CII Forschungsgruppe auf der HICSS 2019/en: Unterschied zwischen den Versionen

Aus Aifbportal
Wechseln zu:Navigation, Suche
Zeile 9: Zeile 9:
<br><br>Further Informationen:
<br><br>Further Informationen:
[[Critical Information Infrastructures|« Zurück zu Critical Information Infrastructures]]
[[Critical Information Infrastructures|« Back to Critical Information Infrastructures]]

Version vom 5. September 2018, 09:02 Uhr

CII Research Group at HICSS 2019


One paper of the CII research group has been accepted at the Hawaii International Conference on System Sciences, which will take place January 8-11, 2019 in Wailea, Maui.

No Risk, More Fun! Automating Breach of Confidentiality Risk Assessment for Android Mobile Health Applications
Autoren: Thomas Brüggemann, Tobias Dehling, Ali Sunyaev
Abstract: With the rapidly rising number of mobile health (mHealth) applications (apps), it is unfeasible to manually review mHealth apps for information privacy risks. One salient information privacy risk of mHealth apps are confidentiality breaches. We explore whether and how static code analysis is a feasible technology for app review automation. Evaluation of our research prototype shows that, on average, our prototype detected one breach of confidentiality risk more than human reviewers. Contributions are the demonstration that static code analysis is a feasible technology for detection of confidentiality breaches in mHealth apps, the derivation of eight generic design patterns for confidentiality breach risk assessments, and the identification of architectural challenges that need to be resolved for wide-spread dissemination of breach of confidentiality risk assessment tools. In terms of effectiveness, humans still outperform computers. However, we build a foundation for leveraging computation power to scale up breach of confidentiality risk assessments.

Further Informationen:

« Back to Critical Information Infrastructures