research-article

Privacy by Design and Software Engineering: a Systematic Literature Review

Authors:

Vinícius Camargo Andrade,

Rhodrigo Deda Gomes,

Sheila Reinehr,

Cinthia Obladen De Almendra Freitas,

Andreia MalucelliAuthors Info & Claims

SBQS '22: Proceedings of the XXI Brazilian Symposium on Software Quality

Article No.: 18, Pages 1 - 10

https://doi.org/10.1145/3571473.3571480

Published: 27 January 2023 Publication History

Abstract

Service providers increasingly collect, process, store, and share data from their users to understand their preferences to make better decisions and make accurate estimates for the delivery of advertisements, products, and services. However, the misuse of personal data puts the privacy of the data subjects at risk. In addition, privacy can directly affect the quality of the software product. In an attempt to minimize these problems, the Privacy by Design approach has been proposed to ensure that privacy requirements are incorporated from the early stages of system development and applied to the entire data lifecycles. Meanwhile, Privacy by Design is often criticized due to its lack of specific methodology and tools capable of translating its principles into practical Software Engineering activities. Therefore, this research aims to investigate, through a systematic literature review, how Privacy by Design principles have been applied in the Software Engineering area. The search retrieved 6046 primary articles, published up to May 2022. After applying the inclusion and exclusion criteria, 75 primary studies were selected for analysis. The results show that there is a lack of models, processes, and tools to support Privacy by Design throughout the software development lifecycle and that it has become more relevant considering the requirements of the General Data Protection Regulation (GDPR).

References

[1]

Amir Shayan Ahmadian, Daniel Strüber, and Jan Jürjens. 2019. Privacy-enhanced system design modeling based on privacy features. In Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing. 1492–1499.

Digital Library

[2]

A Al-Momani, F Kargl, R Schmidt, A Kung, and C Bösch. 2019. A Privacy-Aware V-Model for Software Development. In 2019 IEEE Security and Privacy Workshops (SPW). https://doi.org/10.1109/SPW.2019.00028

[3]

Ibraheem Alharbi, S Zyngier, and C Hodkinson. 2012. An evaluation of the interaction between companies’ privacy practices and user information privacy concerns in the success of electronic commerce. In European, Mediterranean and Middle Eastern Conference on Information Systems.

[4]

Naureen Ali, Dawn Jutla, and Peter Bodorik. 2016. PIP: An injection pattern for inserting privacy patterns and services in software. In Annual Privacy Forum. Springer, 144–157.

[5]

Maha Aljohani, Kirstie Hawkey, and James Blustein. 2016. Proposed privacy patterns for privacy preserving healthcare systems in accord with nova scotia’s personal health information act. In International Conference on Human Aspects of Information Security, Privacy, and Trust. Springer, 91–102.

[6]

Majed Alshammari and Andrew Simpson. 2017. Personal data management: an abstract personal data lifecycle model. In International Conference on Business Process Management. Springer, 685–697.

[7]

Majed Alshammari and Andrew Simpson. 2017. Towards a principled approach for engineering privacy by design. In Annual Privacy Forum. Springer, 161–177.

[8]

Majed Alshammari and Andrew Simpson. 2017. A UML profile for privacy-aware data lifecycle models. In Computer Security. Springer, 189–209.

[9]

Majed Alshammari and Andrew Simpson. 2018. Privacy architectural strategies: an approach for achieving various levels of privacy protection. In Proceedings of the 2018 Workshop on Privacy in the Electronic Society. 143–154.

Digital Library

[10]

Vincent Amankona, Audrey Asante, Michael Opoku, Patrick Ohemeng-Gyaase, Clement Srekumah, Alex K Peprah, and Philip Amankwa-Danquah. 2021. Integrating Privacy-By-Design in e-Health. In 2021 International Conference on Electrical, Computer and Energy Technologies (ICECET). IEEE, 1–7.

[11]

Oshrat Ayalon and Eran Toch. 2021. User-Centered Privacy-by-Design: Evaluating the Appropriateness of Design Prototypes. International Journal of Human-Computer Studies (2021), 102641.

Digital Library

[12]

Maria Teresa Baldassarre, Vita Santa Barletta, Danilo Caivano, and Michele Scalera. 2019. Privacy oriented software development. In International Conference on the Quality of Information and Communications Technology. Springer, 18–32.

