Raúl Pardo Jimenez
Postdoctoral Researcher at the IT University of Copenhagen
Overview
As the use of Online Social Networks (OSNs) such as Facebook, Twitter or Instagram increases, privacy breaches in these systems keep pace with its growth. A data breach occurs when users’ personal data are shared with an unintended audience, or data are misused. To prevent data breaches OSNs provide users with privacy policies (also known as privacy settings). Unfortunately, current privacy policies have several limitations and do not prevent certain types of privacy breaches. One of the problems is that users cannot control the audience of their information when it is uploaded by other users. For instance, when a picture contains several people, only the user uploading the picture can set the audience. In this talk, I give an overview of current privacy policies in OSN and present a formal language to overcome some of its limitations. First, I describe Relationship-based Access Control (ReBAC)—the standard technique to define and enforce privacy policies in OSNs today—and highlight some of its limitations. Then, I present a privacy policy language where users can specify who can know their information—independently of who has uploaded it. Finally, I present several extensions of this language to express dynamic privacy policies, i.e., privacy policies that change based on time and events.
Biography
Raúl is a postdoctoral researcher in the SQUARE group at the IT University of Copenhagen where he works with Andrzej Wąsowski and Willard Rafnsson. In the past, Raúl was a Postdoctoral researcher in the Privatics team at Inria where he worked with Daniel Le Métayer. He has a PhD degree in Computer Science from Chalmers University of Technology. During his PhD studies he was part of the Formal Methods Division at the Department of Computer Science and Engineering. Raúl was supervised by Gerardo Schneider, Musard Balliu and David Sands.
Video