Chicago, IL, USA USA
Sept. 24, 2012 to Sept. 28, 2012
Bashar Nuseibeh , The Open University, UK
Privacy requirements for mobile applications offer a distinct set of challenges for requirements engineering. First, they are highly dynamic, changing over time and locations, and across the different roles of agents involved and the kinds of information that may be disclosed. Second, although some general privacy requirements can be elicited a priori, users often refine them at runtime as they interact with the system and its environment. Selectively disclosing information to appropriate agents is therefore a key privacy management challenge, requiring carefully formulated privacy requirements amenable to systematic reasoning. In this paper, we introduce privacy arguments as a means of analysing privacy requirements in general and selective disclosure requirements (that are both content- and context-sensitive) in particular. Privacy arguments allow individual users to express personal preferences, which are then used to reason about privacy for each user under different contexts. At runtime, these arguments provide a way to reason about requirements satisfaction and diagnosis. Our proposed approach is demonstrated and evaluated using the privacy requirements of BuddyTracker, a mobile application we developed as part of our overall research programme.
mobile applications, privacy arguments, privacy requirements
Bashar Nuseibeh, "Privacy arguments: Analysing selective disclosure requirements for mobile applications", RE, 2012, 2013 21st IEEE International Requirements Engineering Conference (RE), 2013 21st IEEE International Requirements Engineering Conference (RE) 2012, pp. 131-140, doi:10.1109/RE.2012.6345797