Home > Seminars > Sepideh Ghanavati - Engineering Privacy for Software, Mobile and Smart Applications

Sepideh Ghanavati - Engineering Privacy for Software, Mobile and Smart Applications

Start:

4/19/2018 at 3:30PM

End:

4/19/2018 at 4:30PM

Location:

126 DeBartolo

Host:

College of Engineering close button
headerbottom

Jane Cleland-Huang

Jane Cleland-Huang

VIEW FULL PROFILE Email: janeclelandhuang@nd.edu
Phone: 574-631-3637
Website: http://sarec.nd.edu/pages/ClelandHuang.html
Office: 354 Fitzpatrick
Software requirements traceability, software architecture, and the application of machine learning and data mining methods to address large-scale software and systems engineering problems.
Click for more information about Jane
574-631-3637
Add to calendar:
iCal vCal

In recent years, and with the rapid growth of mobile applications and smart and IoT devices, a massive amount of personal data and information has been generated, collected and shared. It is this massive growth of big data that creates new challenges – especially in the areas of privacy, security and jurisprudence – to the traditional software engineering domain. Software engineering as well as privacy and regulatory compliance research have focused on tackling some of these challenges. However, these approaches focus mainly on bounded systems with limited scope and on existing interactions between the systems a priori. In IoT devices, however, this assumption may not always be held true since many of the requirements emerge a posteriori. Hence, new approaches must be developed to systematically identify privacy, security and legal requirements, to analyze and manage ambiguities, mismatches, conflicts and inconsistencies between privacy policies, best practices and regulations with software, mobile and IoT applications and to be self-adaptive in the face of changes. In this talk, I will focus on the existing legal and privacy- and security-related challenges and discuss how my past and current research projects attempt to address some of them. In the first part of my talk, I will tackle the problem from the regulatory compliance point of view and introduce the Legal-URN framework and its algorithms which are used to extract, model and analyze legal requirements in multi-jurisdictional environments. I will also describe our novel tool-supported methods which help resolve and model intentional and unintentional ambiguities in privacy-focused regulations and then automatically generate their goal models. In the second part, I will turn the focus to the users’ and the developers’ points of view. I will present our current methods for automatically identifying and extracting features from privacy policies and report on the best algorithms for this purpose. I, then, demonstrate our approach to improve users’ understanding of privacy policies by reducing the length of policies and creating short excerpts of privacy policies in terms of notices for the IoT applications. I will further discuss our findings on the current methodologies for analyzing inconsistencies between privacy policies and the source code of applications and provide the required steps to resolve their current shortcomings. Finally, I will conclude my talk by presenting my future research plans.

Seminar Speaker:

Sepideh Ghanavati

Sepideh Ghanavati

Texas Tech University

Sepideh Ghanavati is an assistant professor at the Department of Computer Science at Texas Tech University. Her research interests lie in the areas of information privacy, computer security, requirements and software engineering and the Internet of Things (IoT). Before joining Texas Tech, she worked as a visiting assistant professor at Radboud University in Nijmegen (the Netherlands), as a visiting faculty at the Institute for Software Research at Carnegie Mellon University (USA) and as a postdoctoral research fellow at the Luxembourg Institute of Science and Technology (LIST). She received her Msc. and PhD from the University of Ottawa and her BSc. from Amirkabir University of Technology in Iran. She also has five years of industrial experience in the automobile and healthcare industries and has been the recipient of the NSF Support Grant for Junior Researchers (CNS-1257011), the Post-doctoral Marie Curie Grant (Fond Nationale de la Recherche de Luxembourg), NSERC Canada Graduate Scholarship (CGS-D) and NSERC Canada - Michael Smiths Foreign Study Supplements Program and Ontario Graduate Scholarship (OGS).