Annual Workshop February 5th, 2014. A Formal Approach to Analyze Privacy in Electronic Services. MSEC Koen Decroix. Outline. Introducing Privacy in Loyalty Services Conceptual model of inShopnito Framework for Formal Reasoning on Privacy Privacy Analysis of inShopnito Conclusions.
February 5th, 2014
[Koen Decroix – MSEC - KU Leuven]
… Max Schrems, an Austrian student, did!
Now he sues Facebook for their data practices on the personal data they collected about him.
For the convenience of their customers, loyalty services evolved to electronic services integrated with other online (third-party) services. Is this the full story?
Share your shopping activities with friends on Facebook
Not transparent to users evolved to electronic services integrated with other online (third-party) services. Is this the full story?
When registering to such services, you agreed with their terms and policies and gave them your consentfor collecting, processing, and forwarding your personal data.
Your past online activities leave non-erasable, possibly harmful, traces behind and might get spread around.
Citizens must be protected for these data practices. harmful, traces behind and might get spread around.
This is where the European data protection legislation comes into play.
… designers have to consider multiple types of requirements
Need for formal modeling, as a support during requirementsdesign of composite services.
Privacy analysis is based on requirementsuser profiles built from the formal models. Its feedback must be useful for system designers and users as well.
Collecting loyalty points at first glance. requirements
… but looking into more requirementsdetail …
From specifications of service providers’ data practices (= service policies), we can derive that …
Conceptual model of requirementsinShopnito
System Independent Model requirements
Privacy Analysis - Feedback requirements
inShopnito requirements modeled for two user types
Advertisers are not trusted
No trust in organizations
Loyalty credential: Idemix what if X509 is used?
Linkabilities requirements in inShopnito
Advertisers not allowed to have the customer’s his:
Violations of rules 1, 2, 3 are found only in case a X509 certificate is used in case of the user model