Michael Colesky, Katerina Demetzou, Lothar Fritsch, Sebastian Herold
{"title":"Helping Software Architects Familiarize with the General Data Protection Regulation","authors":"Michael Colesky, Katerina Demetzou, Lothar Fritsch, Sebastian Herold","doi":"10.1109/ICSA-C.2019.00046","DOIUrl":null,"url":null,"abstract":"The General Data Protection Regulation (GDPR) impacts any information systems that process personal data in or from the European Union. Yet its enforcement is still recent. Organizations under its effect are slow to adopt its principles. One particular difficulty is the low familiarity with the regulation among software architects and designers. The difficulty to interpret the content of the legal regulation at a technical level adds to that. This results in problems in understanding the impact and consequences that the regulation may have in detail for a particular system or project context. In this paper we present some early work and emerging results related to supporting software architects in this situation. Specifically, we target those who need to understand how the GDPR might impact their design decisions. In the spirit of architectural tactics and patterns, we systematically identified and categorized 155 forces in the regulation. These results form the conceptual base for a first prototypical tool. It enables software architects to identify the relevant forces by guiding them through an online questionnaire. This leads them to relevant fragments of the GDPR and potentially relevant privacy patterns. We argue that this approach may help software professionals, in particular architects, familiarize with the GDPR and outline potential paths for evaluation.","PeriodicalId":239999,"journal":{"name":"2019 IEEE International Conference on Software Architecture Companion (ICSA-C)","volume":"65 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Conference on Software Architecture Companion (ICSA-C)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSA-C.2019.00046","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
The General Data Protection Regulation (GDPR) impacts any information systems that process personal data in or from the European Union. Yet its enforcement is still recent. Organizations under its effect are slow to adopt its principles. One particular difficulty is the low familiarity with the regulation among software architects and designers. The difficulty to interpret the content of the legal regulation at a technical level adds to that. This results in problems in understanding the impact and consequences that the regulation may have in detail for a particular system or project context. In this paper we present some early work and emerging results related to supporting software architects in this situation. Specifically, we target those who need to understand how the GDPR might impact their design decisions. In the spirit of architectural tactics and patterns, we systematically identified and categorized 155 forces in the regulation. These results form the conceptual base for a first prototypical tool. It enables software architects to identify the relevant forces by guiding them through an online questionnaire. This leads them to relevant fragments of the GDPR and potentially relevant privacy patterns. We argue that this approach may help software professionals, in particular architects, familiarize with the GDPR and outline potential paths for evaluation.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
