Computer Engineering and Applications ›› 2023, Vol. 59 ›› Issue (3): 1-12.DOI: 10.3778/j.issn.1002-8331.2206-0453
• Research Hotspots and Reviews • Previous Articles Next Articles
LIU Xiaojian, PENG Yukun
Online:
2023-02-01
Published:
2023-02-01
刘晓建,彭玉坤
LIU Xiaojian, PENG Yukun. Review of App Compliance Detection[J]. Computer Engineering and Applications, 2023, 59(3): 1-12.
刘晓建, 彭玉坤. App合规性检测综述[J]. 计算机工程与应用, 2023, 59(3): 1-12.
Add to citation manager EndNote|Ris|BibTeX
URL: http://cea.ceaj.org/EN/10.3778/j.issn.1002-8331.2206-0453
[1] 魏立斐,李梦思,张蕾,等.基于安全两方计算的隐私保护线性回归算法[J].计算机工程与应用,2021,57(22):139-146. WEI L P,LI M S,ZHANG L,et al.Privacy-preserving linear regression algorithm based on secure two-party computation[J].Computer Engineering and Applications,2021,57(22):139-146. [2] VOIGT P,VON DEM BUSSCHE A.The eu general data protection regulation(GDPR)[M].Cham:Springer International Publishing,2017. [3] 市场化个人征信行业个人信息保护问题分析[EB/OL].[2022].https://www.creditchina.gov.cn/home/lfyj/202107/t20210714_239446.html. Analysis of personal information protection in marketized personal credit reference industry[EB/OL].[2022].https://www.creditchina.gov.cn/home/lfyj/202107/t20210714_239446.html. [4] 朱侯,张明鑫,路永和.社交媒体用户隐私政策阅读意愿实证研究[J].情报学报,2018,37(4):362-371. ZHU H,ZHANG M X,LU Y H.An empirical study on privacy policy reading intention of social media users[J].Journal of the China Society for Scientific and Technical Information,2018,37(4):362-371. [5] 信息安全技术个人信息安全规范[EB/OL].[2022].https://ansafe.xust.edu.cn/DownLoad/2020SafeInstruction.pdf. Personal information security specification[EB/OL].[2022].https://ansafe.xust.edu.cn/DownLoad/2020SafeI-nstruction.pdf. [6] 中华人民共和国个人信息保护法[EB/OL].[2022].http://fsga.foshan.gov.cn/attachment/0/224/224359/5099735.pdf. Personal information protection law of the people’s republic of china full translation[EB/OL].[2022].http://fsga.foshan.gov.cn/attachment/0/224/224359/5099735.pdf. [7] 灵鲲App隐私合规产品白皮书[R/OL].[2022].https://max.book118.com/html/2021/1015/5244022313004031.shtm. Lingkun App privacy compliance product white paper[R/OL].[2022].https://max.book118.com/html/2021/1015/5244022313004031.shtm. [8] 张艳丰,邱怡.硬规则下我国移动阅读App隐私政策合规性研究[J].现代情报,2022,42(1):167-176. ZHANG Y F,QIU Y.Research on compliance of privacy policy of mobile reading App in China under hard rules[J].Journal of Modern Information,2022,42(1):167-176. [9] 移动互联网应用程序(App)收集使用个人信息自评估指南[EB/OL].[2022].https://www.tc260.org.cn/front/postDetail.html?id=20200722134829. Mobile Internet application(App)collection and use of personal information self-assessment guide[EB/OL].[2022].https://www.tc260.org.cn/front/postDetail.html?id=202007 22134829. [10] 中华人民共和国数据安全法[EB/OL].[2022].https://gkml.samr.gov.cn/nsjg/bgt/202111/t20211105_336461.html. Data security law of the people’s republic of China[EB/OL].[2022].https://gkml.samr.gov.cn/nsjg/bgt/202111/t20211105_336461.html. [11] 我国197项数据安全政策回顾汇总[EB/OL].[2022].http://www.ciphergateway.com/product/40738.html. Summary of 197 data security policies in China[EB/OL].[2022].http://www.ciphergateway.com/product/40738.html. [12] 苗慧.中外移动App的个人信息保护研究[D].北京:北京邮电大学,2021. MIAO H.Research on personal information protection of Chinese and foreign mobile Apps[D].Beijing:Beijing University of Posts and Telecommunications,2021. [13] 张艳丰,邱怡.我国移动阅读应用个人信息保护政策合规性测度研究[J].