STRuctured Analysis of Privacy (STRAP)

Leave a reply

The STRAP Framework is an iterative process that aims at the identification of privacy vulnerabilities throughout all the stages of the software development process.

  1. Design Analysis:  The whole process starts by performing a Goal-oriented analysis of the whole system. The main actors, goals and major system components are identified. They are represented in a tree diagram following a dependency hierarchy (Figure 1). Goals are represented in the circles and actors are represented with colours on each goal. For each goal we ask the following analytical questions: “What information is captured/accessed for this goal?”, “Who are the actors involved in the capture and access?”, “What knowledge is derived from this information?” and “What is done with the information afterward?”
  2. Design refinement: Once all the vulnerabilities are identified, we iterate over them and decide which ones can be eliminated and which ones can be mitigated. For example: if one vulnerability is that personal information needs to be stored in a server and it can be stolen, then the mitigation is to keep the information encrypted.
  3. Evaluation: Elaborate a set of different design that tackle the goals of the system and evaluate them. Choose the design alternative that implies a lesser impact on privacy.
  4. Iteration: As the conceptualisation of the project evolves, repeat the different steps again to make sure that all the vulnerabilities are always documented and identified. Together with the vulnerabilities, it is necessary to document the assumptions taken in the design. Before new features are added to the system, they need to be evaluated and used to update the goal tree, adding new objectives and actors as needed.
STRAP framework process

Diagram with the process of the STRAP framework

References: 

C. Jensen, J. Tullio, C. Potts, and E. D. Mynatt, “STRAP: a structured analysis framework for privacy,” 2005.
The personalization Privacy Paradox

Summary: The personalization Privacy Paradox: An Empirical Evaluation of Information Transparency and Willingness to Be Profiled Online for Personalization

Leave a reply

Naveen Farag Awad and M.S. Krishnan analyze in their article the relationship between information transparency and the willingness to partake in personalization. This analysis is done on the basis of the utility maximization theory, identifying the willingness of the user to trade personal information in exchange of some benefits with the microeconomics framework. In this case, the benefit (B) obtained from a certain commodity is the advantage that the user can obtain by using a specific service and the cost (C) which needs to be minimized is a function of different factors, including “consumer privacy concern, previous privacy invasions, consumer-rated importance of information transparency and consumer-rated importance of privacy policies).

The target is the maximization of the Utility (U) function which is as follow:

U(X) = Benefit – Cost

The dependencies among the different factors are studied from the perspective of the following research model:

This model proposes some interesting concepts, for example:

  • Consumer-rated importance of information transparency increases with increased general consumer privacy concern level.
  • Consumer-rated importance of information transparency increased with consumers who have previously had previously had their privacy invaded online.

According to the classification of frameworks proposed by Iachello, this study could be considered as “communitarian”, since the main objective is to provide a set of guidelines to maximize the level of satisfaction of the user, based on the results obtained, as opposed to “principled”, in which the objective is to guarantee the protection of the personal information of the end-user.