: specific distortion quality assessment and general purpose quality assessment. The first type of algorithms deals with a specific distortion and predict the quality of the image based on this distortion. Which means it assumes that the distortion in the image is known. On the other hand, the general purpose quality assessment type predicts the quality of image with no information about the distortion that affecting the tested image. A two-stage framework, is proposed by Moorthy and Bovik [1], which classifies the distortion followed by distortion-specific quality assessment method. Our proposal here is to improve the classification portion by investigating the performance of different classification techniques and different features. Each feature is validated using different features evaluation techniques. As a result, we construct a set of optimal features that classify image distortions with a high accuracy rate.