Results 1 - 10
of
35
Privacy wizards for social networking sites
- in WWW ’10: Proceedings of the 19th International World Wide Web Conference
, 2010
"... Privacy is an enormous problem in online social networking sites. While sites such as Facebook allow users fine-grained control over who can see their profiles, it is difficult for average users to specify this kind of detailed policy. In this paper, we propose a template for the design of a social ..."
Abstract
-
Cited by 95 (2 self)
- Add to MetaCart
(Show Context)
Privacy is an enormous problem in online social networking sites. While sites such as Facebook allow users fine-grained control over who can see their profiles, it is difficult for average users to specify this kind of detailed policy. In this paper, we propose a template for the design of a social networking privacy wizard. The intuition for the design comes from the observation that real users conceive their privacy preferences (which friends should be able to see which information) based on an implicit set of rules. Thus, with a limited amount of user input, it is usually possible to build a machine learning model that concisely describes a particular user’s preferences, and then use this model to configure the user’s privacy settings automatically. As an instance of this general framework, we have built a wizard based on an active learning paradigm called uncertainty sampling. The wizard iteratively asks the user to assign privacy “labels ” to selected (“informative”) friends, and it uses this input to construct a classifier, which can in turn be used to automatically assign privileges to the rest of the user’s (unlabeled) friends. To evaluate our approach, we collected detailed privacy preference data from 45 real Facebook users. Our study revealed two important things. First, real users tend to conceive their privacy preferences in terms of communities, which can easily be extracted from a social network graph using existing techniques. Second, our active learning wizard, using communities as features, is able to recommend high-accuracy privacy settings using less user input than existing policy-specification tools.
REPRIV: Re-Envisioning In-Browser Privacy
"... In this paper, we present REPRIV, a system for managing and controlling the release of private information from the browser. We demonstrate how always-on user interest mining can effectively infer user interests in a real browser. We go on to discuss an extension framework that allows third-party co ..."
Abstract
-
Cited by 23 (4 self)
- Add to MetaCart
In this paper, we present REPRIV, a system for managing and controlling the release of private information from the browser. We demonstrate how always-on user interest mining can effectively infer user interests in a real browser. We go on to discuss an extension framework that allows third-party code to extract and disseminate more detailed information, as well as language-based techniques for verifying the absence of privacy leaks in this untrusted code. To demonstrate the effectiveness of our model, we present REPRIV extensions that perform personalization for Netflix, Twitter, Bing, and GetGlue. We evaluated several aspects of REPRIV in realistic scenarios. We show that REPRIV’s default in-browser mining can be done with no noticeable overhead to normal browsing, and that the results it produces converge quickly. We then go on to show similar results for each of our case studies: that REPRIV enables high-quality personalization, as shown by cases studies in news and search result personalization we evaluated on thousands of instances, and that the performance impact each case has on the browser is minimal. We conclude that personalized content and individual privacy on the web are not mutually exclusive. 2
Facebook users have become much more private: a large-scale study
"... Abstract—We investigate whether Facebook users have become more private in recent years. Specifically, we examine if there have been any important trends in the information Facebook users reveal about themselves on their public profile pages since early 2010. To this end, we have crawled the public ..."
Abstract
-
Cited by 22 (1 self)
- Add to MetaCart
(Show Context)
Abstract—We investigate whether Facebook users have become more private in recent years. Specifically, we examine if there have been any important trends in the information Facebook users reveal about themselves on their public profile pages since early 2010. To this end, we have crawled the public profile pages of 1.4 million New York City (NYC) Facebook users in March 2010 and again in June 2011. We have found that NYC users in our sample have become dramatically more private during this period. For example, in March 2010 only 17.2 % of users in our sample hid their friend lists, whereas in June 2011, just 15 months later, 52.6 % of the users hid their friend lists. We explore privacy trends for several personal attributes including friend list, networks, relationship, high school name and graduation year, gender, and hometown. We find that privacy trends have become more pronounced for certain demographics. Finally, we attempt to determine the primary causes behind the dramatic decrease in the amount of information Facebook users reveal about themselves to the general public. I.
