PRIPARE: Integrating Privacy Best Practices into a Privacy Engineering Methodology
| Autor: | Daniel Le Métayer, Antonio Kung, Jose M. Del Alamo, Thibaud Antignac, Nicolás Notario, Alberto Crespo, David Wright, Yod-Samuel Martín, Inga Kroener |
|---|---|
| Přispěvatelé: | ATOS [Barcelona], Universidad Politécnica de Madrid (UPM), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria), Trialog [Paris], Trilateral Research & Consulting, European Project: 610613,EC:FP7:ICT,FP7-ICT-2013-10,PRIPARE(2013), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria) |
| Jazyk: | angličtina |
| Rok vydání: | 2015 |
| Předmět: |
Information privacy
Standardization Privacy by Design Computer science Best practice Methodology Privacy Engineering Privacy Impact Assessment [INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE] Computer security computer.software_genre [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] Requirements Operationalization Privacy Impact Assessment Data Protection Act 1998 System Development Lifecycle Privacy engineering Risk management Informática Telecomunicaciones business.industry Privacy software Risk analysis (engineering) Systems development life cycle business computer |
| Zdroj: | IEEE Security and Privacy Workshops (SPW 2015) | IEEE Security and Privacy Workshops (SPW 2015) | 21/05/2015-22/05/2015 | San Jose, California, EE.UU IEEE Symposium on Security and Privacy Workshops Security and Privacy Workshops (SPW), 2015 IEEE International Workshop on Privacy Engineering (IWPE 2015) International Workshop on Privacy Engineering (IWPE 2015), May 2015, San Jose, CA, United States. pp.8, ⟨10.1109/SPW.2015.22⟩ Archivo Digital UPM Universidad Politécnica de Madrid |
| DOI: | 10.1109/SPW.2015.22⟩ |
| Popis: | International audience; Data protection authorities worldwide have agreed on the value of considering privacy-by-design principles when developing privacy-friendly systems and software. However, on the technical plane, a profusion of privacy-oriented guidelines and approaches coexists, which provides partial solutions to the overall problem and aids engineers during different stages of the system development lifecycle. As a result, engineers find difficult to understand what they should do to make their systems abide by privacy by design, thus hindering the adoption of privacy engineering practices. This paper reviews existing best practices in the analysis and design stages of the system development lifecycle, introduces a systematic methodology for privacy engineering that merges and integrates them, leveraging their best features whilst addressing their weak points, and describes its alignment with current standardization efforts. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|