Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

IFIP PrimeLife International Summer School on Privacy and Identity Management for Life

Privacy and Identity 2010: Privacy and Identity Management for Life pp 283–296Cite as

  1. Home
  2. Privacy and Identity Management for Life
  3. Conference paper
A Decision Support System for Design for Privacy

A Decision Support System for Design for Privacy

  • Siani Pearson6 &
  • Azzedine Benameur6 
  • Conference paper

  • 1349 Accesses

  • 4 Citations

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT,volume 352)

Abstract

Privacy is receiving increased attention from both consumers, who are concerned about how they are being tracked and profiled, and regulators, who are introducing stronger penalties and encouragements for organizations to comply with legislation and to carry out Privacy Impact Assessments (PIAs). These concerns are strengthened as usage of internet services, cloud computing and social networking spread. Therefore companies have to take privacy requirements into account just as they previously had to do this for security. While security mechanisms are relatively mature, system and product developers are not often provided with concrete suggestions from a privacy angle. This can be a problem because developers do not usually possess privacy expertise. In this paper we argue that it would be useful to move beyond current best practice – where a set of searchable privacy guidelines may be provided to developers – to automated support to software developers in early phases of software development. Specifically, our proposal is a decision support system for design for privacy focused on privacy by policy, to be integrated into the development environment. We have implemented a proof of concept and are extending this work to incorporate state-of-the art consent mechanisms derived from the EnCoRe (Ensuring Consent and Revocation) project [1].

Keywords

  • Decision Support
  • Expert System
  • Patterns
  • Privacy
  • Software engineering

Chapter PDF

Download to read the full chapter text

References

  1. The EnCoRe project: Ensuring Consent and Revocation (2008), http://www.encore-project.info

  2. Microsoft Corporation, “Privacy Guidelines for Developing Software Products and Services”, Version 2.1a (April 26, 2007)

    Google Scholar 

  3. Information Commissioners Office, “Privacy by Design”, Report (November 2008), http://www.ico.gov.uk

  4. Spiekermann, S., Cranor, L.: Engineering Privacy. IEEE Transactions on Software Engineeing 35(1) (January/February 2009)

    Google Scholar 

  5. Cannon, J.C.: Privacy: What Developers and IT Professionals Should Know. Addison Wesley, Reading (2004)

    Google Scholar 

  6. Patrick, A., Kenny, S.: From Privacy Legislation to Interface Design: Implementing Information Privacy in Human-Computer Interactions. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, pp. 107–124. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  7. Belloti, V., Sellen, A.: Design for Privacy in Ubiquitous Computing Environments. In: Proc. 3rd conference on European Conference on Computer-Supported Cooperative Work, pp. 77–92 (1993)

    Google Scholar 

  8. Information Commissioner‘s Office, PIA handbook (2007), http://www.ico.gov.uk/

  9. Office of the Privacy Commissioner of Canada, “Privacy impact assessments”, Fact Sheet (2007), http://www.privcom.gc.ca/

  10. Information Commissioners Office, “Privacy by Design”. Report (2008), http://www.ico.gov.uk

  11. Jutla, D.N., Bodorik, P.: Sociotechnical architecture for online privacy. IEEE Security and Privacy 3(2), 29–39 (2005)

    CrossRef  Google Scholar 

  12. Spiekermann, S., Cranor, L.F.: Engineering privacy. IEEE Transactions on Software Engineering, 1–42 (2008)

    Google Scholar 

  13. Alexander, C., Ishikawa, S., Silverstein, M., Jacobson, M., Fiksdahl-King, I., Angel, S.: A Pattern Language: Towns, Buildings, Construction. Oxford University Press, Oxford (1977)

    Google Scholar 

  14. Hafiz, M.: A collection of privacy design patterns. In: Pattern Languages of Programs, pp. 1–13. ACM, New York (2006)

    Google Scholar 

  15. Dicodess: Open Source Model-Driven DSS Generator (2009), http://dicodess.sourceforge.net

  16. XpertRule: Knowledge Builder (2009), http://www.xpertrule.com/pages/info_kb.htm

  17. Lumenaut: Decision Tree Package (2009), http://www.lumenaut.com/decisiontree.htm

  18. OC1 Oblique Classifier 1 (2009), http://www.cbcb.umd.edu/~salzberg/announce-oc1.html

  19. Pearson, S., Sander, T., Sharma, R.: Privacy Management for Global Organizations. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., Roudier, Y. (eds.) DPM 2009. LNCS, vol. 5939, pp. 9–17. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  20. SERENITY: System Engineering for Security and Dependability (2009), http://www.serenity-project.org