REPRIV: Re-Imagining Content Personalization and In-Browser Privacy
"... Abstract—We present REPRIV, a system that combines the goals of privacy and content personalization in the browser. REPRIV discovers user interests and shares them with thirdparties, but only with an explicit permission of the user. We demonstrate how always-on user interest mining can effectively i ..."
Abstract
-
Cited by 17 (1 self)
- Add to MetaCart
(Show Context)
Abstract—We present REPRIV, a system that combines the goals of privacy and content personalization in the browser. REPRIV discovers user interests and shares them with thirdparties, but only with an explicit permission of the user. We demonstrate how always-on user interest mining can effectively infer user interests in a real browser. We go on to discuss an extension framework that allows third-party code to extract and disseminate more detailed information, as well as language-based techniques for verifying the absence of privacy leaks in this untrusted code. To demonstrate the effectiveness of our model, we present REPRIV extensions that perform personalization for Netflix, Twitter, Bing, and GetGlue. This paper evaluates important aspects of REPRIV in realistic scenarios. We show that REPRIV’s default in-browser mining can be done with no noticeable overhead to normal browsing, and that the results it produces converge quickly. We demonstrate that REPRIV personalization yields higher quality results than those that may be obtained about the user from public sources. We then go on to show similar results for each of our case studies: that REPRIV enables high-quality personalization, as shown by cases studies in news and search result personalization we evaluated on thousands of instances, and that the performance impact each case has on the browser is minimal. We conclude that personalized content and individual privacy on the web are not mutually exclusive. I.
Detecting and resolving privacy conflicts for collaborative data sharing in online social networks
- In: Proceedings of the 27th Annual Computer Security Applications Conference
, 2011
"... We have seen tremendous growth in online social networks (OSNs) in recent years. These OSNs not only offer attractive means for virtual social interactions and information sharing, but also raise a number of security and privacy issues. Although OSNs allow a single user to govern access to her/his d ..."
Abstract
-
Cited by 16 (5 self)
- Add to MetaCart
(Show Context)
We have seen tremendous growth in online social networks (OSNs) in recent years. These OSNs not only offer attractive means for virtual social interactions and information sharing, but also raise a number of security and privacy issues. Although OSNs allow a single user to govern access to her/his data, they currently do not provide anymechanism to enforce privacy concerns over data asso-ciated withmultiple users, remaining privacy violations largely un-resolved and leading to the potential disclosure of information that at least one user intended to keep private. In this paper, we propose an approach to enable collaborative privacy management of shared data in OSNs. In particular, we provide a systematic mechanism to identify and resolve privacy conflicts for collaborative data shar-ing. Our conflict resolution indicates a tradeoff between privacy protection and data sharing by quantifying privacy risk and sharing loss. We also discuss a proof-of-concept prototype implementation of our approach as part of an application in Facebook and provide system evaluation and usability study of our methodology.
Estimating age privacy leakage in online social networks
- in Proceedings of the IEEE INFOCOM 2012
, 2012
"... Abstract—We perform a large-scale study to quantify just how severe the privacy leakage problem is in Facebook. As a case study, we focus on estimating birth year, which is a fundamental human attribute and, for many people, a private one. Specifically, we attempt to estimate the birth year of over ..."
Abstract
-
Cited by 14 (3 self)
- Add to MetaCart
(Show Context)
Abstract—We perform a large-scale study to quantify just how severe the privacy leakage problem is in Facebook. As a case study, we focus on estimating birth year, which is a fundamental human attribute and, for many people, a private one. Specifically, we attempt to estimate the birth year of over 1 million Facebook users in New York City. We examine the accuracy of estimation procedures for several classes of users: (i) highly private users, who do not make their friend lists public; (ii) users who hide their birth years but make their friend lists public. To estimate Facebook users ’ ages, we exploit the underlying social network structure to design an iterative algorithm, which derives age estimates based on friends ’ ages, friends of friends’ ages, and so on. We find that for most users, including highly private users who hide their friend lists, it is possible to estimate ages with an error of only a few years. We also make a specific suggestion to Facebook which, if implemented, would greatly reduce privacy leakages in its service. I.
