Purpose Restrictions on Information Use

Abstract

Privacy policies in sectors as diverse as Web services, finance and healthcare often place restrictions on the purposes for which a governed entity may use personal information. Thus, automated methods for enforcing privacy policies require a semantics of purpose restrictions to determine whether a governed agent used information for a purpose. We provide such a semantics using a formalism based on planning. We model planning using Partially Observable Markov Decision Processes (POMDPs), which supports an explicit model of information. We argue that information use is for a purpose if and only if the information is used while planning to optimize the satisfaction of that purpose under the POMDP model. We determine information use by simulating ignorance of the information prohibited by the purpose restriction, which we relate to noninterference. We use this semantics to develop a sound audit algorithm to automate the enforcement of purpose restrictions.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 03, 2013
Accession Number
ADA587115

Entities

People

  • Anupam Datta
  • Jeannette Wing
  • Michael C. Tschantz

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Biomedical

DTIC Thesaurus Topics

  • Algorithms
  • Application Software
  • Artificial Intelligence
  • Auditing
  • Automata
  • Cognition
  • Computer Programs
  • Computers
  • Control Systems
  • Databases
  • Environment
  • Market Research
  • Marketing
  • Probability
  • Probability Distributions
  • Random Variables
  • Semantics

Readers

  • Adaptive Control and Estimation with Uncertainty in Dynamic Systems.
  • Artificial Intelligence
  • Government and Public Administration Law.