基于格的社交网络隐私策略上下文完整性分析

2021 IEEE 29th International Requirements Engineering Conference Workshops (REW) Pub Date : 2021-09-01 DOI:10.1109/REW53955.2021.00070

Stephen Kaplan, Dylan Bulmer, Avery Gosselin, S. Ghanavati

{"title":"基于格的社交网络隐私策略上下文完整性分析","authors":"Stephen Kaplan, Dylan Bulmer, Avery Gosselin, S. Ghanavati","doi":"10.1109/REW53955.2021.00070","DOIUrl":null,"url":null,"abstract":"More than four billion users use online social networks (OSNs) and integrate themselves into their ecosystems. Consequently, these users are increasingly tasked with understanding the implications of their consenting to the privacy practices of OSNs via privacy policies. However, privacy policies are often vague and confusing to users, leading to misconceptions and gaps in users’ understanding of privacy practices. In this paper, we propose the Lattice-Based Contextual Integrity Analysis (LCIA) framework to help make quantitative determinations about how likely an OSN’s privacy policy is to mislead users with regard to its information flow practices, relative to other OSNs. We evaluated LCIA with 13 OSNs’ privacy policies and identified that OSNs with more privacy-violating information flow practices are more likely to mislead users through ambiguous statements, thereby exposing them to greater privacy risk.","PeriodicalId":393646,"journal":{"name":"2021 IEEE 29th International Requirements Engineering Conference Workshops (REW)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Lattice-based Contextual Integrity Analysis of Social Network Privacy Policies\",\"authors\":\"Stephen Kaplan, Dylan Bulmer, Avery Gosselin, S. Ghanavati\",\"doi\":\"10.1109/REW53955.2021.00070\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"More than four billion users use online social networks (OSNs) and integrate themselves into their ecosystems. Consequently, these users are increasingly tasked with understanding the implications of their consenting to the privacy practices of OSNs via privacy policies. However, privacy policies are often vague and confusing to users, leading to misconceptions and gaps in users’ understanding of privacy practices. In this paper, we propose the Lattice-Based Contextual Integrity Analysis (LCIA) framework to help make quantitative determinations about how likely an OSN’s privacy policy is to mislead users with regard to its information flow practices, relative to other OSNs. We evaluated LCIA with 13 OSNs’ privacy policies and identified that OSNs with more privacy-violating information flow practices are more likely to mislead users through ambiguous statements, thereby exposing them to greater privacy risk.\",\"PeriodicalId\":393646,\"journal\":{\"name\":\"2021 IEEE 29th International Requirements Engineering Conference Workshops (REW)\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE 29th International Requirements Engineering Conference Workshops (REW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/REW53955.2021.00070\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 29th International Requirements Engineering Conference Workshops (REW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/REW53955.2021.00070","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

超过40亿用户使用在线社交网络(osn)，并将自己融入其生态系统。因此，这些用户越来越需要理解他们通过隐私政策同意osn的隐私实践的含义。然而，隐私政策往往含糊不清，让用户感到困惑，导致用户对隐私实践的理解存在误解和差距。在本文中，我们提出了基于格的上下文完整性分析(LCIA)框架，以帮助定量确定相对于其他OSN而言，OSN的隐私策略在信息流实践方面误导用户的可能性。我们用13个osn的隐私政策对LCIA进行了评估，发现具有更多侵犯隐私信息流实践的osn更有可能通过模棱两可的声明误导用户，从而使他们面临更大的隐私风险。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Lattice-based Contextual Integrity Analysis of Social Network Privacy Policies

More than four billion users use online social networks (OSNs) and integrate themselves into their ecosystems. Consequently, these users are increasingly tasked with understanding the implications of their consenting to the privacy practices of OSNs via privacy policies. However, privacy policies are often vague and confusing to users, leading to misconceptions and gaps in users’ understanding of privacy practices. In this paper, we propose the Lattice-Based Contextual Integrity Analysis (LCIA) framework to help make quantitative determinations about how likely an OSN’s privacy policy is to mislead users with regard to its information flow practices, relative to other OSNs. We evaluated LCIA with 13 OSNs’ privacy policies and identified that OSNs with more privacy-violating information flow practices are more likely to mislead users through ambiguous statements, thereby exposing them to greater privacy risk.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 IEEE 29th International Requirements Engineering Conference Workshops (REW)

自引率

0.00%

发文量