图书情报工作,2021,65(22):35-43. ZHANG Y F,QIU Y.Research on compliance measurement of personal information protection policy for mobile reading application in China[J].Library and Information Service,2021,65(22):35-43. [14] TORRE D,ABUALHAIJA S,SABETZADEH M,et al.An AI-assisted approach for checking the completeness of privacy policies against GDPR[C]//2020 IEEE 28th International Requirements Engineering Conference(RE),2020. [15] AMARAL O,ABUALHAIJA S,TORRE D,et al.AI-enabled automation for completeness checking of privacy policies[J].arXiv:2106.05688,2021. [16] MüLLER N M,KOWATSCH D,DEBUS P,et al.On GDPR compliance of companies’privacy policies[C]//International Conference on Text,Speech,and Dialogue.Cham:Springer,2019:151-159. [17] FAN M,YU L,CHEN S,et al.An empirical evaluation of GDPR compliance violations in Android mHealth Apps[C]//2020 IEEE 31st International Symposium on Software Reliability Engineering(ISSRE),2020:253-264. [18] 朱璋颖,陆亦恬,唐祝寿,等.基于隐私政策条款和机器学习的应用分类[J].通信技术,2020,53(11):2749-2757. ZHU Z Y,LU Y K,TANG Z S,et al.Application classification based on privacy policy terms and machine learning[J].Communications Technology,2020,53(11):2749-2757. [19] VERDERAME L,CAPUTO D,ROMDHANA A,et al.On the (un)reliability of privacy policies in Android Apps[C]//2020 International Joint Conference on Neural Networks(IJCNN),2020:1-9. [20] 赵波,刘贤刚,刘行,等.Android应用程序个人信息安全量化评估模型研究[J].通信技术,2020,53(8):2019-2026. ZHAO B,LIU X G,LIU X,et al.Quantitative evaluation model of personal information security for Android applications[J].Communications Technology,2020,53(8):2019-2026. [21] SUN R,XUE M.Quality assessment of online automated privacy policy generators:an empirical study[C]//Proceedings of the Evaluation and Assessment in Software Engineering,2020:270-275. [22] 姚胜译,吴丹.App隐私政策用户友好度评价研究[J].信息资源管理学报,2021,11(1):30-39. YAO S Y,WU D.Assessment research to App privacy policy user-frendliness[J].Journal of Information Resources Management,2021,11(1):30-39. [23] 徐磊,郭旭.大数据时代读者个人信息保护的实践逻辑与规范路径——以图书类App隐私政策文本为视角[J].图书馆建设,2021(1):74-83. XU L,GUO X.Practice logic and normative path of protecting readers’ personal information in the age of big data—From the perspective of privacy policy of book Apps[J].Library Development,2021(1):74-83. [24] 杜永欣,周茂君.我国网站个人信息保护的合规性考察——基于九家网站隐私政策的文本分析[J].重庆邮电大学学报(社会科学版),2021,33(4):62-72. DU Y X,ZHOU M J.Study on the compliance of website personal information protection in China—Text analysis based on privacy policy of nine websites[J].Journal of Chongqing University of Posts and Telecommunications(Social Science Edition),2021,33(4):62-72. [25] 唐远清,赖星星.社交媒体隐私政策文本研究——基于Facebook与微信的对比分析[J].新闻与写作,2018(8):31-37. TANG Y Q,LAI X X.Social media privacy policy text research—Comparative analysis based on Facebook and WeChat[J].News and Writing,2018(8):31-37. [26] 马骋宇,刘乾坤.移动健康应用程序的隐私政策评价及实证研究[J].图书情报工作,2020,64(7):46-55. MA C Y,LIU Q K.Research on the privacy policy’s evaluation and empirical study of mobile health applications[J].Library and Information Service,2020,64(7):46-55. [27] 何培育,马雅鑫,涂萌.Web浏览器用户隐私安全政策问题与对策研究[J].图书馆,2019(2):19-26. HE Y P,MA Y X,TU M.A study on problems and countermeasures of web browser user privacy security policy[J].Library,2019(2):19-26. [28] 姜盼盼.图书馆隐私政策合规性的依据与标准[J].图书馆建设,2019(4):79-86. JIANG P P.Compliance basis and standards of library privacy policy[J].Library Development,2019(4):79-86. [29] ARZT S,RASTHOFER S,FRITZ C,et al.Flowdroid:precise context,flow,field,object-sensitive and lifecycle-aware taint analysis for Android Apps[J].ACM Sigplan Notices,2014,49(6):259-269. [30] QIAN C,LUO X,LE Y,et al.Vulhunter:toward discovering vulnerabilities in Android applications[J].IEEE Micro,2015,35(1):44-53. [31] CHURCH K W.Word2Vec[J].Natural Language Engineering,2017,23(1):155-162. [32] ANDOW B,MAHMUD S Y,WHITAKER J,et al.Actions speak louder than words:entity-sensitive privacy policy and data flow analysis with policheck[C]//29th USENIX Security Symposium(USENIX Security 20),2020:985-1002. [33] YU L,LUO X,LIU X,et al.Can we trust the privacy policies of Android Apps?