Privacy and Security in Multi-modal User Interface Modeling for Social Media
Privacy and Security in Mul1-‐modal User Interface Modeling for Social Media Mohamed Bourimi1,3, Ricardo Tesoriero2, Pedro G. Villanueva2, Fa<h Karatas1, Philipp Schwarte1 1University of Siegen, Chair for IT Security, Germany 2Compu1ng Systems Department. University of Cas1lla-‐La Mancha, Spain 3FernUniversität in Hagen, Coopera1ve Systems Group, Germany
Overview § Background and Mo2va2on § Problem Statement(s) § Requirements Analysis § Proposed Approach § Example § Eclipse Security Model Editor § Future Work and Conclusion
Background and Mo2va2on § Interdisciplinary research becoming more important in the area of Social Media (Modeling): 1. Human-‐Comupter Interac2on (HCI) è Usability Engineering 2. Groupware and Social SoQware è Distributed Systems SoQware Engineering Suppor2ng Collabora2on 3. Privacy and Security Engineering § Modeling as one of the important steps in the SoQware Engineering Process could help in considering the requirements : • Early Enforcement (Bourimi et al. AFFINE methodology, HCSE2010) • Adequately by considering social factors, too! (which is not part of other business domains)
Abuses, risks and threats when using Social Media! § Scandals are becoming ordinary (due to accidental or/and inten2onal abuses) with fatal consequences in some situa2ons!! § Iden2ﬁca2on remains possible with an error rate of just 12% (Narayanan&Shama2kov 2009) § Many other examples for loosing privacy and evolving risks and threats ..
Problem Statement(s) § General problem statement: Improving the modeling of systems suppor<ng social interac<on in general (considering all involved research ﬁelds togetherè Targe<ng Synergy Eﬀect) § Speciﬁc problem statement (here): Using standard(s) for eﬃcient support of generated user interfaces by considering mul<-‐modality (Web, Mobile, Desktop etc.) when using social media systems (e.g., for evalua<on based research, frequent provision/adap<on of prototypes is needed!)
Requirements Analysis: „SocialTV Case Study“ § “Perfect Labor” in our case: SocialTV interdisciplinary project running since 2009 (presented @SocialCom 2010) èhQp://www.uni-‐siegen.de/T5/itsec/forschung/projekte/socialtv.html
Requirements Analysis: Further Gathered Requirements § R1: Reﬂec2ng realis2c SocialTV situa2ons (individual and group interac2ons) § R2: Allowing for ﬂexible parallel interac2on of the involved people § R3: Flexibility in terms of costs emerging from adapta2ons to new situa2ons and tests § R4: Suppor2ng thereby secure and privacy-‐ preserving interac2on
Approach § Approach is based on same technologies we use for development of context-‐aware applica2ons for ubiquitous compu2ng environments using the Model-‐Driven Architecture (MDA): • Metamodling and UsiXML (Cameleon Reference Framework) • Eclipse • For Security/Privacy è Security Metamodel (next slide)
Current State: Security Modeling Editor § Developed using the Eclipse plahorm as a plugin • EMF • GMF § As consequence • Metamodels in ECORE format • Models in XMI (OMG standard for model representa2ons) § Main Advantage • Genera2on of a plahorm independent security models § OCL Model Valida2on (i.e. Aiributes) § MOFScript (Model 2 Text transforma2on)
First Results (Modeling) § In total, we conducted interviews, walkthroughs and collected ﬁrst usage experiences of the current modeling framework (including the ﬁrst primi2ve version of the Security Metamodeling Eclipse-‐based Editor) with 21 par2cipants from the educa2onal and industrial ﬁeld § We are currently suppor2ng various widgets such as ﬁelds for entering diﬀerent data (e.g., username and password), combo boxes, etc. (Oﬃcial Status will be announced this week in a presenta2on for OMG)
Experiences (for Current Status) § Requirements resulted/s2ll resul2ng mainly from interdisciplinary research projects è Students and researchers working together in academic evalua2on! § We received wishes for improvements from industrial contacts and partners in other projects è Interac2ve TV por2ng (s2ll needing access to special HW suppor2ng our technologies such as TVs suppor2ng HTML5 or Android Plahorm)
Future work and conclusion § Future work is primarily focused on: • Improving the Security Metamodel by adding itera2vely further security and privacy requirements! • Improving the used Security Metamodling Editor for easing the modeling of related design/modeling/ development tasks § This needs improving the underlying UsiXML framework which is in evolu2on for the moment for mee2ng standards (OMG / W3C proposals submiied!)
Thank you for your attention! Privacy and Security in Mul1-‐modal User Interface Modeling for Social Media Bourimi@wiwi.uni-‐siegen.de Mohamed.Bourimi@fernuni-‐hagen.de
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.