[13]

Maria Teresa Baldassarre, Vita Santa Barletta, Danilo Caivano, and Michele Scalera. 2020. Integrating security and privacy in software development. Software Quality Journal 28, 3 (2020), 987–1018.

Digital Library

[14]

Mortaza S Bargh and Sunil Choenni. 2019. Towards Applying Design-Thinking for Designing Privacy-Protecting Information Systems. In 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). IEEE, 196–202.

[15]

Fredrik Blix, Salah Addin Elshekeil, and Saran Laoyookhong. 2017. Data protection by design in systems development: From legal requirements to technical solutions. In 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST). IEEE, 98–103.

[16]

J Efrim Boritz, Won Gyun No, and RP Sundarraj. 2008. Internet privacy in e-commerce: Framework, review, and opportunities for future research. In Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008). IEEE, 204–204.

Digital Library

[17]

Pierre Bourque and Richard E Fairley. 2014. Guide to the Software Engineering Body of Knowledge (Swebok(r)): Version 3.0. Vol. 3. IEEE Computer Society. 348 pages.

[18]

BRASIL. 2018. Lei Geral de Proteção de Dados Pessoais (LGPD). http://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/l13709.htm

[19]

Fei Bu, Nengmin Wang, Bin Jiang, and Qi Jiang. 2021. Motivating information system engineers’ acceptance of Privacy by Design in China: An extended UTAUT model. International Journal of Information Management 60 (2021), 102358.

Digital Library

[20]

Fei Bu, Nengmin Wang, Bin Jiang, and Huigang Liang. 2020. “Privacy by Design” implementation: Information system engineers’ perspective. International Journal of Information Management 53 (2020), 102124.

[21]

Joseph Bugeja and Andreas Jacobsson. 2020. On the Design of a Privacy-Centered Data Lifecycle for Smart Living Spaces. In IFIP International Summer School on Privacy and Identity Management. Springer, 126–141.

[22]

Carole Cadwalladr and Emma Graham-Harrison. 2018. Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach. The guardian 17(2018), 22.

[23]

Julio C Caiza, Yod-Samuel Martín, Jose M Del Alamo, and Danny S Guamán. 2017. Organizing design patterns for privacy: a taxonomy of types of relationships. In Proceedings of the 22nd European Conference on Pattern Languages of Programs. 1–11.

Digital Library

[24]

Ann Cavoukian. 2012. Operationalizing Privacy by Design: A Guide to Implementing. (2012).

[25]

Ann Cavoukian 2009. Privacy by design: The 7 foundational principles. Information and privacy commissioner of Ontario, Canada 5 (2009), 12.

[26]

Ann Cavoukian, Stuart Shapiro, and R Jason Cronk. 2014. Privacy engineering: Proactively embedding privacy, by design. Office of the Information and Privacy Commissioner.

[27]

Krishna Chandramouli, V Fernandez Arguedas, and Ebroul Izquierdo. 2013. Knowledge modeling for privacy-by-design in smart surveillance solution. In 2013 10th IEEE International Conference on Advanced Video and Signal Based Surveillance. IEEE, 171–176.

[28]

Shan Chen and Mary-Anne Williams. 2013. Grounding Privacy-by-Design for information systems. In Pacific Asia Conference on Information Systems. Association of Information Systems, 107.

[29]

Michael Colesky, Julio C Caiza, José M Del Alamo, Jaap-Henk Hoepman, and Yod-Samuel Martín. 2018. A system of privacy patterns for user control. In Proceedings of the 33rd Annual ACM Symposium on Applied Computing. 1150–1156.

Digital Library

[30]

Michael Colesky and Sepideh Ghanavati. 2016. Privacy shielding by design—a strategies case for near-compliance. In 2016 IEEE 24th International Requirements Engineering Conference Workshops (REW). IEEE, 271–275.

[31]

Michael Colesky, Jaap-Henk Hoepman, and Christiaan Hillen. 2016. A critical analysis of privacy design strategies. In 2016 IEEE Security and Privacy Workshops (SPW). IEEE, 33–40.

