{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,10]],"date-time":"2025-09-10T22:22:38Z","timestamp":1757542958988,"version":"3.40.3"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030629731"},{"type":"electronic","value":"9783030629748"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-62974-8_13","type":"book-chapter","created":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T13:10:38Z","timestamp":1606223438000},"page":"217-233","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["A Framework for Estimating Privacy Risk Scores of Mobile Apps"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9307-2358","authenticated-orcid":false,"given":"Kai Chih","family":"Chang","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0415-5814","authenticated-orcid":false,"given":"Razieh Nokhbeh","family":"Zaeem","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2906-6583","authenticated-orcid":false,"given":"K. Suzanne","family":"Barber","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,11,25]]},"reference":[{"key":"13_CR1","unstructured":"Google Play. https:\/\/play.google.com\/store"},{"key":"13_CR2","unstructured":"Immuniweb\u00ae Mobile App Scanner. https:\/\/www.htbridge.com"},{"key":"13_CR3","unstructured":"Itap Report 2019. Tech. rep., Center for Identity, University of Texas at Austin (2019)"},{"key":"13_CR4","doi-asserted-by":"publisher","unstructured":"Agarwal, Y., Hall, M.: ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing, pp. 97\u2013110 (June 2013). https:\/\/doi.org\/10.1145\/2462456.2464460","DOI":"10.1145\/2462456.2464460"},{"key":"13_CR5","doi-asserted-by":"publisher","unstructured":"Au, K., Zhou, Y., Huang, Z., Gill, P., Lie, D.: Short paper: a look at smartphone permission models. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (October 2011). https:\/\/doi.org\/10.1145\/2046614.2046626","DOI":"10.1145\/2046614.2046626"},{"key":"13_CR6","doi-asserted-by":"crossref","unstructured":"Chang, K.C., Zaeem, R.N., Barber, K.S.: Enhancing and evaluating identity privacy and authentication strength by utilizing the identity ecosystem. In: Proceedings of the 2018 Workshop on Privacy in the Electronic Society, pp. 114\u2013120. ACM (2018)","DOI":"10.1145\/3267323.3268964"},{"key":"13_CR7","unstructured":"Chang, K.C., Zaeem, R.N., Barber, K.S.: Internet of Things: securing the identity by analyzing ecosystem models of devices and organizations. In: 2018 AAAI Spring Symposium Series (2018)"},{"key":"13_CR8","doi-asserted-by":"crossref","unstructured":"Chen, C.J., Zaeem, R.N., Barber, K.S.: Statistical analysis of identity risk of exposure and cost using the ecosystem of identity attributes. In: 2019 European Intelligence and Security Informatics Conference (EISIC), pp. 32\u201339. IEEE (2019)","DOI":"10.1109\/EISIC49498.2019.9108859"},{"issue":"e1","key":"13_CR9","doi-asserted-by":"publisher","first-page":"e28","DOI":"10.1136\/amiajnl-2013-002605","volume":"22","author":"T Dehling","year":"2014","unstructured":"Dehling, T., Sunyaev, A., Taylor, P.L., Mandl, K.D.: Availability and quality of mobile health app privacy policies. J. Am. Med. Inform. Assoc. 22(e1), e28\u2013e33 (2014). https:\/\/doi.org\/10.1136\/amiajnl-2013-002605","journal-title":"J. Am. Med. Inform. Assoc."},{"issue":"2","key":"13_CR10","doi-asserted-by":"publisher","first-page":"5:1","DOI":"10.1145\/2619091","volume":"32","author":"W Enck","year":"2014","unstructured":"Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32(2), 5:1\u20135:29 (2014). https:\/\/doi.org\/10.1145\/2619091","journal-title":"ACM Trans. Comput. Syst."},{"key":"13_CR11","doi-asserted-by":"publisher","unstructured":"Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, pp. 627\u2013638. Association for Computing Machinery, New York (2011). https:\/\/doi.org\/10.1145\/2046707.2046779","DOI":"10.1145\/2046707.2046779"},{"key":"13_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1007\/978-3-642-30921-2_17","volume-title":"Trust and Trustworthy Computing","author":"C Gibler","year":"2012","unstructured":"Gibler, C., Crussell, J., Erickson, J., Chen, H.: AndroidLeaks: automatically detecting potential privacy leaks in Android applications on a large scale. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291\u2013307. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-30921-2_17"},{"key":"13_CR13","unstructured":"Harkous, H., Fawaz, K., Lebret, R., Schaub, F., Shin, K.G., Aberer, K.: Polisis: automated analysis and presentation of privacy policies using deep learning. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 531\u2013548. USENIX Association, Baltimore (August 2018). https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/harkous"},{"key":"13_CR14","unstructured":"Harris, K.D.: Privacy on the go. Tech. rep., California Department of Justice (2013)"},{"key":"13_CR15","unstructured":"Hart, K.: Privacy policies are read by an aging few. Tech. rep. (2019)"},{"key":"13_CR16","doi-asserted-by":"publisher","unstructured":"Hornyack, P., Han, S., Jung, J., Schechter, S., Wetherall, D.: These aren\u2019t the droids you\u2019re looking for: retrofitting android to protect data from imperious applications. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, pp. 639\u2013652. ACM, New York (2011). https:\/\/doi.org\/10.1145\/2046707.2046780","DOI":"10.1145\/2046707.2046780"},{"issue":"7","key":"13_CR17","doi-asserted-by":"publisher","first-page":"3216","DOI":"10.1109\/TII.2017.2789219","volume":"14","author":"J Li","year":"2018","unstructured":"Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine-learning-based Android malware detection. IEEE Trans. Ind. Inform. 14(7), 3216\u20133225 (2018)","journal-title":"IEEE Trans. Ind. Inform."},{"key":"13_CR18","doi-asserted-by":"crossref","unstructured":"Liau, D., Zaeem, R.N., Barber, K.S.: Evaluation framework for future privacy protection systems: a dynamic identity ecosystem approach. In: 2019 17th International Conference on Privacy, Security and Trust (PST), pp. 1\u20133. IEEE (2019)","DOI":"10.1109\/PST47121.2019.8949059"},{"issue":"1","key":"13_CR19","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1108\/19355181200200001","volume":"17","author":"C Liu","year":"2002","unstructured":"Liu, C., Arnett, K.P.: An examination of privacy policies in fortune 500 web sites. Am. J. Bus. 17(1), 13\u201322 (2002). https:\/\/doi.org\/10.1108\/19355181200200001","journal-title":"Am. J. Bus."},{"issue":"4","key":"13_CR20","first-page":"169","volume":"13","author":"R Nokhbeh Zaeem","year":"2017","unstructured":"Nokhbeh Zaeem, R., Barber, K.S.: A study of web privacy policies across industries. J. Inf. Priv. Secur. 13(4), 169\u2013185 (2017)","journal-title":"J. Inf. Priv. Secur."},{"key":"13_CR21","doi-asserted-by":"crossref","unstructured":"Zaeem, R.N., Budalakoti, S., Barber, K.S., Rasheed, M., Bajaj, C.: Predicting and explaining identity risk, exposure and cost using the ecosystem of identity attributes. In: 2016 IEEE International Carnahan Conference on Security Technology (ICCST), pp. 1\u20138. IEEE (2016)","DOI":"10.1109\/CCST.2016.7815701"},{"key":"13_CR22","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1016\/j.invent.2018.12.001","volume":"15","author":"K O\u2019Loughlin","year":"2019","unstructured":"O\u2019Loughlin, K., Neary, M., Adkins, E.C., Schueller, S.M.: Reviewing the data security and privacy policies of mobile apps for depression. Internet Interv. 15, 110\u2013115 (2019). https:\/\/doi.org\/10.1016\/j.invent.2018.12.001. http:\/\/www.sciencedirect.com\/science\/article\/pii\/S2214782918300460","journal-title":"Internet Interv."