Towards a Principled Approach for Engineering Privacy by Design

@inproceedings{Alshammari2017TowardsAP,
  title={Towards a Principled Approach for Engineering Privacy by Design},
  author={Majed Alshammari and Andrew C. Simpson},
  booktitle={APF},
  year={2017}
}
Privacy by Design has emerged as a proactive approach for embedding privacy into the early stages of the design of information and communication technologies, but it is no ‘silver bullet’. Challenges involved in engineering Privacy by Design include a lack of holistic and systematic methodologies that address the complexity and variability of privacy issues and support the translation of its principles into engineering activities. A consequence is that its principles are given at a high level… 

Privacy Architectural Strategies: An Approach for Achieving Various Levels of Privacy Protection

TLDR
This work presents an engineering approach to Privacy by Design that uses the concept of architectural strategies to support the adoption of PETs in the early stages of the design process to achieve various levels of privacy protection.

Rethinking the Proposition of Privacy Engineering

TLDR
The assumptions that underpin privacy engineering are examined, linking them to shortcomings and open questions, and possible research avenues that may give rise to alternative frameworks are explored.

A Systematic Mapping Study on Privacy by Design in Software Engineering

TLDR
The findings suggest that PbD in software engineering is still an immature field and that there is a need for privacyaware approaches for software engineering and their validation in industrial settings.

Privacy Engineering Methodologies: A survey

  • Y. Al-Slais
  • Computer Science
    2020 International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT)
  • 2020
TLDR
A survey of academic publications discussing the current privacy engineering methodologies finds a significant increase in publications after the official implementation of GDPR and proposes a taxonomy based on the theoretical backgrounds and origin of methodology (security-based or privacy-friendly).

Extending ISO/IEC 29110 Basic Profile with Privacy-by-Design Approach: A Case Study in the Health Care Sector

TLDR
An integration of PbD goals into the ISO/IEC 29110 Basic profile for small software development organizations was presented and the most frequently encountered privacy goals as well as privacy addressing practices from previous methodological proposals were taken into account.

A Privacy-Aware V-Model for Software Development

TLDR
This paper proposes the new W-model as a privacy-aware extension of the V-model frequently used in software engineering, and introduces a cost function that assists privacy engineers in selecting the most suitable countermeasure.

SPARTA: Security & Privacy Architecture Through Risk-Driven Threat Assessment

TLDR
The presented SPARTA prototype facilitates the consideration of security and privacy by providing support for capturing and continuously assessing the impact ofSecurity and privacy design decisions on the elicited threats, the progress towards securing the system can be assessed and alternatives can be compared, taking into account past and present design decisions.

Poster: Knowledge-Enriched Security and Privacy Threat Modeling

TLDR
This work facilitates the simultaneous consideration of these dimensions by integrating support for threat modeling, risk analysis, and design decisions, thereby prioritizing threats based on their estimated risk and providing decision support in the mitigation, acceptance, or transferral of risk for the system under design.

Privacy framework for context-aware robot development

TLDR
A privacy framework as a feasible approach to consider security and privacy issues as a basis is provided and employed privacy methodologies are showcased in a use case of a robot as an interaction partner contrasting two different use case scenarios to encourage the importance of context awareness.

Knowledge-enriched security and privacy threat modeling

TLDR
This work facilitates the simultaneous consideration of these dimensions by integrating support for threat modeling, risk analysis, and design decisions, thereby prioritizing threats based on their estimated risk and providing decision support in the mitigation, acceptance, or transferral of risk for the system under design.

References

SHOWING 1-10 OF 74 REFERENCES

Engineering Privacy by Design

TLDR
This paper argues that engineering systems according to the privacy by design principles requires the development of generalizable methodologies that build upon the principle of data minimization, and presents a summary of two case studies in which privacy is achieved by minimizing different types of data.

Engineering Privacy

TLDR
The paper uses a three-layer model of user privacy concerns to relate them to system operations and examine their effects on user behavior, and develops guidelines for building privacy-friendly systems.

Addressing privacy requirements in system design: the PriS method

TLDR
PriS is described, a security requirements engineering method, which incorporates privacy requirements early in the system development process and provides a holistic approach from ‘high-level’ goals to ‘privacy-compliant’ IT systems.

PRIPARE: Integrating Privacy Best Practices into a Privacy Engineering Methodology

TLDR
This paper reviews existing best practices in the analysis and design stages of the system development lifecycle, introduces a systematic methodology for privacy engineering that merges and integrates them, leveraging their best features whilst addressing their weak points, and describes its alignment with current standardization efforts.

Privacy Design Strategies

TLDR
These strategies help IT architects to support privacy by design early in the software development life cycle, during concept development and analysis and provide a useful classification of privacy design patterns and the underlying privacy enhancing technologies.

Top 10 Mistakes in System Design from a Privacy Perspective and Privacy Protection Goals

TLDR
The concept of linkage control as an essence of privacy is introduced and three complementing privacy protection goals – unlinkability, transparency and intervenability – are proposed.

A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements

TLDR
This paper presents a comprehensive framework to model privacy threats in software-based systems and provides an extensive catalog of privacy-specific threat tree patterns that can be used to detail the threat analysis outlined above.

A Critical Analysis of Privacy Design Strategies

TLDR
This paper helps bridge the gap between data protection requirements set out in law, and system development practice, and suggests an additional level of abstraction between strategies and privacy patterns: 'tactics'.

The Privacy Engineers Manifesto: Getting from Policy to Code to QA to Value

TLDR
The team of experts offers thoughts about the information revolution that has only just begun, and how the authors can live in a world of sensors and trillions of data points without losing their ethics or value(s)...and even have a little fun.

Privacy by Design and the New Protection Goals

TLDR
The “New Protection Goals” claim no less than to turn data protection into a modern, proactive and operational tool by introducing six elementary protection goals which are related to each other and which are meant to be applicable universally.
...