Graph theory for consent management: a new approach for complex data flows
Graph theory for consent management: a new approach for complex data flows
Through legislation and technical advances users gain more control over how their data is processed, and they expect online services to respect their privacy choices and preferences. However, data may be processed for many different purposes by several layers of algorithms that create complex data workflows. To date, there is no existing approach to automatically satisfy fine-grained privacy constraints of a user in a way which optimises the service provider's gains from processing. In this article, we propose a solution to this problem by modelling a data flow as a graph. User constraints and processing purposes are pairs of vertices which need to be disconnected in this graph. We show that, in general, this problem is NP-hard and we propose several heuristics and algorithms. We discuss the optimality versus efficiency of our algorithms and evaluate them using synthetically generated data. On the practical side, our algorithms can provide nearly optimal solutions for tens of constraints and graphs of thousands of nodes, in a few seconds.
55-63
Filipczuk, Dorota
582b73c6-5445-4679-88b5-15d8e1234679
Gerding, Enrico
d9e92ee5-1a8c-4467-a689-8363e7743362
Konstantinidis, George
f174fb99-8434-4485-a7e4-bee0fef39b42
14 May 2024
Filipczuk, Dorota
582b73c6-5445-4679-88b5-15d8e1234679
Gerding, Enrico
d9e92ee5-1a8c-4467-a689-8363e7743362
Konstantinidis, George
f174fb99-8434-4485-a7e4-bee0fef39b42
Filipczuk, Dorota, Gerding, Enrico and Konstantinidis, George
(2024)
Graph theory for consent management: a new approach for complex data flows.
Journal of ACM SIGMOD Record, 53 (1), .
Abstract
Through legislation and technical advances users gain more control over how their data is processed, and they expect online services to respect their privacy choices and preferences. However, data may be processed for many different purposes by several layers of algorithms that create complex data workflows. To date, there is no existing approach to automatically satisfy fine-grained privacy constraints of a user in a way which optimises the service provider's gains from processing. In this article, we propose a solution to this problem by modelling a data flow as a graph. User constraints and processing purposes are pairs of vertices which need to be disconnected in this graph. We show that, in general, this problem is NP-hard and we propose several heuristics and algorithms. We discuss the optimality versus efficiency of our algorithms and evaluate them using synthetically generated data. On the practical side, our algorithms can provide nearly optimal solutions for tens of constraints and graphs of thousands of nodes, in a few seconds.
This record has no associated files available for download.
More information
Published date: 14 May 2024
Identifiers
Local EPrints ID: 504294
URI: http://eprints.soton.ac.uk/id/eprint/504294
PURE UUID: 5f688493-7cc5-4d24-a88b-6aae55bf0b78
Catalogue record
Date deposited: 02 Sep 2025 17:11
Last modified: 03 Sep 2025 01:40
Export record
Contributors
Author:
Dorota Filipczuk
Author:
Enrico Gerding
Author:
George Konstantinidis
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics