Ala'a Al-Momani, F. Kargl, R. Schmidt, A. Kung, Christoph Bösch
{"title":"A Privacy-Aware V-Model for Software Development","authors":"Ala'a Al-Momani, F. Kargl, R. Schmidt, A. Kung, Christoph Bösch","doi":"10.1109/SPW.2019.00028","DOIUrl":null,"url":null,"abstract":"After the adoption of new data protection regulations, like GDPR, proper treatment of privacy throughout the system development lifecycle has become a must. In this paper, we discuss several aspects to more easily and effectively integrate privacy engineering in system development and how to bring the notion of privacy-by-design into practice. We propose the new W-model as a privacy-aware extension of the V-model frequently used in software engineering. One stage of the W-model deals with analyzing privacy in the system where privacy engineers conduct a privacy impact assessment in order to elicit privacy threats and to find a suitable countermeasure to remedy each threat. With respect to finding suitable countermeasures, we provide requirements the countermeasures need to meet in order to be selected. In addition, we introduce a cost function that assists privacy engineers in selecting the most suitable countermeasure. Furthermore, we point out several open issues that future work needs to address.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"135 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE Security and Privacy Workshops (SPW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPW.2019.00028","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 12
Abstract
After the adoption of new data protection regulations, like GDPR, proper treatment of privacy throughout the system development lifecycle has become a must. In this paper, we discuss several aspects to more easily and effectively integrate privacy engineering in system development and how to bring the notion of privacy-by-design into practice. We propose the new W-model as a privacy-aware extension of the V-model frequently used in software engineering. One stage of the W-model deals with analyzing privacy in the system where privacy engineers conduct a privacy impact assessment in order to elicit privacy threats and to find a suitable countermeasure to remedy each threat. With respect to finding suitable countermeasures, we provide requirements the countermeasures need to meet in order to be selected. In addition, we introduce a cost function that assists privacy engineers in selecting the most suitable countermeasure. Furthermore, we point out several open issues that future work needs to address.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
