A Problem-Based Approach for Computer-Aided Privacy Threat Identification
Recently, there has been an increase of reported privacy threats hitting large software systems. These threats can originate from stakeholders that are part of the system. Thus, it is crucial for software engineers to identify these privacy threats, refine these into privacy requirements, and design solutions that mitigate the threats.
In this paper, we introduce our methodology named Problem-Based Privacy Analysis (ProPAn). The ProPAn method is an approach for identifying privacy threats during the requirements analysis of software systems using problem frame models. Our approach does not rely entirely on the privacy analyst to detect privacy threats, but allows a computer aided privacy threat identification that is derived from the relations between stakeholders, technology, and personal information in the system-to-be.
To capture the environment of the system, e.g., stakeholders and other IT systems, we use problem frames, a requirements engineering approach founded on the modeling of a machine (system-to-be) in its environment (e.g. stakeholders, other software). We define a UML profile for privacy requirements and a reasoning technique that identifies stakeholders, whose personal information are stored or transmitted in the system-to-be and stakeholders from whom we have to protect this personal information. We illustrate our approach using an eHealth scenario provided by the industrial partners of the EU project NESSoS.
Keywordsprivacy threat analysis problem frames requirements engineering
Unable to display preview. Download preview PDF.
- 1.Alebrahim, A., Hatebur, D., Heisel, M.: A method to derive software architectures from quality requirements. In: Thu, T.D., Leung, K. (eds.) Proceedings of the 18th Asia-Pacific Software Engineering Conference (APSEC), pp. 322–330. IEEE Computer Society (2011)Google Scholar
- 2.Asnar, Y., Li, T., Massacci, F., Paci, F.: Computer aided threat identification. In: Proceedings of the 2011 IEEE 13th Conference on Commerce and Enterprise Computing, CEC 2011, pp. 145–152. IEEE Computer Society (2011)Google Scholar
- 3.Atos Origin: Papyrus UML Modelling Tool (February 2011), http://www.papyrusuml.org/
- 4.AT&T and Bell-Labs: Graphviz - Graph Visualization Software (June 2012), http://www.graphviz.org
- 5.Côté, I., Hatebur, D., Heisel, M., Schmidt, H.: UML4PF – a tool for problem-oriented requirements analysis. In: Proceedings of the International Conference on Requirements Engineering (RE), pp. 349–350. IEEE Computer Society (2011)Google Scholar
- 7.Eclipse Foundation: Eclipse - An Open Development Platform (2011), http://www.eclipse.org/
- 8.Eclipse Foundation: Acceleo - transforming models into code (June 2012), http://www.eclipse.org/acceleo/
- 9.EU: Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Tech. rep., European Community(EU) (1995), http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:en:HTML
- 10.Hafiz, M.: A collection of privacy design patterns. In: Proceedings of the 2006 Conference on Pattern Languages of Programs, PLoP 2006, pp. 7:1–7:13. ACM (2006)Google Scholar
- 14.ISO and IEC: Common Criteria for Information Technology Security Evaluation – Part 2 Security functional components. ISO/IEC 15408, International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) (2009)Google Scholar
- 15.Jackson, M.: Problem Frames. Analyzing and structuring software development problems. Addison-Wesley (2001)Google Scholar
- 16.Jackson, M., Zave, P.: Deriving specifications from requirements: an example. In: Proceedings 17th Int. Conf. on Software Engineering, Seattle, USA, pp. 15–24. ACM Press (1995)Google Scholar
- 18.OECD: OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. Tech. rep. Organisation for Economic Co-operation and Development (OECD) (1980), http://www.oecd.org/document/18/0,3746,en_2649_34255_1815186_1_1_1_1,00&&en-USS_01DBC.html
- 19.Westin, A.F.: Privacy and Freedom. Atheneum, New York (1967)Google Scholar