PIP: A (Privacy) Injection Pattern for Inserting Privacy Patterns and Services in Software by Naureen Ali Submitted in partial fulfilment of the requirements for the degree of Master of Computer Science at Dalhousie University Halifax, Nova Scotia November 2015 © Copyright by Naureen Ali, 2015 Table of Contents List of Tables ................................................................................................................................. v List of Figures ............................................................................................................................... vi Abstract ......................................................................................................................................... ix List of Abbreviations Used ........................................................................................................... x Acknowledgement ........................................................................................................................ xi Chapter 1 : Introduction .............................................................................................................. 1 1.1 Research Problem ........................................................................................................ 2 1.2 Research Objectives ..................................................................................................... 3 1.3 Outline .......................................................................................................................... 3 Chapter 2 : Background and Related Work .............................................................................. 4 2.1 Privacy Overview ......................................................................................................... 4 2.1.1 Privacy .......................................................................................................... 4 2.1.2 Privacy Policy .............................................................................................. 6 2.1.3 Privacy Standards and Laws ........................................................................ 7 2.2 Privacy Research .......................................................................................................... 8 2.2.1 Privacy Engineering: .................................................................................... 8 2.2.2 Patterns on Privacy ..................................................................................... 13 2.2.3 De-identification through Data Transformation Techniques ..................... 14 2.2.3.1 Character Masking Method ........................................................................ 14 2.2.3.2 The Randomization Method ....................................................................... 15 2.2.3.3 The k-anonymity Model ............................................................................. 15 2.2.3.4 The l-diversity Model ................................................................................. 17 2.2.3.5 The t-closeness Model ................................................................................ 19 2.2.4 Aspect Oriented Programming ................................................................... 21 2.2.4.1 Core Concerns and Cross-Cutting Concerns .............................................. 21 2.2.4.2 Aspect Oriented Programming Key Terminologies ................................... 23 2.2.4.3 AOP and Privacy ........................................................................................ 24 2.2.5 Dependency Injection ................................................................................. 31 2.2.6 Mocking ..................................................................................................... 38 2.3 Discussion .................................................................................................................. 40 Chapter 3 : Privacy Services Injection Pattern ........................................................................ 42 ii 3.1 Design Criteria ........................................................................................................... 42 3.2 The Privacy Injection Pattern (PIP) ........................................................................... 42 3.3 Architecture of the Privacy Injection Pattern (PIP) ................................................... 44 3.4 Software Engineer’s Learning Curve Perspective ..................................................... 47 3.4.1 Dependency Injection (DI) ......................................................................... 47 3.4.2 Mocking ..................................................................................................... 49 3.4.3 Aspect oriented programming .................................................................... 52 Chapter 4 : Prototype for Proof of Concept ............................................................................. 56 4.1 Banking System Use Case ......................................................................................... 56 4.2 Hospital System Use Case ......................................................................................... 64 Chapter 5 : Results and Evaluation .......................................................................................... 74 5.1 Evaluation Methodology ............................................................................................ 74 5.1.1 Survey Objectives ...................................................................................... 76 5.1.2 Survey Questions........................................................................................ 76 5.1.3 Survey Approach ........................................................................................ 76 5.1.3.1 Survey protocol .......................................................................................... 77 5.1.3.2 Survey instrument ...................................................................................... 77 5.1.3.3 Survey Design ............................................................................................ 77 5.1.3.4 Intended Data Analysis .............................................................................. 79 5.1.3.5 Recruitment ................................................................................................ 80 5.1.3.6 Participants ................................................................................................. 80 5.2 Participants ................................................................................................................. 80 5.3 Perceived Usefulness and Perceived Ease of Use ...................................................... 81 5.3.1 Qualitative Analysis ................................................................................... 83 5.3.1.1 Reliability ................................................................................................... 83 5.3.1.2 Validity ....................................................................................................... 85 5.4 Results for Perceived Usefulness and Ease of Use .................................................... 88 5.5 Improvements in PIP Pattern ..................................................................................... 92 5.6 Overall Motivation to Use the Pattern ....................................................................... 93 5.7 Limitations ................................................................................................................. 94 Chapter 6 : Conclusions and Future Work .............................................................................. 95 iii Bibliography ................................................................................................................................ 97 Appendix A – Letter of Approval ............................................................................................ 107 Appendix B – Recruitment Script ........................................................................................... 108 Appendix C – Informed Consent ............................................................................................. 109 Appendix D – Signature Page .................................................................................................. 112 Appendix E – Survey Questions .............................................................................................. 113 iv List of Tables Table 2.1 Seven Types of Privacy [adopted from (Finn et al., 2013)] ............................... 5 Table 2.2. Approaches of Aspect Weaving [adopted from (Sommerville, 2011)] ........... 24 Table 5.1. Demographics of the participants .................................................................... 81 Table 5.2. Mean, Standard Deviation and Cronbach's Alpha for Variables ..................... 84 Table 5.3. Cronbach’s Alpha of Perceived Usefulness and Perceived Ease of Use ......... 84 Table 5.4. Correlation Matrix for Perceived Usefulness .................................................. 86 Table 5.5. Correlation Matrix for Perceived Ease of Use ................................................. 86 Table 5.6. Factor loadings after Varimax rotation ............................................................ 87 Table 5.7. Average of Scale of Perceived Usefulness and Perceived Ease of Use........... 89 v List of Figures Figure 2.1. Health related data [adopted from Zhong et al. (2005)] ................................. 15