Enabling Collaborative Data Sharing in Google
- In IEEE Globecom
, 2012
"... Abstract-Most of existing online social networks, such as Facebook and Twitter, are designed to bias towards information disclosure to a large audience. Google recently launched a new social network platform, Google+. By introducing the notion of 'circles', Google+ enables users to selecti ..."
Abstract
-
Cited by 10 (2 self)
- Add to MetaCart
(Show Context)
Abstract-Most of existing online social networks, such as Facebook and Twitter, are designed to bias towards information disclosure to a large audience. Google recently launched a new social network platform, Google+. By introducing the notion of 'circles', Google+ enables users to selectively share data with specific groups within their personal network, rather than sharing with all of their social connections at once. Although Google+ can help mitigate the gap between the individuals' expectations and their actual privacy settings, it still only allows a single user to restrict access to herlhis data but cannot provide any mechanism to enforce privacy concerns over data associated with multiple users. In this paper, we propose an approach to facilitate collaborative privacy management of shared data in Google+. We extend and formulate a multiparty access control model, named MPAC+, to capture the essence of collaborative authorization requirements in Google+, along with a multiparty policy specification scheme and a policy enforcement mechanism. We also discuss a proof-of-concept prototype of our approach and describe system evaluation and usability study of our prototype. I.
From technological networks to social networks
- IEEE J. SEL. AREAS COMMUN
, 2013
"... Social networks overlaid on technological networks account for a significant fraction of Internet use. Through graph theoretic and functionality models, this paper examines social network analysis and potential implications for the design of technological networks, and vice versa. Such interplay be ..."
Abstract
-
Cited by 5 (0 self)
- Add to MetaCart
(Show Context)
Social networks overlaid on technological networks account for a significant fraction of Internet use. Through graph theoretic and functionality models, this paper examines social network analysis and potential implications for the design of technological networks, and vice versa. Such interplay between social networks and technological networks suggests new directions for future research in networking.
Privacy-Aware Data Management in Information Networks
"... The proliferation of information networks, as a means of sharing information, has raised privacy concerns for enterprises who manage such networks and for individual users that participate in such networks. For enterprises, the main challenge is to satisfy two competing goals: releasing network data ..."
Abstract
-
Cited by 4 (1 self)
- Add to MetaCart
The proliferation of information networks, as a means of sharing information, has raised privacy concerns for enterprises who manage such networks and for individual users that participate in such networks. For enterprises, the main challenge is to satisfy two competing goals: releasing network data for useful data analysis and also preserving the identities or sensitive relationships of the individuals participating in the network. Individual users, on the other hand, require personalized methods that increase their awareness of the visibility of their private information. This tutorial provides a systematic survey of the problems and state-of-the-art methods related to both enterprise and personalized privacy in information networks. The tutorial discusses privacy threats, privacy attacks, and privacypreserving mechanisms tailored specifically to network data.
Finding "hidden" connections on LinkedIn An argument for more pragmatic social network privacy
- in Proceedings of the 2nd ACM workshop on Security and artificial intelligence (AISec '09), 2009, ACM
"... Social networking services well know that some users are unwilling to freely share the information they store with the service (e.g. profile information). To address this, ser-vices typically provide various privacy “knobs ” that the user may adjust to limit access by content type or user iden-tity. ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
(Show Context)
Social networking services well know that some users are unwilling to freely share the information they store with the service (e.g. profile information). To address this, ser-vices typically provide various privacy “knobs ” that the user may adjust to limit access by content type or user iden-tity. However, the main purpose of social networks, com-munity building, is largely at odds with this, hence it is unsurprising that privacy breaches in social networks are in-creasingly discovered. We argue that this tension between social networking goals and privacy suggests that research efforts should be focused more on efficient methods for de-tecting privacy breaches in social networks and on building user awareness of privacy risks and the trade-off between privacy and utility. We support our argument with a simple method for discovering LinkedIn contacts ostensibly hidden by privacy settings. This method appears discoverable with a straightforward analysis of the LinkedIn system and its features (indeed, LinkedIn is likely aware of this method), however Linkedin’s privacy instructions suggest to users that implementing a privacy setting will prevent such discovery.
