Analyzing Privacy Policies Based on a Privacy-Aware Profile: The Facebook and LinkedIn Case Studies

2015 IEEE 17th Conference on Business Informatics Pub Date : 2015-07-13 DOI:10.1109/CBI.2015.44

João Caramujo, A. Silva

{"title":"Analyzing Privacy Policies Based on a Privacy-Aware Profile: The Facebook and LinkedIn Case Studies","authors":"João Caramujo, A. Silva","doi":"10.1109/CBI.2015.44","DOIUrl":null,"url":null,"abstract":"The regular use of social networking websites and applications encompasses the collection and retention of personal and very often sensitive information about users. This information needs to remain private and each social network owns a privacy policy that describes in-depth how users' information is managed and disclosed. Problems arise when the development of new systems and applications includes an integration with social networks. The lack of clear understanding and a precise mechanism to enforce the statements described in privacy policies can compromise the development and adaptation of these statements. This paper proposes the extension and validation of a UML profile for privacy-aware systems. The goal of this approach is to provide a better understanding of the different privacy-related requirements for improving privacy policies enforcement when developing systems or applications integrated with social networks. Additionally, to illustrate the potential of this profile, the paper presents and discusses its application with two real world case studies - the Facebook and Linked In policies - which are well structured and represented through two respective Excel files.","PeriodicalId":238097,"journal":{"name":"2015 IEEE 17th Conference on Business Informatics","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 17th Conference on Business Informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CBI.2015.44","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 30

Abstract

The regular use of social networking websites and applications encompasses the collection and retention of personal and very often sensitive information about users. This information needs to remain private and each social network owns a privacy policy that describes in-depth how users' information is managed and disclosed. Problems arise when the development of new systems and applications includes an integration with social networks. The lack of clear understanding and a precise mechanism to enforce the statements described in privacy policies can compromise the development and adaptation of these statements. This paper proposes the extension and validation of a UML profile for privacy-aware systems. The goal of this approach is to provide a better understanding of the different privacy-related requirements for improving privacy policies enforcement when developing systems or applications integrated with social networks. Additionally, to illustrate the potential of this profile, the paper presents and discusses its application with two real world case studies - the Facebook and Linked In policies - which are well structured and represented through two respective Excel files.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于隐私意识配置文件的隐私政策分析:Facebook和LinkedIn案例研究

社交网站和应用程序的常规使用包括收集和保留用户的个人信息，而且通常是敏感信息。这些信息需要保持私密性，每个社交网络都有隐私政策，该政策深入描述了如何管理和披露用户信息。当新系统和应用程序的开发包括与社会网络的集成时，问题就出现了。缺乏清晰的理解和精确的机制来执行隐私策略中描述的声明，可能会影响这些声明的开发和调整。本文提出了一个用于隐私感知系统的UML概要文件的扩展和验证。此方法的目标是在开发与社交网络集成的系统或应用程序时，更好地理解与隐私相关的不同需求，从而改进隐私策略的实施。此外，为了说明该配置文件的潜力，本文通过两个现实世界的案例研究(Facebook和Linked In政策)展示并讨论了其应用，这两个案例研究通过两个各自的Excel文件进行了良好的结构和表示。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2015 IEEE 17th Conference on Business Informatics

自引率

0.00%

发文量