[C]//2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks(DSN),2016:538-549. [34] KUNUNKA S,MEHANDJIEV N,SAMPAIO P.A comparative study of Android and iOS mobile applications’ data handling practices versus compliance to privacy policy[C]//IFIP International Summer School on Privacy and Identity Management.Cham:Springer,2017:301-313. [35] OLUKOYA O,MACKENZIE L,OMORONYIA I.Security-oriented view of App behaviour using textual descriptions and user-granted permission requests[J].Computers & Security,2020,89:101685. [36] YU L,LUO X,QIAN C,et al.Enhancing the description-to-behavior fidelity in Android Apps with privacy policy[J].IEEE Transactions on Software Engineering,2017,44(9):834-854. [37] YU L,LUO X,QIAN C,et al.Revisiting the description-to-behavior fidelity in Android applications[C]//2016 IEEE 23rd International Conference on Software Analysis,Evolution,and Reengineering(SANER),2016:415-426. [38] WANG R,WANG Z,TANG B,et al.Smartpi:understanding permission implications of Android Apps from user reviews[J].IEEE Transactions on Mobile Computing,2019,19(12):2933-2945. [39] 贺雪乔.iOS应用隐私条例与敏感行为一致性检测系统的设计与实现[D].北京:北京邮电大学,2020. HE X Q.Design and implemention of consistency detection and generation technology for privacy policy of IOS Apps[D].Beijing:Beijing University of Posts and Telecommunications,2020. [40] MA Z,WANG H,GUO Y,et al.Libradar:fast and accurate detection of third-party libraries in Android Apps[C]//Proceedings of the 38th International Conference on Software Engineering Companion,2016:653-656. [41] 胡杰克.基于敏感数据流的Android恶意程序及隐私泄露检测方法研究[D].深圳:哈尔滨工业大学(深圳),2021. HU J K.Research on Android malware and privacy leak detection method based on sensitive data flow[D].Shenzhen:Harbin Institute of Technology,Shenzhen,2021. [42] 王靖瑜.Android应用隐私条例一致性检测及其生成技术的研究与实现[D].北京:北京邮电大学,2018. WANG J Y.Research and implementation of consistency detection and generation technology for privacy policy of Android Apps[D].Beijing:Beijing University of Posts and Telecommunications,2018. [43] 王靖瑜,徐明昆,王浩宇,等.Android应用隐私条例与敏感行为一致性检测[J].计算机科学与探索,2019,13(1):56-69. WANG J Y,XU M K,WANG H Y,et al.Automated detection of consistence between App behavior and privacy policy of Android Apps[J].Journal of Frontiers of Computer Science and Technology,2019,13(1):56-69. [44] ZHANG C,WANG H,WANG R,et al.Re?checking App behavior against App description in the context of third-party libraries[C]//International Conference on Software Engineering and Knowledge Engineering,2018. [45] FENG Y,CHEN L,ZHENG A,et al.Ac-net:assessing the consistency of description and permission in Android Apps[J].IEEE Access,2019,7:57829-57842. [46] YU L,LUO X,CHEN J,et al.PPchecker:towards accessing the trust worthiness of Android Apps’ privacy policies[J].IEEE Transactions on Software Engineering,2018,47(2):221-242. [47] 杜代忠.Android应用隐私政策与权限使用的一致性分析引擎的研究与实现[D].北京:北京邮电大学,2021. DU D Z.Research and implementation of consistency analysis engine for Android application privacy policy and permission usage[D].Beijing:Beijing University of Posts and Telecommunications,2021. [48] SLAVIN R,WANG X,HOSSEINI M B,et al.Toward a framework for detecting privacy policy violations in Android application code[C]//Proceedings of the 38th International Conference on Software Engineering,2016:25-36. [49] SOLNYSHKINA M I,ZAMALETDINOV R R,GORODETSKAYA L A,et al.Evaluating text complexity and Flesch-Kincaid grade level[J].Journal of Social Studies Education Research,2017(3). [50] FARR J N,JENKINS J J,PATERSON D G.Simplification of Flesch reading ease formula[J].Journal of Applied Psychology,1951,35(5):333. [51] GUNNING R.The fog index after twenty years[J].Journal of Business Communication,1969,6(2):3-13. [52] MC LAUGHLIN G H.SMOG grading-a new readability formula[J].Journal of reading,1969,12(8):639-646. [53] FAROOQ E,GHANI MANUI,NASEER Z,et al.Privacy policies’ readability analysis of contemporary free healthcare Apps[C]//2020 14th International Conference on Open Source Systems and Technologies(ICOSST),2020:1-7. [54] 陈世敏.