Engineering adaptive privacy: on the role of privacy awareness requirements

Authors:
Inah Omoronyia;Luca Cavallaro;Mazeiar Salehie;Liliana Pasquale;Bashar Nuseibeh
Affiliations:
University of Glasgow, UK;Lero, Ireland / University of Limerick, Ireland;Lero, Ireland / University of Limerick, Ireland;Lero, Ireland / University of Limerick, Ireland;Open University, UK / Lero, Ireland / University of Limerick, Ireland
Venue:
Proceedings of the 2013 International Conference on Software Engineering
Year:
2013

Citing 19
Cited 0

Reasoning about knowledge

Reasoning about knowledge
The Vision of Autonomic Computing

Computer
Unpacking "privacy" for a networked world

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A Privacy Awareness System for Ubiquitous Computing Environments

UbiComp '02 Proceedings of the 4th international conference on Ubiquitous Computing
Security and Privacy Requirements Analysis within a Social Setting

RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Privacy and trust issues with invisible computers

Communications of the ACM - The disappearing computer
Reasoning about confidentiality at requirements engineering time

Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Privacy and Contextual Integrity: Framework and Applications

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Information flow security in Boundary Ambients

Information and Computation
The temporal logic of programs

SFCS '77 Proceedings of the 18th Annual Symposium on Foundations of Computer Science
Addressing privacy requirements in system design: the PriS method

Requirements Engineering
Engineering Privacy

IEEE Transactions on Software Engineering
A survey of context modelling and reasoning techniques

Pervasive and Mobile Computing
Networks: An Introduction

Networks: An Introduction
Awareness requirements for adaptive systems

Proceedings of the 6th International Symposium on Software Engineering for Adaptive and Self-Managing Systems
Multi-agent simulation and netLogo in the introductory computer science curriculum

Journal of Computing Sciences in Colleges
A requirements-based approach for the design of adaptive systems

Proceedings of the 34th International Conference on Software Engineering
Caprice: a tool for engineering adaptive privacy

Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
Privacy arguments: Analysing selective disclosure requirements for mobile applications

RE '12 Proceedings of the 2012 IEEE 20th International Requirements Engineering Conference (RE)

Quantified Score

Hi-index	0.00

Visualization

Abstract

Applications that continuously gather and disclose personal information about users are increasingly common. While disclosing this information may be essential for these applications to function, it may also raise privacy concerns. Partly, this is due to frequently changing context that introduces new privacy threats, and makes it difficult to continuously satisfy privacy requirements. To address this problem, applications may need to adapt in order to manage changing privacy concerns. Thus, we propose a framework that exploits the notion of privacy awareness requirements to identify runtime privacy properties to satisfy. These properties are used to support disclosure decision making by applications. Our evaluations suggest that applications that fail to satisfy privacy awareness requirements cannot regulate users information disclosure. We also observe that the satisfaction of privacy awareness requirements is useful to users aiming to minimise exposure to privacy threats, and to users aiming to maximise functional benefits amidst increasing threat severity.