The Odyssey: Modeling Privacy Threats in a Brave New World

Rafa Gálvez, Seda Gurses
{"title":"The Odyssey: Modeling Privacy Threats in a Brave New World","authors":"Rafa Gálvez, Seda Gurses","doi":"10.1109/EuroSPW.2018.00018","DOIUrl":null,"url":null,"abstract":"In the upcoming General Data Protection Regulation (GDPR), privacy by design and privacy impact assessments are given an even more prominent role than before. It is now required that companies build privacy into the core of their technical products. Recently, researchers and industry players have proposed employing threat modeling methods, traditionally used in security engineering, as a way to bridge these two GDPR requirements in the process of engineering systems. Threat modeling, however, typically assumes a waterfall process and monolithic design, assumptions that are disrupted with the popularization of Agile methodologies and Service Oriented Architectures. Moreover, agile service environments make it easier to address some privacy problems, while complicating others. To date, the challenges of applying threat modeling for privacy in agile service environments remain understudied. This paper sets out to expose and analyze this gap. Specifically, we analyze what challenges and opportunities the shifts in software engineering practice introduce into traditional Threat Modeling activities; how they relate to the different Privacy Goals; and what Agile principles and Service properties have an impact on them. Our results show that both agile and services make the end-toend analysis of applications more difficult. At the same time, the former allows for more efficient communications and iterative progress, while the latter enables the parallelization of tasks and the documentation of some architecture decisions. Additionally, we open a new research avenue pointing to Amazon Macie as an example of Machine Learning applications that aim to provide a solution to the scalability and usability of Privacy Threat Modeling processes.","PeriodicalId":326280,"journal":{"name":"2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"94 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EuroSPW.2018.00018","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 17

Abstract

In the upcoming General Data Protection Regulation (GDPR), privacy by design and privacy impact assessments are given an even more prominent role than before. It is now required that companies build privacy into the core of their technical products. Recently, researchers and industry players have proposed employing threat modeling methods, traditionally used in security engineering, as a way to bridge these two GDPR requirements in the process of engineering systems. Threat modeling, however, typically assumes a waterfall process and monolithic design, assumptions that are disrupted with the popularization of Agile methodologies and Service Oriented Architectures. Moreover, agile service environments make it easier to address some privacy problems, while complicating others. To date, the challenges of applying threat modeling for privacy in agile service environments remain understudied. This paper sets out to expose and analyze this gap. Specifically, we analyze what challenges and opportunities the shifts in software engineering practice introduce into traditional Threat Modeling activities; how they relate to the different Privacy Goals; and what Agile principles and Service properties have an impact on them. Our results show that both agile and services make the end-toend analysis of applications more difficult. At the same time, the former allows for more efficient communications and iterative progress, while the latter enables the parallelization of tasks and the documentation of some architecture decisions. Additionally, we open a new research avenue pointing to Amazon Macie as an example of Machine Learning applications that aim to provide a solution to the scalability and usability of Privacy Threat Modeling processes.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
奥德赛:在一个美丽的新世界中建模隐私威胁
在即将出台的《通用数据保护条例》(GDPR)中,隐私设计和隐私影响评估被赋予了比以往更加突出的作用。现在要求公司将隐私植入其技术产品的核心。最近,研究人员和行业参与者提出采用传统上用于安全工程的威胁建模方法,作为在工程系统过程中连接这两个GDPR要求的一种方法。然而,威胁建模通常假设瀑布流程和整体设计,这些假设随着敏捷方法和面向服务的体系结构的普及而被打破。此外,敏捷服务环境使解决某些隐私问题变得更容易,而使其他问题复杂化。到目前为止,在敏捷服务环境中为隐私应用威胁建模的挑战仍然没有得到充分的研究。本文旨在揭示和分析这一差距。具体来说,我们分析了软件工程实践的变化给传统的威胁建模活动带来的挑战和机遇;它们与不同隐私目标之间的关系;以及敏捷原则和服务属性对它们的影响。我们的结果表明,敏捷和服务都使应用程序的端到端分析变得更加困难。同时,前者允许更有效的通信和迭代过程,而后者允许任务的并行化和一些体系结构决策的文档化。此外,我们开辟了一条新的研究途径,将亚马逊Macie作为机器学习应用程序的一个例子,旨在为隐私威胁建模过程的可扩展性和可用性提供解决方案。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
FP -TESTER : Automated Testing of Browser Fingerprint Resilience The Secret Processor Will Go to the Ball: Benchmark Insider-Proof Encrypted Computing The Impact of Uncle Rewards on Selfish Mining in Ethereum Privacy Compliance Via Model Transformations Inferring OpenVPN State Machines Using Protocol State Fuzzing
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1