},{"key":"13_CR23","doi-asserted-by":"crossref","unstructured":"Petkos, G., Papadopoulos, S., Kompatsiaris, Y.: PScore: a framework for enhancing privacy awareness in online social networks. In: 2015 10th International Conference on Availability, Reliability and Security, pp. 592\u2013600 (2015)","DOI":"10.1109\/ARES.2015.80"},{"key":"13_CR24","doi-asserted-by":"crossref","unstructured":"Rana, R., Zaeem, R.N., Barber, K.S.: Us-centric vs. international personally identifiable information: a comparison using the UT CID identity ecosystem. In: 2018 International Carnahan Conference on Security Technology (ICCST), pp. 1\u20135. IEEE (2018)","DOI":"10.1109\/CCST.2018.8585479"},{"key":"13_CR25","unstructured":"Raoa, A., et al.: Using the middle to meddle with mobile. Tech. rep., Northeastern University (2013)"},{"key":"13_CR26","doi-asserted-by":"crossref","unstructured":"Wijesekera, P., et al.: The feasibility of dynamically granted permissions: aligning mobile privacy with user preferences. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 1077\u20131093 (2017)","DOI":"10.1109\/SP.2017.51"},{"key":"13_CR27","doi-asserted-by":"crossref","unstructured":"Zaeem, R.N., Barber, K.S.: The effect of the GDPR on privacy policies: recent progress and future promise. ACM Trans. Manag. Inf. Syst. (2020). to Appear","DOI":"10.1145\/3389685"},{"issue":"4","key":"13_CR28","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3127519","volume":"18","author":"RN Zaeem","year":"2018","unstructured":"Zaeem, R.N., German, R.L., Barber, K.S.: PrivacyCheck: automatic summarization of privacy policies using data mining. ACM Trans. Internet Technol. 18(4), 1\u201318 (2018). https:\/\/doi.org\/10.1145\/3127519","journal-title":"ACM Trans. Internet Technol."},{"key":"13_CR29","doi-asserted-by":"crossref","unstructured":"Zaeem, R.N., Manoharan, M., Barber, K.S.: Risk kit: highlighting vulnerable identity assets for specific age groups. In: 2016 European Intelligence and Security Informatics Conference (EISIC), pp. 32\u201338. IEEE (2016)","DOI":"10.1109\/EISIC.2016.014"},{"key":"13_CR30","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1016\/j.cose.2016.11.002","volume":"65","author":"RN Zaeem","year":"2017","unstructured":"Zaeem, R.N., Manoharan, M., Yang, Y., Barber, K.S.: Modeling and analysis of identity threat behaviors through text mining of identity theft stories. Comput. Secur. 65, 50\u201363 (2017)","journal-title":"Comput. Secur."},{"issue":"1","key":"13_CR31","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1111\/joca.12191","volume":"53","author":"J Zaiss","year":"2019","unstructured":"Zaiss, J., Nokhbeh Zaeem, R., Barber, K.S.: Identity threat assessment and prediction. J. Consum. Aff. 53(1), 58\u201370 (2019). https:\/\/doi.org\/10.1111\/joca.12191","journal-title":"J. Consum. Aff."},{"key":"13_CR32","doi-asserted-by":"publisher","unstructured":"Zhu, H., Xiong, H., Ge, Y., Chen, E.: Mobile app recommendations with security and privacy awareness. In: Proceedings of the 20th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2014, pp. 951\u2013960. Association for Computing Machinery, New York (2014). https:\/\/doi.org\/10.1145\/2623330.2623705","DOI":"10.1145\/2623330.2623705"},{"key":"13_CR33","doi-asserted-by":"crossref","unstructured":"Zuo, C., Lin, Z., Zhang, Y.: Why does your data leak? Uncovering the data leakage in cloud from mobile apps. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 1296\u20131310 (2019)","DOI":"10.1109\/SP.2019.00009"}],"container-title":["Lecture Notes in Computer Science","Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-62974-8_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,15]],"date-time":"2021-04-15T03:54:57Z","timestamp":1618458897000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-62974-8_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030629731","9783030629748"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-62974-8_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"25 November 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bali","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Indonesia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 December 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"isw2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/isc2020.petra.ac.id\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"87","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}