SoK: Demystifying Privacy Enhancing Technologies Through the Lens of Software Developers

• URL: http://arxiv.org/abs/2401.00879v1
• Date: Sat, 30 Dec 2023 12:24:40 GMT
• Title: SoK: Demystifying Privacy Enhancing Technologies Through the Lens of Software Developers
• Authors: Maisha Boteju, Thilina Ranbaduge, Dinusha Vatsalan, Nalin Asanka Gamagedara Arachchilage
• Abstract summary: In the absence of data protection measures, software applications lead to privacy breaches. This review analyses 39 empirical studies on developers' privacy practices. It reports the usage of six PETs in software application scenarios. It discusses challenges developers face when integrating PETs into software.
• Score: 4.171555557592296
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: In the absence of data protection measures, software applications lead to privacy breaches, posing threats to end-users and software organisations. Privacy Enhancing Technologies (PETs) are technical measures that protect personal data, thus minimising such privacy breaches. However, for software applications to deliver data protection using PETs, software developers should actively and correctly incorporate PETs into the software they develop. Therefore, to uncover ways to encourage and support developers to embed PETs into software, this Systematic Literature Review (SLR) analyses 39 empirical studies on developers' privacy practices. It reports the usage of six PETs in software application scenarios. Then, it discusses challenges developers face when integrating PETs into software, ranging from intrinsic challenges, such as the unawareness of PETs, to extrinsic challenges, such as the increased development cost. Next, the SLR presents the existing solutions to address these challenges, along with the limitations of the solutions. Further, it outlines future research avenues to better understand PETs from a developer perspective and minimise the challenges developers face when incorporating PETs into software.

Related papers

• AutoPT: How Far Are We from the End2End Automated Web Penetration Testing? [54.65079443902714]
  We introduce AutoPT, an automated penetration testing agent based on the principle of PSM driven by LLMs. Our results show that AutoPT outperforms the baseline framework ReAct on the GPT-4o mini model.
  arXiv  Detail & Related papers  (2024-11-02T13:24:30Z)
• Integrating PETs into Software Applications: A Game-Based Learning Approach [2.7186493234782527]
  "PETs-101" is a novel game-based learning framework that motivates developers to integrate PETs into software. It aims to improve developers' privacy-preserving software development behaviour.
  arXiv  Detail & Related papers  (2024-10-01T13:15:46Z)
• Agent-Driven Automatic Software Improvement [55.2480439325792]
  This research proposal aims to explore innovative solutions by focusing on the deployment of agents powered by Large Language Models (LLMs) The iterative nature of agents, which allows for continuous learning and adaptation, can help surpass common challenges in code generation. We aim to use the iterative feedback in these systems to further fine-tune the LLMs underlying the agents, becoming better aligned to the task of automated software improvement.
  arXiv  Detail & Related papers  (2024-06-24T15:45:22Z)
• Developers' Perceptions on the Impact of ChatGPT in Software Development: A Survey [13.257222195239375]
  We conducted a survey with 207 software developers to understand the impact of ChatGPT on software quality, productivity, and job satisfaction. The study delves into developers' expectations regarding future adaptations of ChatGPT, concerns about potential job displacement, and perspectives on regulatory interventions.
  arXiv  Detail & Related papers  (2024-05-20T17:31:16Z)
• Generative AI for Secure and Privacy-Preserving Mobile Crowdsensing [74.58071278710896]
  generative AI has attracted much attention from both academic and industrial fields. Secure and privacy-preserving mobile crowdsensing (SPPMCS) has been widely applied in data collection/ acquirement.
  arXiv  Detail & Related papers  (2024-05-17T04:00:58Z)
• Privacy-Enhancing Technologies for Artificial Intelligence-Enabled Systems [0.0]
  Artificial intelligence (AI) models introduce privacy vulnerabilities to systems. These vulnerabilities exist during model development, deployment, and inference phases. We propose the use of several privacy-enhancing technologies (PETs) to defend AI-enabled systems.
  arXiv  Detail & Related papers  (2024-04-04T15:14:40Z)
• Reconciling AI Performance and Data Reconstruction Resilience for Medical Imaging [52.578054703818125]
  Artificial Intelligence (AI) models are vulnerable to information leakage of their training data, which can be highly sensitive. Differential Privacy (DP) aims to circumvent these susceptibilities by setting a quantifiable privacy budget. We show that using very large privacy budgets can render reconstruction attacks impossible, while drops in performance are negligible.
  arXiv  Detail & Related papers  (2023-12-05T12:21:30Z)
• When PETs misbehave: A Contextual Integrity analysis [0.7397067779113841]
  We use the theory of Contextual Integrity to explain how privacy technologies may be misused to erode privacy. We consider three PETs and scenarios: anonymous credentials for age verification, client-side scanning for illegal content detection, and homomorphic encryption for machine learning model training.
  arXiv  Detail & Related papers  (2023-12-05T05:27:43Z)
• Embedded Software Development with Digital Twins: Specific Requirements for Small and Medium-Sized Enterprises [55.57032418885258]
  Digital twins have the potential for cost-effective software development and maintenance strategies. We interviewed SMEs about their current development processes. First results show that real-time requirements prevent, to date, a Software-in-the-Loop development approach.
  arXiv  Detail & Related papers  (2023-09-17T08:56:36Z)
• Mitigating Sovereign Data Exchange Challenges: A Mapping to Apply Privacy- and Authenticity-Enhancing Technologies [67.34625604583208]
  Authenticity Enhancing Technologies (AETs) and Privacy-Enhancing Technologies (PETs) are considered to engage in Sovereign Data Exchange (SDE) PETs and AETs are technically complex, which impedes their adoption. This study empirically constructs a challenge-oriented technology mapping.
  arXiv  Detail & Related papers  (2022-06-20T08:16:42Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.