中文可读性公式试拟[J].新闻学研究,1971(8):181-225. CHEN S M.Chinese readability formula[J].Mass Communication Research,1971(8):181-225. [55] DAS G,CHEUNG C,NEBEKER C,et al.Privacy policies for Apps targeted toward youth:descriptive analysis of readability[J].JMIR mHealth and uHealth,2018,6(1):e7626. [56] REDMILES E M,MORALES M,MASZKIEWICZ L,et al.First steps toward measuring the readability of security advice[C]//The 2018 IEEE Security & Privacy Workshop on Technology and Consumer Protection (ConPro),2018. [57] POWELL A,SINGH P,TOROUS J.The complexity of mental health App privacy policies:a potential barrier to privacy[J].JMIR mHealth and uHealth,2018,6(7):e9871. [58] FOWLER L R,GILLARD C,MORAIN S R.Readability and accessibility of terms of service and privacy policies for menstruation?tracking smartphone applications[J].Health Promotion Practice,2020,21(5):679-683. [59] 秦克飞.手机App隐私政策的可读性研究[J].情报探索,2019(1):18-23. QIN K F.Research on readability of mobile App privacy policies[J].Information Research,2019(1):18-23. [60] SUNYAEV A,DEHLING T,TAYLOR P L,et al.Availability and quality of mobile health App privacy policies[J].Journal of the American Medical Informatics Association,2015,22(e1):28-33. [61] 王英.若干国家或地区图书馆协会隐私政策的纵向分析[J].图书馆理论与实践,2020(4):28-34. WANG Y.A longitudinal analysis on privacy policies of several national or regional library associations[J].Library Theory and Practice,2020(4):28-34. [62] ROBILLARD J M,FENG T L,SPORN A B,et al.Availability,readability,and content of privacy policies and terms of agreements of mental health Apps[J].Internet Interventions,2019,17:100243. [63] JAVED Y,AL QAHTANI E,SHEHAB M.Privacy policy analysis of banks and mobile money services in the middle east[J].Future Internet,2021,13(1):10. [64] ZHANG M,CHOW A,SMITH H.COVID-19 contact-tracing Apps:analysis of the readability of privacy policies[J].Journal of Medical Internet Research,2020,22(12):e21572. [65] BASCH C H,MOHLMAN J,HILLYER G C,et al. Public health communication in time of crisis:readability of on-line COVID-19 information[J].Disaster Medicine and Public Health Preparedness,2020,14(5):635-637. [66] KRUMAY B,KLAR J.Readability of privacy policies[C]//IFIP Annual Conference on Data and Applications Security and Privacy.Cham:Springer,2020:388-399. [67] FABIAN B,ERMAKOVA T,LENTZ T.Large-scale readability analysis of privacy policies[C]//Proceedings of the International Conference on Web Intelligence,2017:18-25. [68] ANDERSON J.Lix and rix:variations on a little-known readability index[J].Journal of Reading,1983,26(6):490-496. [69] COLEMAN M,LIAU T L.A computer readability formula designed for machine scoring[J].Journal of Applied Psychology,1975,60(2):283. [70] SENTER R J,SMITH E A.Automated readability index[R].Cincinnati Univ OH,1967. [71] 王蕾.初中级日韩留学生文本可读性公式初探[D].北京:北京语言大学,2005. WANG L.Research on Chinese readability formula of texts for elementary and intermediate Korean and Japanese students[D].Beijing:Beijing Language and Culture University,2005. [72] 左虹,朱勇.中级欧美留学生汉语文本可读性公式研究[J].世界汉语教学,2014,28(2):14. ZUO H,ZHU Y.Research on Chinese readability formula of texts for intermediate level European and America students[J].Chinese Teaching in the World,2014,28(2):14. [73] 杨金余.高级汉语精读教材语言难度测定研究[D].北京:北京大学,2008. YANG J Y.The study on measurement of language difficulty of advanced Chinese intensive reading textbooks[D].Beijing:Peking University,2008. [74] 郭望皓.对外汉语文本易读性公式研究[D].上海:上海交通大学,2010. GUO W H.Research on readability formula of Chinese text for foreign students[D].Shanghai:Shanghai Jiao Tong University,2010. [75] 孙汉银.中文易读性公式[D].北京:北京师范大学,1992. SUN H Y.Chinese readability formula[D].Beijinig:Beijing Normal University,1992. [76] 侯尧,陶洋,杨理,等.基于差分隐私的个人轨迹信息保护机制[J].计算机工程与应用,2020,56(9):106-110. HOU Y,TAO Y,YANG L,et al.Personal trajectory information protection based on differential privacy mechanism[J].Computer Engineering and Applications,2020,56(9):106-110. |
[1] | SUN Hanyu, HUANG Lixia, ZHANG Xueying, LI Juan. Speech Emotion Recognition Based on Dual-Channel Convolutional Gated Recurrent Network [J]. Computer Engineering and Applications, 2023, 59(2): 170-177. |
[2] | XIE Guorong, QU Yi, JIANG Rongqi. Survey of Model Learning for Anti-occlusion Object Tracking [J]. Computer Engineering and Applications, 2022, 58(2): 43-56. |
[3] | ZHANG Zhongmin, LIU Jinxin, XI Zhihong. Disparity Optimization Algorithm Using Entropy Rate Super-Pixel Segmentation Consistency Check [J]. Computer Engineering and Applications, 2021, 57(5): 204-209. |
[4] | CHEN Junfeng, ZHENG Zhongtuan. Over-Sampling Method on Imbalanced Data Based on WKMeans and SMOTE [J]. Computer Engineering and Applications, 2021, 57(23): 106-112. |
[5] | GAN Xinyan, GAO Xiang. Research on Cloud Manufacturing System Selection Based on Hesitant Fuzzy Decision Making Algorithm [J]. Computer Engineering and Applications, 2021, 57(2): 134-142. |
[6] | CHEN Xuejuan. Hesitant Fuzzy Group Consensus Reaching Algorithm and Its Application to Select Data System [J]. Computer Engineering and Applications, 2021, 57(11): 128-134. |
[7] | ZHU Zhishen,LING Jie,LIN Peng. Data Integrity Checking Technology of Industrial Control System Based on Covert Channel [J]. Computer Engineering and Applications, 2020, 56(9): 125-130. |
[8] | MA Qianru, YE Jimin. Convergence and Consistency Analysis of FastICA Algorithm [J]. Computer Engineering and Applications, 2020, 56(2): 35-41. |
[9] | LI Dan. Structured Weighted Correlation Adaptive Subspace Clustering [J]. Computer Engineering and Applications, 2020, 56(13): 137-142. |
[10] | LIU Liwei1, SUN Jianzhi1, TAN Li1, YANG Bin2. Research on Trusted Authentication Method of Network Device Based on IMC/IMV [J]. Computer Engineering and Applications, 2019, 55(9): 79-86. |
[11] | TIAN Zejin, HUANG Ruilu, LV Yuejin. Two Consistencies of Complementary Judgment Matrix Based on Interval Rough Numbers [J]. Computer Engineering and Applications, 2019, 55(24): 235-240. |
[12] | LIN Xianning. Data Product Selection Based on Linguistic Information Consistency Adjustment Algorithm [J]. Computer Engineering and Applications, 2019, 55(21): 129-134. |
[13] | YUAN Ying, ZHU Hongliang, CHEN Yuling, OUYANG Zhi, XIN Yang, YANG Yixian. Survey of Data Integrity Verification Technology Based on Provable Data Possession [J]. Computer Engineering and Applications, 2019, 55(18): 1-7. |
[14] | LIN Bingdong1,2, ZHAO Danpu1,3, TAI Xianqing4. Design and Implementation of MooseFS Hot Standby Master [J]. Computer Engineering and Applications, 2019, 55(13): 72-77. |
[15] | WANG Tianqi, PANG Xiaoqiong, REN Mengqi. Batch remote data integrity checking protocol with corrupted data location [J]. Computer Engineering and Applications, 2018, 54(4): 90-97. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||