a framework for automatically enforcing privacy policies jean yang mit kit / april 17, 2014
DESCRIPTION
Many possible points of failure. getLocation(user) findAllUsers(location) findTopLocations() Only friends can see GPS location. Desired Policy Policy Implementation PolicyTRANSCRIPT
![Page 1: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/1.jpg)
A Framework for Automatically
Enforcing Privacy PoliciesJean Yang
MIT KIT / April 17, 2014
![Page 2: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/2.jpg)
Privacy matters.People get it wrong.
![Page 3: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/3.jpg)
Many possible points of failure.
getLocation(user)
findAllUsers(location)
findTopLocations()
Only friends can see GPS
location.
Desired Policy
Policy
Implementation
Policy
Policy
![Page 4: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/4.jpg)
Increasingly complex policies.
Only friends can see GPS
location.
Desired Policy
who are localwithin next five hours
![Page 5: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/5.jpg)
Jean Yang / Jeeves 5
![Page 6: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/6.jpg)
Easier if we separate policies from other functionality.
getLocation(user)
findAllUsers(location)
findTopLocations()
Only friends can see GPS
location.
Policy Implementation Other Implementation
![Page 7: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/7.jpg)
| findAllUsers(MIT)
The Jeeves Language
k
You have no friends in this location.
Jean Yang / Jeeves 7
Associated withpolicies.
![Page 8: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/8.jpg)
val loc = gpsCoords | country(gpsCoords)a
label a
Core Functionalityval msg = “Jean’s location is ” + asStr(loc)
Contextual Enforcementprint {fuming} msg “Jean’s location is N 42, W 71.”print {rishabh} msg “Jean’s location is in the United States.”
Policiesrestrict a: loc.(isNear(oc, jean))
{ low, high }
8
Sensitive Values
Jean Yang / Jeeves
Label.
Label.
Output channel. Predicate.
High value. Low value.
![Page 9: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/9.jpg)
Jean Yang / Jeeves 9
Jeeves Execution
=
3
Faceted execution
3 | 0 a
true | false a
Storing policies
Policies
label arestrict a: loc.true
Constraintsprint {…} …true a = low
a loc.true
false
![Page 10: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/10.jpg)
Jean Yang / Jeeves 10
Classical SecurityLevel 3:
top secret.
Level 2:highly classified.
Level 1:privileged information.
Lattice of access levels.
![Page 11: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/11.jpg)
Jean Yang / Jeeves 11
Classical Security
Viewers must have access for the highest level.
+Level 3
Level 3
Level 0
![Page 12: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/12.jpg)
Jean Yang / Jeeves 12
| Jeeves Security
p+
![Page 13: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/13.jpg)
Jean Yang / Jeeves 13
ImplementationOverload operators for faceted evaluation.
Policy environment
Use an SMT solver as a model finder.
mkLabelrestrict
=
33 | 42 a
Store policies in runtime environment
true | false a
false
![Page 14: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/14.jpg)
Jean Yang / Jeeves 14
Case Studies in Progress
Conference management
system
Course manager
Protein signaling
Fitness tracking (with Fuming)
![Page 15: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/15.jpg)
15
FINALLY.. I CAN FOCUS ON FUNCTIONALITY!
![Page 16: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/16.jpg)
Jean Yang / Jeeves 16
Jeeves Team
Armando Solar-
LezamaThomas Austin
Cormac Flanagan
TravisHance
BenjaminShaibu
![Page 17: A Framework for Automatically Enforcing Privacy Policies Jean Yang MIT KIT / April 17, 2014](https://reader034.vdocuments.us/reader034/viewer/2022052608/5a4d1b947f8b9ab0599c2a4d/html5/thumbnails/17.jpg)
|
This Talk
Jean Yang / Jeeves jeeveslang.org
You have no friends in this location.
Jeeves programmingmodel
Theoretical guarantees
Implementation strategies
Case studies Join us!