Next Article in Journal
Measuring Knowledge Management Performance in Organizations: An Integrative Framework of Balanced Scorecard and Fuzzy Evaluation
Next Article in Special Issue
Implementation Support of Security Design Patterns Using Test Templates
Previous Article in Journal
Feature Engineering for Recognizing Adverse Drug Reactions from Twitter Posts
Previous Article in Special Issue
Using Proven Reference Monitor Patterns for Security Evaluation
Open AccessArticle

Computer-Aided Identification and Validation of Privacy Requirements

paluno—The Ruhr Institute for Software Technology, University of Duisburg-Essen, Duisburg 47057, Germany
Author to whom correspondence should be addressed.
Academic Editor: Eduardo B. Fernandez
Information 2016, 7(2), 28;
Received: 15 February 2016 / Revised: 12 May 2016 / Accepted: 21 May 2016 / Published: 26 May 2016
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Privacy is a software quality that is closely related to security. The main difference is that security properties aim at the protection of assets that are crucial for the considered system, and privacy aims at the protection of personal data that are processed by the system. The identification of privacy protection needs in complex systems is a hard and error prone task. Stakeholders whose personal data are processed might be overlooked, or the sensitivity and the need of protection of the personal data might be underestimated. The later personal data and the needs to protect them are identified during the development process, the more expensive it is to fix these issues, because the needed changes of the system-to-be often affect many functionalities. In this paper, we present a systematic method to identify the privacy needs of a software system based on a set of functional requirements by extending the problem-based privacy analysis (ProPAn) method. Our method is tool-supported and automated where possible to reduce the effort that has to be spent for the privacy analysis, which is especially important when considering complex systems. The contribution of this paper is a semi-automatic method to identify the relevant privacy requirements for a software-to-be based on its functional requirements. The considered privacy requirements address all dimensions of privacy that are relevant for software development. As our method is solely based on the functional requirements of the system to be, we enable users of our method to identify the privacy protection needs that have to be addressed by the software-to-be at an early stage of the development. As initial evaluation of our method, we show its applicability on a small electronic health system scenario. View Full-Text
Keywords: privacy; privacy requirements; privacy analysis; requirements engineering; computer-aided software engineering privacy; privacy requirements; privacy analysis; requirements engineering; computer-aided software engineering
Show Figures

Figure 1

MDPI and ACS Style

Meis, R.; Heisel, M. Computer-Aided Identification and Validation of Privacy Requirements. Information 2016, 7, 28.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

Search more from Scilit
Back to TopTop