Researcher profile

Yan Shvartzshnaider

Yan Shvartzshnaider contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate

cs.CY Cryptography and Security Human-Computer Interaction Networking and Internet Architecture Other Computer Science

Trust snapshot

Quick read

Trust 19 - Baseline

5works

0followers

5topics

4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

preprint2022arXiv

Stop the Spread: A Contextual Integrity Perspective on the Appropriateness of COVID-19 Vaccination Certificates

We present an empirical study exploring how privacy influences the acceptance of vaccination certificate (VC) deployments across different realistic usage scenarios. The study employed the privacy framework of Contextual Integrity, which has been shown to be particularly effective in capturing people's privacy expectations across different contexts. We use a vignette methodology, where we selectively manipulate salient contextual parameters to learn whether and how they affect people's attitudes towards VCs. We surveyed 890 participants from a demographically-stratified sample of the US population to gauge the acceptance and overall attitudes towards possible VC deployments to enforce vaccination mandates and the different information flows VCs might entail. Analysis of results collected as part of this study is used to derive general normative observations about different possible VC practices and to provide guidance for the possible deployments of VCs in different contexts.

preprint2016arXiv

Crowdsourced, Actionable and Verifiable Contextual Informational Norms

There is often a fundamental mismatch between programmable privacy frameworks, on the one hand, and the ever shifting privacy expectations of computer system users, on the other hand. Based on the theory of contextual integrity (CI), our paper addresses this problem by proposing a privacy framework that translates users' privacy expectations (norms) into a set of actionable privacy rules that are rooted in the language of CI. These norms are then encoded using Datalog logic specification to develop an information system that is able to verify whether information flows are appropriate and the privacy of users thus preserved. A particular benefit of our framework is that it can automatically adapt as users' privacy expectations evolve over time. To evaluate our proposed framework, we conducted an extensive survey involving more than 450 participants and 1400 questions to derive a set of privacy norms in the educational context. Based on the crowdsourced responses, we demonstrate that our framework can derive a compact Datalog encoding of the privacy norms which can in principle be directly used for enforcing privacy of information flows within this context. In addition, our framework can automatically detect logical inconsistencies between individual users' privacy expectations and the derived privacy logic.

preprint2015arXiv

Immutable Views -- Access control (to your information) for masses

There are a lot of on going efforts in the research community as well as industry around providing privacy-preserving and secure storage for personal data. Although, over time it has adopted many tag lines such as Personal Information Hub [12], personal container [8], DataBox [4], Personal Data Store (PDS) [3] and many others, these are essentially reincarnations of a simple idea: provide a secure way and place for users to store their information and allow them to provision who has access to that information. In this paper, we would like to discuss a way to facilitate access control mechanism (AC) in the various "personal cloud" proposals.

preprint2012arXiv

Design For Change: Information-Centric Architecture to Support Agile Disaster Response

This paper presents a case for the adoption of an information-centric architecture for a global disaster management system. Drawing from a case study of the 2010/2011 Queensland floods, we describe the challenges in providing every participant with relevant and actionable information. We use various examples to argue for a more flexible information dissemination framework which is designed from the ground up to minimise the effort needed to fix the unexpected and unavoidable information acquisition, quality, and dissemination challenges posed by any real disaster.

preprint2011arXiv

A Case for a Global Information Network

This paper argues for the adoption of a information centric system model instead of the current service-oriented one. We present an architecture for a global information storage and dissemination network which provides for efficient interaction and coordination among autonomous actors through a shared information space. We believe that the resulting, loosely coupled systems, while probabilistic in nature, will lead to robust outcomes at large scales.