Distilling Privacy Requirements for Mobile Applications

Thomas, Keerthi; Bandara, Arosha K.; Price, Blaine A. and Nuseibeh, Bashar (2014). Distilling Privacy Requirements for Mobile Applications. In: 36th International Conference on Software Engineering (ICSE 2014), 31 May - 7 Jun 2014, Hyderabad, India.

URL: http://2014.icse-conferences.org/


As mobile computing applications have become commonplace, it is increasingly important for them to address end-users’ privacy requirements. Privacy requirements depend on a number of contextual socio-cultural factors to which mobility adds another level of contextual variation. However, traditional requirements elicitation methods do not sufficiently account for contextual factors and therefore cannot be used effectively to represent and analyse the privacy requirements of mobile end users. On the other hand, methods that do investigate contextual factors tend to produce data that does not lend itself to the process of requirements extraction. To address this problem we have developed a Privacy Requirements Distillation approach that employs a problem analysis framework to extract and refine privacy requirements for mobile applications from raw data gathered through empirical studies involving end users. Our approach introduces privacy facets that capture patterns of privacy concerns which are matched against the raw data. We demonstrate and evaluate our approach using qualitative data from an empirical study of a mobile social networking application.

Viewing alternatives

Download history

Item Actions