Privacy requirements of social networking services
Anwar, Muhammad (2016)
Anwar, Muhammad
2016
MDP in Software Development
Informaatiotieteiden yksikkö - School of Information Sciences
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Hyväksymispäivämäärä
2016-06-07
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:uta-201608032118
https://urn.fi/URN:NBN:fi:uta-201608032118
Tiivistelmä
Users privacy in the setting of an open internet environment, combined with a social networking environment has increased privacy related vulnerabilities. Privacy vulnerability represents the flaws in an environment or the lack of security from service providers to prevent privacy problems beforehand. Failure to protect user privacy could increase the chances that users data would be transferred without consent, duplicated, shared or used in an inappropriate context. Social networking services (SNS) mostly rely on user data to operate properly, user data can be provided by user, can be collected from alternate sources, or could be requested by SNS themselves. Data shared by the user may contain personal information, and inappropriate use of that personally identified information (PII) is the main concern in this study.
This study aims at analyzing privacy vulnerabilities in a social media context. The study explores vulnerabilities and privacy policies, and falls in the category of qualitative research. A method to analyze risk imposed by each vulnerability is also discussed at the end of this study. These heuristics are outcome of analysis of various privacy related concepts and privacy taxonomy proposed by Anton (2004). Individual interviews were also carried out to validate findings of this research where developers were asked questions related to privacy vulnerabilities extracted from Facebook privacy policies and other available documents.
The outcome of this research highlights the use of goal based requirement analysis method to evaluate requirements and to determine amount of vulnerabilities related to Facebook and also how the vulnerabilities can be narrowed down. Considering the original study by Anton (2004) was designed for e-commerce websites, some elements had to be modified to suit social networking services where data sharing and data transfer are the core features of the service.
This study aims at analyzing privacy vulnerabilities in a social media context. The study explores vulnerabilities and privacy policies, and falls in the category of qualitative research. A method to analyze risk imposed by each vulnerability is also discussed at the end of this study. These heuristics are outcome of analysis of various privacy related concepts and privacy taxonomy proposed by Anton (2004). Individual interviews were also carried out to validate findings of this research where developers were asked questions related to privacy vulnerabilities extracted from Facebook privacy policies and other available documents.
The outcome of this research highlights the use of goal based requirement analysis method to evaluate requirements and to determine amount of vulnerabilities related to Facebook and also how the vulnerabilities can be narrowed down. Considering the original study by Anton (2004) was designed for e-commerce websites, some elements had to be modified to suit social networking services where data sharing and data transfer are the core features of the service.