Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/59864

No Risk, More Fun! Automating Breach of Confidentiality Risk Assessment for Android Mobile Health Applications

File Size Format  
0424.pdf 318.84 kB Adobe PDF View/Open

Item Summary

Title:No Risk, More Fun! Automating Breach of Confidentiality Risk Assessment for Android Mobile Health Applications
Authors:Brüggemann, Thomas
Dehling, Tobias
Sunyaev, Ali
Keywords:Security and Privacy Challenges in Healthcare
Information Technology in Healthcare
static code analysis, breach of confidentiality, privacy violation, mHealth, mobile health
Date Issued:08 Jan 2019
Abstract:With the rapidly rising number of mobile health (mHealth) applications (apps), it is unfeasible to manually review mHealth apps for information privacy risks. One salient information privacy risk of mHealth apps are confidentiality breaches. We explore whether and how static code analysis is a feasible technology for app review automation. Evaluation of our research prototype shows that, on average, our prototype detected one breach of confidentiality risk more than human reviewers. Contributions are the demonstration that static code analysis is a feasible technology for detection of confidentiality breaches in mHealth apps, the derivation of eight generic design patterns for confidentiality breach risk assessments, and the identification of architectural challenges that need to be resolved for wide-spread dissemination of breach of confidentiality risk assessment tools. In terms of effectiveness, humans still outperform computers. However, we build a foundation for leveraging computation power to scale up breach of confidentiality risk assessments.
Pages/Duration:10 pages
URI:http://hdl.handle.net/10125/59864
ISBN:978-0-9981331-2-6
DOI:10.24251/HICSS.2019.515
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
https://creativecommons.org/licenses/by-nc-nd/4.0/
Appears in Collections: Security and Privacy Challenges in Healthcare


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons