A Semi-Automated HTTP Traffic Analysis for Online Payments for Empowering Security, Forensics and Privacy Analysis

Ezennaya-Gomez, Salatiel; Kiltz, Stefan; Kraetzer, Christian; Dittmann, Jana

doi:10.1145/3465481.3470114

Cited by 1 publication

(1 citation statement)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, depending on the business purpose of the embedded organization, e.g., Advertising, the API may establish a connection to servers of another organization, called X, which is not involved in the payment process. This action triggers the installation of another embedded digital agent of the organizationX in the user's device, as it is shown in a recent study on online payment traffic analysis in [9]. When the app has third-party trackers, i.e., one or more embedded digital agent(s), at least technical/metadata data about the device where the app is installed, its functions, plus information about which app has invoked that tracker, are sent to these new embedded organization(s).…”

Section: An Exemplary Use Case Applicationmentioning

confidence: 91%

A Semantic Model for Embracing Privacy as Contextual Integrity in the Internet of Things (Short Paper)

Ezennaya-Gomez

Vielhauer

Dittmann

2022

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Due to the increasing number of complaints alleging privacy violations against companies to data protection authorities, the translation of business goals to system design goals and the subsequent consequences for customers’ privacy poses a challenge for many companies. For this reason, there is a need to bridge the economics of privacy and threats to privacy. To this end, our work relies on the concept of privacy as contextual integrity. This framework defines privacy as appropriate information flows subjected to social norms within particular social contexts or spheres. In this paper, we introduce a preliminary version of a semantic model which aims to relate and provide understanding on how well-established business goals may affect their customers’ privacy by designing IoT devices with permission access, data acquired by sensors, among other factors. Finally, we provide a use case application showing how to use the semantic model. The model aims to be an educational tool for professionals in business informatics during the modeling and designing process of a product which may gather sensitive data or may infer sensitive information, giving an understanding of the interaction of the product and its footprint with diverse actors (humans or machines). In the future, a further complete model of the presented may also target other groups, such as law enforcement bodies, as part of their educational training in such systems.

show abstract

Section: An Exemplary Use Case Applicationmentioning

confidence: 91%