面向选择退出权的移动应用隐私合规分析方法  

Opt-out Right Oriented Privacy Compliance Analysis Method in Mobile Applications

在线阅读下载全文

作  者:杜小林 杨哲慜[1,2] DU Xiaolin;YANG Zhemin(Software School,Fudan University,Shanghai 200438,China;School of Computer Science,Fudan University,Shanghai 200438,China)

机构地区:[1]复旦大学软件学院,上海200438 [2]复旦大学计算机科学技术学院,上海200438

出  处:《小型微型计算机系统》2024年第8期1953-1959,共7页Journal of Chinese Computer Systems

基  金:国家自然科学基金项目(62172104)资助.

摘  要:近年来,法律法规中规定了用户享有退出数据共享等特定数据实践的权利,即选择退出权.为保障该权利,应用在进行数据实践时需提供相应的退出选项.然而,现有工作主要关注网页,而忽略了移动应用对选择退出权的遵从情况.本文首次提出应用是否提供了符合其数据实践的选择退出选项这一隐私合规问题.针对该问题,本文设计了一种融合布局结构特征、语义特征以及代码行为特征的隐私合规分析方法.该方法通过布局结构分析和语义分析精准识别应用中的选择退出选项,通过静态程序分析检测应用数据实践行为,最后基于本体检查两者间的一致性来评估应用合规性.实验表明,该方法准确率达91.23%,平均耗时200.98秒,证实了其有效性与可用性.In recent years,regulations have stipulated the right to opt out,allowing users to exclude themselves from specific data practices such as data sharing.To safeguard this privacy right,mobile applications(apps)should provide opt-out options when engaging in specific data practices.However,previous studies have predominantly focused on websites’compliance with the right to opt out,leaving the compliance of mobile apps largely unexplored.This paper proposes a privacy compliance issue related to whether mobile apps provide opt-out options consistent with their data practices.To address this issue,this paper presents a privacy compliance analysis method that integrates layout structure characteristics,semantic characteristics,and code behaviors.This method accurately identifies opt-out options through layout structure and semantic analysis,detects an app′s data practices through static program analysis,and performs an ontology-based consistency check to evaluate the app′s compliance.Experimental results indicate that this method achieves an accuracy rate of 91.23%and an average time consumption of 200.98 seconds,demonstrating its effectiveness and usability.

关 键 词:选择退出权 隐私合规 安卓应用 通用数据保护条例 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象