IFTTT Privacy Checker

Federica Paci; Davide Bianchin; Elisa Quintarelli; Nicola Zannone

doi:10.1007/978-3-030-64455-0_6

IFTTT Privacy Checker

Federica Paci, Davide Bianchin, Elisa Quintarelli, Nicola Zannone

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

2 Citations (Scopus)

Abstract

IFTTT is a platform that allows users to create applets for connecting smart devices to online services, or to compose online services, in order to provide customized functionalities in Internet of Things scenarios. Despite their flexibility and ease-of-use, IFTTT applets may create privacy risks for users, who might unknowingly share sensitive information with a wider audience than intended. In this paper, we focus on privacy issues related to the sharing of pictures through IFTTT applets. We propose a framework to detect when IFTTT applets violate user’s privacy, both at design-time and run-time, based on the visibility and sensitivity of shared data. We have realized two prototypes implementing the framework, a browser plugin to detect design-time privacy violations and an online service to detect run-time privacy violations. We evaluate the online service using an IFTTT applet for posting to Twitter new pictures uploaded in Google Drive.

Original language	English
Title of host publication	Emerging Technologies for Authorization and Authentication - Third International Workshop, ETAA 2020, Proceedings
Editors	Andrea Saracino, Paolo Mori
Publisher	Springer
Pages	90-107
Number of pages	18
ISBN (Print)	9783030644543
DOIs	https://doi.org/10.1007/978-3-030-64455-0_6
Publication status	Published - 2020
Event	3rd International Workshop on Emerging Technologies for Authorization and Authentication, ETAA 2020 - Surrey, United Kingdom Duration: 14 Sept 2020 → 18 Sept 2020

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12515 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	3rd International Workshop on Emerging Technologies for Authorization and Authentication, ETAA 2020
Country/Territory	United Kingdom
City	Surrey
Period	14/09/20 → 18/09/20

Access to Document

10.1007/978-3-030-64455-0_6

Cite this

Paci, F., Bianchin, D., Quintarelli, E., & Zannone, N. (2020). IFTTT Privacy Checker. In A. Saracino, & P. Mori (Eds.), Emerging Technologies for Authorization and Authentication - Third International Workshop, ETAA 2020, Proceedings (pp. 90-107). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12515 LNCS). Springer. https://doi.org/10.1007/978-3-030-64455-0_6

Paci, Federica ; Bianchin, Davide ; Quintarelli, Elisa et al. / IFTTT Privacy Checker. Emerging Technologies for Authorization and Authentication - Third International Workshop, ETAA 2020, Proceedings. editor / Andrea Saracino ; Paolo Mori. Springer, 2020. pp. 90-107 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{f479776b3479420f8bf625819fa65d98,

title = "IFTTT Privacy Checker",

abstract = "IFTTT is a platform that allows users to create applets for connecting smart devices to online services, or to compose online services, in order to provide customized functionalities in Internet of Things scenarios. Despite their flexibility and ease-of-use, IFTTT applets may create privacy risks for users, who might unknowingly share sensitive information with a wider audience than intended. In this paper, we focus on privacy issues related to the sharing of pictures through IFTTT applets. We propose a framework to detect when IFTTT applets violate user{\textquoteright}s privacy, both at design-time and run-time, based on the visibility and sensitivity of shared data. We have realized two prototypes implementing the framework, a browser plugin to detect design-time privacy violations and an online service to detect run-time privacy violations. We evaluate the online service using an IFTTT applet for posting to Twitter new pictures uploaded in Google Drive.",

author = "Federica Paci and Davide Bianchin and Elisa Quintarelli and Nicola Zannone",

year = "2020",

doi = "10.1007/978-3-030-64455-0_6",

language = "English",

isbn = "9783030644543",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "90--107",

editor = "Andrea Saracino and Paolo Mori",

booktitle = "Emerging Technologies for Authorization and Authentication - Third International Workshop, ETAA 2020, Proceedings",

address = "Germany",

note = "3rd International Workshop on Emerging Technologies for Authorization and Authentication, ETAA 2020 ; Conference date: 14-09-2020 Through 18-09-2020",

}

Paci, F, Bianchin, D, Quintarelli, E & Zannone, N 2020, IFTTT Privacy Checker. in A Saracino & P Mori (eds), Emerging Technologies for Authorization and Authentication - Third International Workshop, ETAA 2020, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12515 LNCS, Springer, pp. 90-107, 3rd International Workshop on Emerging Technologies for Authorization and Authentication, ETAA 2020, Surrey, United Kingdom, 14/09/20. https://doi.org/10.1007/978-3-030-64455-0_6

IFTTT Privacy Checker. / Paci, Federica; Bianchin, Davide; Quintarelli, Elisa et al.

Emerging Technologies for Authorization and Authentication - Third International Workshop, ETAA 2020, Proceedings. ed. / Andrea Saracino; Paolo Mori. Springer, 2020. p. 90-107 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12515 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - IFTTT Privacy Checker

AU - Paci, Federica

AU - Bianchin, Davide

AU - Quintarelli, Elisa

AU - Zannone, Nicola

PY - 2020

Y1 - 2020

N2 - IFTTT is a platform that allows users to create applets for connecting smart devices to online services, or to compose online services, in order to provide customized functionalities in Internet of Things scenarios. Despite their flexibility and ease-of-use, IFTTT applets may create privacy risks for users, who might unknowingly share sensitive information with a wider audience than intended. In this paper, we focus on privacy issues related to the sharing of pictures through IFTTT applets. We propose a framework to detect when IFTTT applets violate user’s privacy, both at design-time and run-time, based on the visibility and sensitivity of shared data. We have realized two prototypes implementing the framework, a browser plugin to detect design-time privacy violations and an online service to detect run-time privacy violations. We evaluate the online service using an IFTTT applet for posting to Twitter new pictures uploaded in Google Drive.

AB - IFTTT is a platform that allows users to create applets for connecting smart devices to online services, or to compose online services, in order to provide customized functionalities in Internet of Things scenarios. Despite their flexibility and ease-of-use, IFTTT applets may create privacy risks for users, who might unknowingly share sensitive information with a wider audience than intended. In this paper, we focus on privacy issues related to the sharing of pictures through IFTTT applets. We propose a framework to detect when IFTTT applets violate user’s privacy, both at design-time and run-time, based on the visibility and sensitivity of shared data. We have realized two prototypes implementing the framework, a browser plugin to detect design-time privacy violations and an online service to detect run-time privacy violations. We evaluate the online service using an IFTTT applet for posting to Twitter new pictures uploaded in Google Drive.

UR - http://www.scopus.com/inward/record.url?scp=85097851432&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-64455-0_6

DO - 10.1007/978-3-030-64455-0_6

M3 - Conference contribution

AN - SCOPUS:85097851432

SN - 9783030644543

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 90

EP - 107

BT - Emerging Technologies for Authorization and Authentication - Third International Workshop, ETAA 2020, Proceedings

A2 - Saracino, Andrea

A2 - Mori, Paolo

PB - Springer

T2 - 3rd International Workshop on Emerging Technologies for Authorization and Authentication, ETAA 2020

Y2 - 14 September 2020 through 18 September 2020

ER -

Paci F, Bianchin D, Quintarelli E, Zannone N. IFTTT Privacy Checker. In Saracino A, Mori P, editors, Emerging Technologies for Authorization and Authentication - Third International Workshop, ETAA 2020, Proceedings. Springer. 2020. p. 90-107. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-64455-0_6

IFTTT Privacy Checker

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this