Chair of Mobile Business & Multilateral Security

Project Seminar: Privacy in smartphone ecosystems 


Basic Information
Type of Lecture: Seminar
Course: Master
Hours/Week: 10
Credit Points: 12
Language: English
Term: Winter 2017/2018
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.



Content of the Course


Learning goals
§ Basic understanding of privacy and privacy enhancing technologies(LGBWL-1)
§ Basic understanding of privacy risk communication (LGBWL-1)
§ Basic understanding of technological and legal frameworks to prevent digital privacy threats to individuals (LGBWL-1)

Smartphone apps provide utility to their users by providing personalized and context-sensitive services. To achieve this, smartphone platforms provide those apps with access to a multiplicity of sensitive resources on the device e.g., device information, geolocation data, and user behavior information obtained from sensors. This capability however, poses important risks in regard to user privacy, especially considering that apps do not provide an appropriate level of transparency related to sensitive information processing.

The objective of this research project is to perform an extensive analysis of the state of the art in which different methodologies will be analyzed. Novel approaches will be investigated, and evaluated, specifically those emphasizing on understanding aspects such as context of app usage and purpose and functionality of apps when assessing their privacy properties.

Each project will be implemented by a group of students and will be focused on a specific perspective of the problem. Students focusing on the technical aspects are expected to have basic skills in

Students from Business informatics can get an additional task in order to reach the required 13 credits points.

The subtopics included in the project seminar are described below:
Topic 1: “Assessing privacy of smartphone apps through user comments”
This project will analyze state of the art approaches focused on assessing the security and privacy of smartphones apps using user (reviews)comments, and will develop a tool to support users in  reporting privacy related issues of apps. The developed tool should then be validated through a user study.
Topic 2: “Understanding user’s privacy risk perception” (nontechnical)
This project will investigate the behavior of users regarding their perception of privacy risks and their willingness to report anomalous privacy related behavior of apps. This project is focused on the execution of a two phase user study. The user study has already been designed, therefore, the team is expected to collect and analyze the collected data.
Topic 3: “Assessing and comparing privacy risk of smartphone apps through the analysis of metadata”
This project will investigate the most common set of permission needed by apps within a number of categories and compare them according to theirprivacy risk/friendliness declared behavior.
Topic 4: “Privacy risk indicators for smartphone apps” (nontechnical)
The important aspect of this project is to clarify the psychological influences on the privacy indicators in smartphone apps (from both the application developers' and users' point of views).

Kick-off slides: Introduction to the project seminar



This project seminar consists of three administrative parts:
The first one is the exam which covers one third of the final grade and  takes place on January 10th 2018 (see Exam section of the project web page of the chair).
The second part is producing a report of the project seminar work (one third of the final grade) due on January 17th 2018
The third part is the presentation of results, which will take place on January 31st 2018 9:00-18:00 RuW 2.202 (one third of the final grade).

The first introductory presentation (kick-off) will take place on October 18th 2017 10:00-12:00 RuW room 2.202

Follow up meetings every two Mondays from October to December.

The final presentation will take place on January 31st 2018 9:00-18:00 RuW 2.202


The course registration is mandatory and will take place electronically via (registration section of the project seminar) within the period 2nd to 11th of October. The maximum number of students allowed for this project seminar is 12 and the seminar participants will be chosen by the first-come first-served principle. If the maximum number of students is exceeded, the registration system will offer a waiting list for further potential participants. Once the registration deadline has expired, all course applicants will be notified via email about their final registration status.
The course registration does not replace the examination registration, which is needed to finally get graded in this course.
Examination registration and withdrawal takes place within the period 12th to 25th of October 2017. Students will have to sign the examination registration list during the organizational Meeting (kick-off meeting).
Please indicate your topic of preference

Maximum participants:



Type of Examination
• written exam of 90 minutes duration (1/3)
• presentation of the project results (1/3)
• final report: summary of the project results 50-70 pages (1/3)

Each partial requirement needs to be passed with a grade of 4.0 or better.

Date: January 10th 2018
Time: 10:00 - 12:00
Room: RuW 2.202