Privacy has long been an important issue for IT systems that handle personal information, and is further aggravated as technology for collecting and analyzing massive amounts of data is becoming increasingly effective. There are methods to help practitioners analyze the privacy implications of a system during the design time. However, this is still a difficult task, especially when dealing with Internet of Things scenarios. The problem of privacy can become even more unmanageable with the introduction of overspecifications during the system development life cycle. In this paper, we carried out a controlled experiment with students performing an analysis of privacy implications using two different methods. One method aims at reducing the impact of overspecifications through the application of a goal-oriented analysis. The other method does not involve a goal-oriented analysis and is used as a control. Our initial findings show that conducting a goal-oriented analysis early during design time can have a positive impact over the privacy friendliness of the resulting system.
Handling users' privacy in ubiquitous systems is a difficult challenge. Many frameworks have been proposed to analyse the problems of privacy in a world with computers resembling typewriters. However, as the world evolves towards a proliferation of invisible computers, we see that the classical approaches are insufficient. Designers and developers need tools to help them better understand how to mitigate privacy threats in such complex systems. In our approach, the privacy aware transmission highway (PATH) framework, we address privacy threats originated as the result of the interaction between users and ubiquitous computing systems. We analyse the reasons why these privacy threats occur and propose a method to decompose the complex and abstract problem of privacy into more manageable sub-problems. An evaluation has been conducted with experts and students to validate the applicability of the framework.
Handling users' privacy in ubiquitous systems is a difficult challenge. Many frameworks have been proposed to analyse the problems of privacy in a world with computers resembling typewriters. However, as the world evolves towards a proliferation of invisible computers, we see that the classical approaches are insufficient. Designers and developers need tools to help them better understand how to mitigate privacy threats in such complex systems. In our approach, the privacy aware transmission highway (PATH) framework, we address privacy threats originated as the result of the interaction between users and ubiquitous computing systems. We analyse the reasons why these privacy threats occur and propose a method to decompose the complex and abstract problem of privacy into more manageable sub-problems. An evaluation has been conducted with experts and students to validate the applicability of the framework.
Developing ubiquitous computing systems in compliance with the data protection regulation is a difficult task. The European General Data Protection Regulation requests system developers to apply a privacy-by-design methodology and perform privacy impact assessments throughout the whole development life-cycle. Our proposal is a software assisted process framework that facilitates the analysis of privacy implications in ubiquitous computing systems. This software has been evaluated with students and ubicomp experts.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.