Team for Research in
Ubiquitous Secure Technology

Privacy and Contextual Integrity: Framework and Applications
Adam Barth

Citation
Adam Barth. "Privacy and Contextual Integrity: Framework and Applications". Talk or presentation, 27, April, 2006; Poster.

Abstract
Contextual integrity is a conceptual framework for understanding privacy expectations and their implications developed in the literature on law, public policy, and political philosophy. We formalize some aspects of contextual integrity in a logical framework for expressing and reasoning about norms of transmission of personal information. In comparison with access control and privacy policy frameworks such as RBAC, EPAL, and P3P, these norms focus on who personal information is about, how it is transmitted, and past and future actions by both the subject and the users of the information. Norms can be positive or negative depending on whether they refer to actions that are allowed or disallowed. Our model is expressive enough to capture naturally many notions of privacy found in legislation, including those found in HIPAA, COPPA, and GLBA. A number of important problems regarding compliance with privacy norms, future requirements associated with specific actions, and relations between policies and legal standards reduce to standard decision procedures for temporal logic.

Electronic downloads

Citation formats  
  • HTML
    Adam Barth. <a
    href="http://www.truststc.org/pubs/70.html"
    ><i>Privacy and Contextual Integrity: Framework and
    Applications</i></a>, Talk or presentation,  27,
    April, 2006; Poster.
  • Plain text
    Adam Barth. "Privacy and Contextual Integrity:
    Framework and Applications". Talk or presentation,  27,
    April, 2006; Poster.
  • BibTeX
    @presentation{Barth06_PrivacyContextualIntegrityFrameworkApplications,
        author = {Adam Barth},
        title = {Privacy and Contextual Integrity: Framework and
                  Applications},
        day = {27},
        month = {April},
        year = {2006},
        note = {Poster},
        abstract = {Contextual integrity is a conceptual framework for
                  understanding privacy expectations and their
                  implications developed in the literature on law,
                  public policy, and political philosophy. We
                  formalize some aspects of contextual integrity in
                  a logical framework for expressing and reasoning
                  about norms of transmission of personal
                  information. In comparison with access control and
                  privacy policy frameworks such as RBAC, EPAL, and
                  P3P, these norms focus on who personal information
                  is about, how it is transmitted, and past and
                  future actions by both the subject and the users
                  of the information. Norms can be positive or
                  negative depending on whether they refer to
                  actions that are allowed or disallowed. Our model
                  is expressive enough to capture naturally many
                  notions of privacy found in legislation, including
                  those found in HIPAA, COPPA, and GLBA. A number of
                  important problems regarding compliance with
                  privacy norms, future requirements associated with
                  specific actions, and relations between policies
                  and legal standards reduce to standard decision
                  procedures for temporal logic.},
        URL = {http://www.truststc.org/pubs/70.html}
    }
    

Posted by Christopher Brooks on 27 Apr 2006.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.