End-User Regression Testing for Privacy
نویسندگان
چکیده
Privacy in social computing systems has become a major concern. End-users of such systems find it increasingly hard to understand complex privacy settings. As software evolves over time, this might introduce bugs that breach users’ privacy. Further, there might be system-wide policy changes that could change users’ settings to be more or less private than before. We present a novel technique that can be used by end-users for detecting changes in privacy, i.e., regression testing for privacy. Using a social approach for detecting privacy bugs, we present two prototype tools. Our evaluation shows the feasibility and utility of our approach for detecting privacy bugs. We highlight two interesting case studies on the bugs that were discovered using our tools. To the best of our knowledge, this is the first technique that leverages regression testing for detecting privacy bugs from an end-user perspective.
منابع مشابه
Factors in an end user security expertise instrument
Purpose – The purpose of this study is to identify factors that determine computer and security expertise in end users. They can be significant determinants of human behaviour and interactions in the security and privacy context. Standardized, externally valid instruments for measuring end-user security expertise are non-existent. Design/methodology/approach – A questionnaire encompassing skill...
متن کاملWhat Can Johnny Do?–Factors in an End-User Expertise Instrument
Security and computer expertise of end users can be significant predictors of user behaviour and interactions in the security and privacy context. Standardized, externally valid instruments for measuring end-user security expertise are non-existent. To address this need, we developed a questionnaire to identify critical factors that constitute expertise in end-users. It combines skills and know...
متن کاملA Privacy-Aware, Decentralized, End-to-End, CFG-based Regression Test Selection Framework for Web Services using only Local Information
Web services are composable, interoperable, and autonomous which means that a single web service interaction could involve services written in several different languages provided by several different service providers. Such interactions hamper the development of RTS techniques because RTS techniques generally require some form of implementation details which service providers in separate auton...
متن کاملAnalysis the privacy statement of the American Public Libraries and provide privacy statement for public libraries in Iran
Aim: The purpose of this study was to review the privacy statement of the American top public libraries and provide privacy statement for users of public libraries in Iran. Method: The research method is a combination of descriptive survey and Delphi library. The research community consisted of 25 American public libraries based on the rankings of the American Library Association's libraries. T...
متن کاملAttribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012