A Test Process Model to Evaluate Performance Impact of Privacy Protection Solutions

  • Victor Mello UNICAMP
  • Tania Basso UNICAMP
  • Regina Moraes UNICAMP

Resumo


Organizational Information Systems (IS) collect, store, and manage personal information through web applications and services. Due to regulation laws and to protect the privacy of clients, such information must be kept private. Some solutions were developed to protect privacy personal information. Obviously, this additional resource will produce a performance impact and evaluating it is essential to determine the feasibility of the solution. This paper presents a process model to evaluate the performance impact introduced by privacy protection solutions in web applications. Case study shows the tests were useful to identify the conditions in which the solution under evaluation is able to work with minimal performance impact.

Referências

Accenture (2009). “How Global Organizations Approach the Challenge of Protecting Personal Data”. Available: [link]. Accessed: 19-Mar-2014.

Basso, T., Antunes, N., Moraes, R., Vieira, M. (2013). " An XML-Based Policy Model for Access Control in Web Applications". In proceedings of 24th International Conference on Database and Expert Systems Applications - DEXA, pp. 274-288.

Basso, T., Piardi, L., Moraes, R., Jino, M., Vieira, M. (2014). “A Database Framework for Expressing and Enforcing Personal Privacy Preferences.” Paper submitted to The 14th Privacy Enhancing Technologies Symposium – PETS 2014, Amsterdam, Netherlands.

Bertino, E., Lin, D., Jiang, W. (2008) “A Survey of Quantification of Privacy Preserving Data Mining Algorithms”. In: Privacy-Preserving Data Mining, vol. 34, C. C. Aggarwal, P. S. Yu, and A. K. Elmagarmid, Orgs. Springer US, pp. 183–205.

Cate, F.H. (2009). "Security, Privacy, and the Role of Law". Security & Privacy, IEEE, vol.7, no.5, pp. 60,63.

Convergência Digital (2012). “Leia a versão do Marco Civil da Internet que foi ao Plenário da Câmara”. Portal Convergência Digital, 07 de novembro de 2012. Available: em [link]. Accessed: 23-may-2013.

Earp, J. B., Antón, A. I., Member, S., Aiman-smith, L., Stufflebeam, W. H. (2005). “Examining Internet Privacy Policies Within the Context of User Privacy Values”, IEEE Trans. Eng. Manag., vol. 52, pp. 227–237.

Exame (2012). “Facebook pode revelar mais sobre dados recolhidos de usuários”. Available: [link]. Accessed: 24-mar-2014.

Glass, L.; Gresko, R. (2012). "Legislation and Privacy across Borders". International Conference on Privacy, Security, Risk and Trust (PASSAT), 2012 and International Confernece on Social Computing (SocialCom) 2012, pp.807,808.

GloboNews (2012). “Google se envolve em invasão de privacidade na internet”. Available: [link]. Acessed: 24-mar-2014.

Han, P., Maclaurin, A. (2002). "Do consumers really care about online privacy?”, Marketing Manage., vol. 11, no. 1, pp. 35-38.

IETF (2013). “Internet Engineering Task Force (IETF)”. Available: http://www.ietf.org/. Accessed: 17-sep-2013.

Jmeter (2014). “Apache JMeter - Apache JMeterTM”. [Online]. Available: http://jmeter.apache.org/. [Accessed: 09-jan-2014].

Lemos, R. (2013). “Atrasado, Brasil prepara lei de proteção à privacidade”. Folha de São Paulo, 14 de janeiro de 2013. Available: [link]. Accessed: 12-mar-2014.

Molinari, L. (2003). “Testes de Software: Produzindo Sistemas Melhores e Confiáveis”. Editora Érica Ltda, São Paulo.

Myers, G. J. (1979) “The Art of Software Testing”. John Wiley & Sons, Inc, Canada.

Oracle (2014). “Oracle | Hardware and Software, Engineered to Work Together”. Available: http://www.oracle.com/index.html. Accessed: 24-jan-2014.

Perkins, E.; Markel, M. (2004). "Multinational data-privacy laws: an introduction for IT managers". IEEE Transactions on Professional Communication, vol. 47, no.2, pp. 85,94.

Ponemon (2010). “Economic impact of privacy on online behavioral advertising - Benchmark study of Internet marketers and advertisers”. Available: [link]. Accessed: 22-may-2013.

Pressman, R. S. (2009) “Software Engineering: A practitioner's approach”. 7th Edition, MacGraw Hill.

Reay, I., Dick S., Miller. J. (2009). “A large-scale empirical study of P3P privacy policies: Stated actions vs. legal obligations”. ACM Trans. Web 3, 2, Article 6 (April 2009), 34 pages.

R7 Notícias (2014). “Plenário pode votar Marco Civil da internet nesta semana”. Available: [link]. Accessed: 24-mar-2014.

Torres, I (2012). “Um ataque contra a sua privacidade”. Revista IstoÉ, Edição 2240, 11 de outubro de 2012. Available: [link]. Accessed: 23-may-2013.

Torres-Zenteno, A.H., Martins, E., Torres, R. S., Cuaresma, J. E. (2006). “Teste de Desempenho em Aplicações SIG Web”. In: Proc. of The Ibero-American Workshop on Requirements Engineering and Software Environments, La Plata, Argentina.

TPC (2014). “TPC-W - Homepage”. Available: http://www.tpc.org/tpcw/. Accessed: 08-jan-2014.

Truste (2013). “Powering Trust In The Data Economy”. Available: http://www.truste.com/. Accessed: 19-Mar-2014.

Veja (2011). “Vida Digital - Congresso dos EUA vai investigar aplicativo para smartphones que 'rouba' dados pessoais”. Revista Veja, 01 de dezembro de 2011. Available: [link]. Accessed: may-2013.

Veja (2013). “EUA: governo vasculha dados de fontes como Google e Facebook”. Available: [link]. Accessed: 24-mar-2014.

Vieira, M., Madeira, H. (2005). “Towards a security benchmark for database management systems”, in Proceedings, of International Conference on Dependable Systems and Networks, DSN 2005. p p. 592–601.
Publicado
05/05/2014
MELLO, Victor; BASSO, Tania; MORAES, Regina. A Test Process Model to Evaluate Performance Impact of Privacy Protection Solutions. In: WORKSHOP DE TESTES E TOLERÂNCIA A FALHAS (WTF), 15. , 2014, Florianópolis/SC. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2014 . p. 45-58. ISSN 2595-2684. DOI: https://doi.org/10.5753/wtf.2014.22946.