Duaa Alkubaisy
ConfIs: a tool for privacy and security analysis and conflict resolution for supporting GDPR compliance through privacy-by-design.
Alkubaisy, Duaa; Piras, Luca; Al-Obeidallah, Mohammed; Cox, Karl; Mouratidis, Haralambos
Authors
Luca Piras
Mohammed Al-Obeidallah
Karl Cox
Haralambos Mouratidis
Contributors
Ali Raian
Editor
Hermann Kaindl
Editor
Leszek Maciaszek
Editor
Abstract
Privacy and security requirements, and their potential conflicts, are increasingly having more and more importance. It is becoming a necessary part to be considered, starting from the very early stages of requirements engineering, and in the entire software engineering cycle, for the design of any software system. In the last few years, this has been even more emphasized and required by the law. A relevant example is the case of the General Data Protection Regulation (GDPR), which requires organizations, and their software engineers, to enforce and guarantee privacy-by-design to make their platforms compliant with the regulation. In this context, complex activities related to privacy and security requirements elicitation, analysis, mapping and identification of potential conflicts, and the individuation of their resolution, become crucial. In the literature, there is not available a comprehensive requirement engineering oriented tool for supporting the requirements analyst. In this paper, we propose ConfIs, a tool for supporting the analyst in performing a process covering these phases in a systematic and interactive way. We present ConfIs and its process with a realistic example from DEFeND, an EU project aiming at supporting organizations in achieving GDPR compliance. In this context, we evaluated ConfIs by involving privacy/security requirements experts, which recognized our tool and method as supportive, concerning these complex activities.
Citation
ALKUBAISY, D., PIRAS, L., AL-OBEIDALLAH, M.G., COX, K. and MOURATIDIS, H. 2021. ConfIs: a tool for privacy and security analysis and conflict resolution for supporting GDPR compliance through privacy-by-design. In Ali, R., Kaindl, H. and Maciaszek, L. (eds.) Proceedings of 16th Evaluation of novel approaches to software engineering international conference 2021 (ENASE 2021), 26-27 April 2021, [virtual conference]. Setúbal, Portugal: SciTePress [online], pages 80-91. Available from: https://doi.org/10.5220/0010406100800091
Presentation Conference Type | Conference Paper (published) |
---|---|
Conference Name | 16th Evaluation of novel approaches to software engineering international conference 2021 (ENASE 2021), co-located with the 23rd International conference on enterprise information systems 2021 (ICEIS 2021) |
Start Date | Apr 26, 2021 |
End Date | Apr 27, 2021 |
Acceptance Date | Mar 5, 2021 |
Online Publication Date | Apr 27, 2021 |
Publication Date | Apr 30, 2021 |
Deposit Date | Mar 15, 2021 |
Publicly Available Date | Apr 29, 2021 |
Publisher | SciTePress |
Peer Reviewed | Peer Reviewed |
Pages | 80-91 |
Series Title | ENASE proceedings |
Series ISSN | 2184-4895 |
ISBN | 9789897585081 |
DOI | https://doi.org/10.5220/0010406100800091 |
Keywords | Security requirements; Privacy requirements, Requirements conflicts, General data protection regulation (GDPR); Requirements modelling; Privacy by design |
Public URL | https://rgu-repository.worktribe.com/output/1254488 |
Files
ALKUBAISY 2021 ConfIs
(2 Mb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by-nc-nd/4.0/
You might also like
Developing secured android applications by mitigating code vulnerabilities with machine learning.
(2022)
Presentation / Conference Contribution
A framework for privacy and security requirements analysis and conflict resolution for supporting GDPR compliance through privacy-by-design.
(2022)
Presentation / Conference Contribution
Applying acceptance requirements to requirements modeling tools via gamification: a case study on privacy and security.
(2020)
Presentation / Conference Contribution
DEFeND DSM: a data scope management service for model-based privacy by design GDPR compliance.
(2020)
Presentation / Conference Contribution
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search