Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Engineering privacy by design: Lessons from the design and implementation of an identity wallet platform
Capgemini Germany, Frankfurt am Main, Germany.
Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).ORCID-id: 0000-0001-6459-8409
Goethe University Frankfurt, Frankfurt am Main, Germany.
Goethe University Frankfurt, Frankfurt am Main, Germany.
2019 (Engelska)Ingår i: Proceedings of the ACM Symposium on Applied Computing, Association for Computing Machinery , 2019, s. 1475-1483Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Applying PbD principles to the design of a system is challenging. We provided our experience and lessons learnt from applying the LINDDUN as a privacy assessment framework in the design of the architecture for a cloud-based identity wallet platform. In this effort, we identified a need to improve LINDDUN in a number of cases, for which we proposed and documented concrete enhancements. We transform LINDDUN from a linear to an iterative process that requires adaptation, introduce the concept of “Constraints” and add a new step in the mitigation of threats. Further, we consider the mitigation strategies of LINDDUN too narrow, and propose other, more practicable ones. Finally, we not only identify further PETs for mitigating privacy threats, but also acknowledge the fact that some threats cannot be effectively mitigated with PETs alone. Thus, we introduce additional mitigation mechanisms besides PETs, introducing especially development guidelines and organizational measures. We demonstrate our enhancements with concrete examples, which could serve also other engineering projects following the PbD paradigm.

Ort, förlag, år, upplaga, sidor
Association for Computing Machinery , 2019. s. 1475-1483
Nyckelord [en]
Data flow diagram, Identity wallet, LINDDUN, Mitigation of risks, PbD, Privacy by design, Privacy risks, Privacy threat modelling, Concretes, Data flow analysis, Data flow graphs, Mathematical transformations, Data flow diagrams, Privacy threats, Risk assessment
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-72516DOI: 10.1145/3297280.3297429Scopus ID: 2-s2.0-85065644021ISBN: 978-1-4503-5933-7 (digital)OAI: oai:DiVA.org:kau-72516DiVA, id: diva2:1324219
Konferens
34th Annual ACM Symposium on Applied Computing, SAC 2019, 8 April 2019 through 12 April 2019
Tillgänglig från: 2019-06-13 Skapad: 2019-06-13 Senast uppdaterad: 2019-10-24Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltextScopus

Personposter BETA

Pulls, Tobias

Sök vidare i DiVA

Av författaren/redaktören
Pulls, Tobias
Av organisationen
Institutionen för matematik och datavetenskap (from 2013)
Datavetenskap (datalogi)

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 32 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf