Many data analysis tasks rely on the abstraction of a graph to represent relations between entities, with attributes on the nodes and edges. Since the relationships encoded are often sensitive, we seek effective ways to release representative graphs which nevertheless protect the privacy of the data subjects. Prior work on this topic has focused primarily on the graph structure in isolation, and has not provided ways to handle richer graphs with correlated attributes.We introduce an approach to release such graphs under the strong guarantee of differential privacy. We adapt existing graph models, and introduce a new one, and show how to augment them with meaningful privacy. This provides a complete workflow, where the input is a sensitive graph, and the output is a realistic synthetic graph. Our experimental study demonstrates that our process produces useful, accurate attributed graphs.
Mobile platforms, such as Android, warn users about the permissions an app requests and trust that the user will make the correct decision about whether or not to install the app. Unfortunately many users either ignore the warning or fail to understand the permissions and the risks they imply. As a step toward developing an indicator of risk that decomposes risk into several categories, or dimensions, we conducted two studies designed to assess the dimensions of risk deemed most important by experts and novices. In Study 1, semi-structured interviews were conducted with 19 security experts, who also performed a card sorting task in which they categorized permissions. The experts identified three major risk dimensions in the interviews (personal information privacy, monetary risk, and device availability/stability), and a forth dimension (data integrity) in the card sorting task. In Study 2, 350 typical Android users, recruited via Amazon Mechanical Turk, filled out a questionnaire in which they (a) answered questions concerning their mobile device usage, (b) rated how often they considered each of several types of information when installing apps, (c) indicated what they considered to be the biggest risk associated with installing an app on their mobile device, and (d) rated their concerns with regard to specific risk types and about apps having access to specific types of information. In general, the typical users' concerns were similar to those of the security experts. The results of the studies suggest that risk information should be organized into several risk types that can be better understood by users and that a mid-level risk summary should incorporate the dimensions of personal information privacy, monetary risk, device availability/stability risk and data integrity risk.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.