Computer Engineering and Applications ›› 2023, Vol. 59 ›› Issue (3): 1-12.DOI: 10.3778/j.issn.1002-8331.2206-0453

• Research Hotspots and Reviews • Previous Articles     Next Articles

Review of App Compliance Detection

LIU Xiaojian, PENG Yukun   

  1. College of Computer Science and Technology, Xi'an University of Science and Technology, Xi'an 710054, China
  • Online:2023-02-01 Published:2023-02-01

App合规性检测综述

刘晓建,彭玉坤   

  1. 西安科技大学 计算机科学与技术学院,西安 710054

Abstract: With the rapid growth of the number of App users, the privacy disclosure of personal information subjects has become increasingly serious. Therefore, in recent years, China has successively issued relevant legal documents on App personal privacy information security, and relevant departments have also carried out App rectification work to regulate the collection, storage and processing of App personal information. This paper summarizes the compliance problems of App. Firstly, it reveals the challenging problems of App security in China, lists the relevant regulations and policies of App issued by various levels of departments in China, and introduces the relevant measures launched by the state in App governance. Then, the App compliance detection methods are summarized, and the App compliance detection at home and abroad is divided into three categories:integrity detection, consistency detection and readability detection of App privacy policies. The three detection methods are analyzed and summarized from different dimensions and entry points. Thirdly, sorting out the domestic App compliance detecting platform and corresponding functions. Finally, the challenges that still exist in App compliance detecting are proposed, and the future development direction is prospected.

Key words: App compliance detection, privacy policy, integrity, consistency, readability

摘要: 随着App使用者数量迅速增长,个人信息主体隐私泄露问题也日渐严重。为此,近年来我国相继出台了有关App个人隐私信息安全的相关法律文件,有关部门也相继开展了App整治工作,旨在对App个人信息的采集、存储和处理等方面进行规范。综述了App合规性问题,揭示出我国App安全面临的挑战性问题,列举了我国各层次部门颁布的App相关法规和政策,并介绍了国家在App治理方面推出的相关措施;综述了App合规性检测方法,将国内外App合规性检测分成App隐私政策的完整性检测、一致性检测和可读性检测三类,并从不同维度和切入点对这三类检测方法进行了分析和总结;对国内App合规性检测平台及其相应功能进行了整理和分析;提出了App合规性检测仍存在的挑战性问题,并展望了未来的发展方向。

关键词: App合规性检测, 隐私政策, 完整性, 一致性, 可读性