Slides from Mohamed Bourimi for MSM 2011 workshop

1. Privacy
and
Security
in
Mul1-­‐modal
User
Interface
Modeling
for
Social
Media
Mohamed
Bourimi1,3,
Ricardo
Tesoriero2,
Pedro
G.
Villanueva2,
Fa<h
Karatas1,
Philipp
Schwarte1
1University
of
Siegen,
Chair
for
IT
Security,
Germany
2Compu1ng
Systems
Department.
University
of
Cas1lla-­‐La
Mancha,
Spain
3FernUniversität
in
Hagen,
Coopera1ve
Systems
Group,
Germany

2. Overview
§ Background
and
Mo2va2on
§ Problem
Statement(s)
§ Requirements
Analysis
§ Proposed
Approach
§ Example
§ Eclipse
Security
Model
Editor
§ Future
Work
and
Conclusion

3. Background
and
Mo2va2on
§ Interdisciplinary
research
becoming
more
important
in
the
area
of
Social
Media
(Modeling):
1. Human-­‐Comupter
Interac2on
(HCI)
è
Usability
Engineering
2. Groupware
and
Social
SoQware
è
Distributed
Systems
SoQware
Engineering
Suppor2ng
Collabora2on
3. Privacy
and
Security
Engineering
§ Modeling
as
one
of
the
important
steps
in
the
SoQware
Engineering
Process
could
help
in
considering
the
requirements
:
• Early
Enforcement
(Bourimi
et
al.
AFFINE
methodology,
HCSE2010)
• Adequately
by
considering
social
factors,
too!
(which
is
not
part
of
other
business
domains)

4. Abuses,
risks
and
threats
when
using
Social
Media!
§ Scandals
are
becoming
ordinary
(due
to
accidental
or/and
inten2onal
abuses)
with
fatal
consequences
in
some
situa2ons!!
§ Iden2fica2on
remains
possible
with
an
error
rate
of
just
12%
(Narayanan&Shama2kov
2009)
§ Many
other
examples
for
loosing
privacy
and
evolving
risks
and
threats
..

5. Problem
Statement(s)
§ General
problem
statement:
Improving
the
modeling
of
systems
suppor<ng
social
interac<on
in
general
(considering
all
involved
research
fields
togetherè
Targe<ng
Synergy
Effect)
§ Specific
problem
statement
(here):
Using
standard(s)
for
efficient
support
of
generated
user
interfaces
by
considering
mul<-­‐modality
(Web,
Mobile,
Desktop
etc.)
when
using
social
media
systems
(e.g.,
for
evalua<on
based
research,
frequent
provision/adap<on
of
prototypes
is
needed!)

6. Requirements
Analysis:
„SocialTV
Case
Study“
§ “Perfect
Labor”
in
our
case:
SocialTV
interdisciplinary
project
running
since
2009
(presented
@SocialCom
2010)
èhQp://www.uni-­‐siegen.de/T5/itsec/forschung/projekte/socialtv.html

7. Requirements
Analysis:
Further
Gathered
Requirements
§ R1:
Reflec2ng
realis2c
SocialTV
situa2ons
(individual
and
group
interac2ons)
§ R2:
Allowing
for
flexible
parallel
interac2on
of
the
involved
people
§ R3:
Flexibility
in
terms
of
costs
emerging
from
adapta2ons
to
new
situa2ons
and
tests
§ R4:
Suppor2ng
thereby
secure
and
privacy-­‐
preserving
interac2on

8. Approach
§ Approach
is
based
on
same
technologies
we
use
for
development
of
context-­‐aware
applica2ons
for
ubiquitous
compu2ng
environments
using
the
Model-­‐Driven
Architecture
(MDA):
• Metamodling
and
UsiXML
(Cameleon
Reference
Framework)
• Eclipse
• For
Security/Privacy
è
Security
Metamodel
(next
slide)

9. Approach
§ For
Security/Privacy
è
Metamodel
oriented
to
PriS
(2008):
- Principals
(user
model)
- Resources
(domain
model)
- Ac2vi2es
(task
model)

10. Solu2on
sa2sfying
our
requirements
(R1-­‐R4)

11. Approach:
Security
Metamodel
and
DSL

12. Example
Security model

13. Current
State:
Security
Modeling
Editor
§ Developed
using
the
Eclipse
plahorm
as
a
plugin
• EMF
• GMF
§ As
consequence
• Metamodels
in
ECORE
format
• Models
in
XMI
(OMG
standard
for
model
representa2ons)
§ Main
Advantage
• Genera2on
of
a
plahorm
independent
security
models
§ OCL
Model
Valida2on
(i.e.
Aiributes)
§ MOFScript
(Model
2
Text
transforma2on)

14. First
Results
(Modeling)
§ In
total,
we
conducted
interviews,
walkthroughs
and
collected
first
usage
experiences
of
the
current
modeling
framework
(including
the
first
primi2ve
version
of
the
Security
Metamodeling
Eclipse-­‐based
Editor)
with
21
par2cipants
from
the
educa2onal
and
industrial
field
§ We
are
currently
suppor2ng
various
widgets
such
as
fields
for
entering
different
data
(e.g.,
username
and
password),
combo
boxes,
etc.
(Official
Status
will
be
announced
this
week
in
a
presenta2on
for
OMG)

15. Experiences
(for
Current
Status)
§ Requirements
resulted/s2ll
resul2ng
mainly
from
interdisciplinary
research
projects
è
Students
and
researchers
working
together
in
academic
evalua2on!
§ We
received
wishes
for
improvements
from
industrial
contacts
and
partners
in
other
projects
è
Interac2ve
TV
por2ng
(s2ll
needing
access
to
special
HW
suppor2ng
our
technologies
such
as
TVs
suppor2ng
HTML5
or
Android
Plahorm)

16. Future
work
and
conclusion
§ Future
work
is
primarily
focused
on:
• Improving
the
Security
Metamodel
by
adding
itera2vely
further
security
and
privacy
requirements!
• Improving
the
used
Security
Metamodling
Editor
for
easing
the
modeling
of
related
design/modeling/
development
tasks
§ This
needs
improving
the
underlying
UsiXML
framework
which
is
in
evolu2on
for
the
moment
for
mee2ng
standards
(OMG
/
W3C
proposals
submiied!)

17. Thank you for
your attention!
Privacy
and
Security
in
Mul1-­‐modal
User
Interface
Modeling
for
Social
Media
Bourimi@wiwi.uni-­‐siegen.de
Mohamed.Bourimi@fernuni-­‐hagen.de