Fecha
2024-01
Editor/a
Director/a
Tutor/a
Coordinador/a
Prologuista
Revisor/a
Ilustrador/a
Derechos de acceso
info:eu-repo/semantics/openAccess
Título de la revista
ISSN de la revista
Título del volumen
Editor
Springer
Resumen
The pervasive use of mobile applications and social networks has intensified privacy concerns due to the widespread collection, processing, and sharing of personal data. To address these challenges, we introduce SafeMountain, a novel AI-driven framework designed to systematically quantify, evaluate, and visualize privacy risks in mobile apps and social platforms, ensuring strict compliance with international regulations, particularly the General Data Protection Regulation (GDPR). SafeMountain combines static and dynamic code analyses to scrutinize real-world data handling practices and detect potential privacy breaches. It also employs advanced Natural Language Processing (NLP) techniques for automated interpretation and evaluation of privacy policies and Terms of Service. By mapping textual policy disclosures to actual app permissions and behaviors, it identifies discrepancies and highlights potential non-compliance and data misuse. The framework introduces an objective risk scoring mechanism aligned with international standards and regulatory requirements, offering a structured methodology to classify and visualize privacy risks. This risk assessment spans multiple dimensions (predictability, manageability, and disassociability) leveraging privacy engineering principles and regulatory risk factors, and uses an intuitive traffic-light system (Green, Yellow, Red) to enhance transparency and user comprehension. SafeMountain addresses major research gaps, notably the absence of standardized privacy risk scoring and comprehensive visualization tools. By delivering actionable insights into permission consistency, policy transparency, compliance gaps, and data leakage vulnerabilities, it empowers users, developers, and organizations to manage privacy risks proactively. Ultimately, SafeMountain fosters trust through more transparent and accountable data privacy practices across digital ecosystems.
Descripción
Este artículo ha sido aceptado para su publicación en Cluster Computing, The Journal of Networks, Software Tools and Applications, Springer (JCR 2024: Q1).
This article has been accepted for publication in Cluster Computing, The Journal of Networks, Software Tools and Applications, Springer (JCR 2024: Q1)
Categorías UNESCO
Palabras clave
SafeMountain, Automated Privacy Risk, Mobile Apps, AI Techniques, PRISMA Methodology, Data Privacy, Privacy Risk Framework, Social Networks Privacy
Citación
Daniel Blanco-Aza, Antonio Robles-Gómez, Rafael Pastor-Vargas, Llanos Tobarra, Pedro Vidal-Balboa, Mariano Méndez-Suárez Cluster Computing, The Journal of Networks, Software Tools and Applications, Springer (JCR 2024: Q1)
Centro
E.T.S. de Ingeniería Informática
Departamento
Sistemas De Comunicación y Control