22:30-23:20: Opening/Keynote - Prof Ali Babar, University of Adelaide, Australia
Title: Privacy Engineering: Enabling Mobility of Mental Health Services with Data Protection
Abstract: Ease of access and reduced wait time coupled with COVID-19 restrictions have resulted in unprecedented demand/use of mobile based mental health services, mHealth. At the same time, there are increased concerns about data privacy risks stimulating questions like “Are Apps Enabling Mobility of Mental Health Services with Data Protection”? However, there is relatively little empirically known about the data privacy issues that may exist in mHealth apps, whose users can be particularly vulnerable. This talk will share the motivation, methodological details and key findings of our research aimed at systematically identifying and understanding data privacy incorporated in mHealth Apps. This talk will enumerate the approaches used for in- depth privacy analysis of 27 apps and what we found. I’ll show how we mapped the findings to the LINDDUN threat taxonomy for ease of understandability of the identified issues such as unnecessary permissions, insecure cryptography implementations and leaks of personal data and credentials in logs and web requests. The talk will end with a few recommendations for different stakeholders of mHealth apps in general and apps developers in particular.
Bio: M. Ali Babar is a Professor in the School of Computer Science, University of Adelaide. He leads a theme on architecture and platform for security as service in CyberSecurity Cooperative Research Centre. Prof Babar has established an interdisciplinary research centre called CREST (Centre for Research on Engineering Software Technologies), where he directs the research, education, and engineering activities of more than 25 researchers and engineers. Prof Babar has attracted more than $12 Millions dollar cash funding from industry/government since 2017. Professor Babar has authored/co-authored more than 270 peer-reviewed research papers at premier Software journals and conferences. Professor Babar obtained a Ph.D. in Computer Science and Engineering from the school of computer science and engineering of University of New South Wales, Australia.
23:20-00:00 - Paper Presentation (Session 1)
Towards Improving the Adoption and Usage of National Digital Identity Systems, Malyun Hilowle (Deakin University), William Yeoh (Deakin University), Marthie Grobler (CSIRO Data61), Graeme Pye (Deakin University), Frank Jiang (Deakin University)
Dancing, not Wrestling: Moving from Compliance to Concordance for Secure Software Development, Debi Ashenden (University of Adelaide), Gail Ollis (University of Portsmouth), Iain Reid (University of Portsmouth)
00:30-01:50 - Paper Presentation (Session 2)
3. Do Regional Variations Affect the CAPTCHA User Experience? A Comparison of CAPTCHAs in China and the United States, Xinyao Ma (Indiana University Bloomington), Zaiqiao Ye (Indiana University Bloomington), Sameer Patil (University of Utah)
4. Simulating cyber security management: A gamified approach to executive decision making, Adam Tonkin (Fivecast), William Kosasih (The University of Adelaide), Marthie Grobler (CSIRO’s Data61), Mehwish Nasim (The University of Western Australia)
5. Towards the Integration of Human Factors in Collaborative Decision Making for Secure Architecture Design, Jason Jaskolka (Department of Systems and Computer Engineering, Carleton University, Canada, Brahim HAMID (IRIT, University of Toulouse, France)
6. Intelligent Code Review Assignment for Large Scale Open Source Software Stacks, Ishan Aryendu (Stevens Institute of Technology), Ying Wang (Stevens Institute of Technology), Farah Elkourdi (Stevens Institute of Technology), Eman Abdullah AlOmar (Stevens Institute of Technology)
01:50-02:00 - Conclusion