Project Seminar: Privacy in smartphone ecosystems
|Type of Lecture:
Content of the Course
§ Basic understanding of privacy and privacy enhancing technologies(LGBWL-1)
§ Basic understanding of privacy risk communication (LGBWL-1)
§ Basic understanding of technological and legal frameworks to prevent digital privacy threats to individuals (LGBWL-1)
Smartphone apps provide utility to their users by providing personalized and context-sensitive services. To achieve this, smartphone platforms provide those apps with access to a multiplicity of sensitive resources on the device e.g., device information, geolocation data, and user behavior information obtained from sensors. This capability however, poses important risks in regard to user privacy, especially considering that apps do not provide an appropriate level of transparency related to sensitive information processing.
The objective of this research project is to perform an extensive analysis of the state of the art in which different methodologies will be analyzed. Novel approaches will be investigated, and evaluated, specifically those emphasizing on understanding aspects such as context of app usage and purpose and functionality of apps when assessing their privacy properties.
Each project will be implemented by a group of students and will be focused on a specific perspective of the problem. Students focusing on the technical aspects are expected to have basic skills in
Students from Business informatics can get an additional task in order to reach the required 13 credits points.
The subtopics included in the project seminar are described below:
Topic 1: “Assessing privacy of smartphone apps through user comments”
This project will analyze state of the art approaches focused on assessing the security and privacy of smartphones apps using user (reviews)comments, and will develop a tool to support users in reporting privacy related issues of apps. The developed tool should then be validated through a user study.
Topic 2: “Understanding user’s privacy risk perception” (nontechnical)
This project will investigate the behavior of users regarding their perception of privacy risks and their willingness to report anomalous privacy related behavior of apps. This project is focused on the execution of a two phase user study. The user study has already been designed, therefore, the team is expected to collect and analyze the collected data.
Topic 3: “Assessing and comparing privacy risk of smartphone apps through the analysis of metadata”
This project will investigate the most common set of permission needed by apps within a number of categories and compare them according to theirprivacy risk/friendliness declared behavior.
Topic 4: “Privacy risk indicators for smartphone apps” (nontechnical)
The important aspect of this project is to clarify the psychological influences on the privacy indicators in smartphone apps (from both the application developers' and users' point of views).
The first one is the exam which covers one third of the final grade and takes place on January 10th 2018 (see Exam section of the project web page of the chair).
The second part is producing a report of the project seminar work (one third of the final grade) due on January 17th 2018
The third part is the presentation of results, which will take place on January 31st 2018 9:00-18:00 RuW 2.202 (one third of the final grade).
The first introductory presentation (kick-off) will take place on October 18th 2017 10:00-12:00 RuW room 2.202
Follow up meetings every two Mondays from October to December.
The final presentation will take place on January 31st 2018 9:00-18:00 RuW 2.202
Type of Examination
• written exam of 90 minutes duration (1/3)
• presentation of the project results (1/3)
• final report: summary of the project results 50-70 pages (1/3)
Each partial requirement needs to be passed with a grade of 4.0 or better.
Date: January 10th 2018
Time: 10:00 - 12:00
Room: RuW 2.202