  21. Kokolakis, S., Rizomiliotis, P., Benameur, A., Kumar Sinha, S.: Security and Dependability Solutions for Web Services and Workflows: A Patterns Approach. In: Security and Dependability for Ambient Intelligence. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  22. Benameur, A., Fenet, S., Saidane, A., Khumar Sinha, S.: A Pattern-Based General Security Framework: An eBusiness Case Study, HPCC, Seoul, Korea (2009)

    Google Scholar 

  23. Delessy, N.A., d Fernandez, E.B.: A Pattern-Driven Security Process for SOA Applications. In: ARES, pp. 416–421 (2008)

    Google Scholar 

  24. Lobato, L.L., d Fernandez, E.B., Zorzo, S.D.: Patterns to Support the Development of Privacy Policies. In: ARES, pp. 744–774 (2009)

    Google Scholar 

  25. Mendelson, E.: Introduction to Mathematical Logic. D. Van Nostrand Co., New York (1964)

    Google Scholar 

  26. Blackburn, P., de Rijke, M., Venema, Y.: Modal Logic. Cambridge University Press, Cambridge, ISBN 0-521-80200-8

    Google Scholar 

  27. Benferhat, S., Dubois, D., Prade, H.: Towards a possibilistic logic handling of preferences. Applied Intelligence 14(3), 303–317 (2001)

    CrossRef  MATH  Google Scholar 

  28. Bundy, A.: The Computer Modelling of Mathematical Reasoning, 2nd edn. Academic Press, London (1986)

    Google Scholar 

  29. JBoss, Drools (2010), http://www.jboss.org/drools/

  30. Eclipse (2010), http://www.eclipse.org/

  31. W3C, Rule Interchange Form (2010), http://www.w3.org/2005/rules/wiki/RIF_Working_Group

  32. Pearson, S., Rao, P., Sander, T., Parry, A., Paull, A., Patruni, S., Dandamudi-Ratnakar, Sharma, P.: Scalable, Accountable Privacy Management for Large Organizations. In: 2nd International Workshop on Security and Privacy Distributed Computing, Enterprise Distributed Object Conference Workshop, pp. 168–175. IEEE, Los Alamitos (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cloud and Security Lab, Hewlett-Packard, Bristol, UK

    Siani Pearson & Azzedine Benameur

Authors
  1. Siani Pearson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Azzedine Benameur
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Karlstad University, Universitetsgatan 1, 65188, Karlstad, Sweden

    Simone Fischer-Hübner

  2. School of Computing Science, The Burroughs, Middlesex University, NW4 4BE, Hendon, London, UK

    Penny Duquenoy

  3. Independant Centre for Privacy Protection Schleswig-Holstein, Holstenstr. 98, 24103, Kiel, Germany

    Marit Hansen

  4. TILT - Centrum voor Recht, Technologie en Samenleving, Universiteit van Tilburg, Postbus 90153, 5000, Tilburg, LE, The Netherlands

    Ronald Leenes

  5. Department of Computer Science, Karlstad University, Universitetsgatan 2, 65188, Karlstad, Sweden

    Ge Zhang

Rights and permissions

Reprints and Permissions

Copyright information

© 2011 IFIP International Federation for Information Processing

About this paper

Cite this paper

Pearson, S., Benameur, A. (2011). A Decision Support System for Design for Privacy. In: Fischer-Hübner, S., Duquenoy, P., Hansen, M., Leenes, R., Zhang, G. (eds) Privacy and Identity Management for Life. Privacy and Identity 2010. IFIP Advances in Information and Communication Technology, vol 352. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20769-3_23

Download citation

  • .RIS
  • .ENW
  • .BIB

  • DOI: https://doi.org/10.1007/978-3-642-20769-3_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-20768-6

  • Online ISBN: 978-3-642-20769-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

3.238.180.174

Not affiliated

Springer Nature

© 2023 Springer Nature