[32]

Nicholas Confessore. 2018. Cambridge Analytica and Facebook: The scandal and the fallout so far. The New York Times 4(2018), 2018.

[33]

Martin Degeling, Christopher Lentzsch, Alexander Nolte, Thomas Herrmann, and Kai-Uwe Loser. 2016. Privacy by socio-technical design: A collaborative approach for privacy friendly system design. In 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC). IEEE, 502–505.

[34]

Juan Manuel Dodero, Mercedes Rodriguez-Garcia, Iván Ruiz-Rube, and Manuel Palomo-Duarte. 2019. Privacy-preserving reengineering of model-view-controller application architectures using linked data. Journal of Web Engineering 18, 7 (2019), 695–728.

[35]

EU. 2016. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46. Official Journal of the European Union (OJ) 59, 1-88 (2016), 294.

[36]

Noria Foukia, David Billard, and Eduardo Solana. 2016. PISCES: A framework for privacy by design in IoT. In 2016 14th Annual Conference on Privacy, Security and Trust (PST). IEEE, 706–713.

[37]

Rafa Galvez and Seda Gurses. 2018. The odyssey: Modeling privacy threats in a brave new world. In 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 87–94.

[38]

Francesca Rubina Gaudino. 2011. Applied sciences in biomedical and ICT from the perspective of the patient’s right to data privacy and security: turning a zero-sum into a positive-sum game. In Proceedings of the 4th International Symposium on Applied Sciences in Biomedical and Communication Technologies. 1–6.

Digital Library

[39]

Michele Guerriero, Damian A Tamburri, Youssef Ridene, Francesco Marconi, Marcello M Bersani, and Matej Artac. 2017. Towards DevOps for Privacy-by-Design in Data-Intensive Applications: A Research Roadmap. In Proceedings of the 8th ACM/SPEC on International Conference on Performance Engineering Companion. 139–144.

Digital Library

[40]

Irit Hadar, Tomer Hasson, Oshrat Ayalon, Eran Toch, Michael Birnhack, Sofia Sherman, and Arod Balissa. 2018. Privacy by designers: software developers’ privacy mindset. Empirical Software Engineering 23, 1 (2018), 259–289.

Digital Library

[41]

Majid Hatamian. 2020. Engineering privacy in smartphone apps: A technical guideline catalog for app developers. IEEE Access 8(2020), 35429–35445.

[42]

Atsuo Hazeyama, Hironori Washizaki, Nobukazu Yoshioka, Haruhiko Kaiya, and Takao Okubo. 2016. Literature survey on technologies for developing privacy-aware software. In 2016 IEEE 24th International Requirements Engineering Conference Workshops (REW). IEEE, 86–91.

[43]

Tore Hoel, Dai Griffiths, and Weiqin Chen. 2017. The influence of data protection and privacy frameworks on the design of learning analytics systems. In Proceedings of the seventh international learning analytics & knowledge conference. 243–252.

Digital Library

[44]

Jaap-Henk Hoepman. 2014. Privacy design strategies. In IFIP International Information Security Conference. Springer, 446–459.

[45]

Rainer Hörbe and Walter Hötzendorfer. 2015. Privacy by design in federated identity management. In 2015 IEEE Security and Privacy Workshops. IEEE, 167–174.

Digital Library

[46]

ISO Iso. 2001. Iec 9126-1: Software engineering-product quality-part 1: Quality model. Geneva, Switzerland: International Organization for Standardization 21(2001).

[47]

ISO/IEC 25000. 2014. ISO/IEC 25000 – Systems and Software Engineering — Systems and Software Quality Requirements and Evaluation (SQuaRE) — Guide to SQuaRE. Geneva, Switzerland. 27 pages.

[48]

ISO/IEC 27701. 2019. Security techniques – Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management – Requirements and guidelines.International Organization for Standardization.

[49]

Dawn N Jutla, Peter Bodorik, and Sohail Ali. 2013. Engineering privacy for big data apps with the unified modeling language. In 2013 IEEE International Congress on Big Data. IEEE, 38–45.

Digital Library

[50]

Barbara Kitchenham and Stuart Charters. 2007. Guidelines for performing systematic literature reviews in software engineering. (2007).

[51]

Ella Kolkowska. 2015. Privacy principles in design of smart homes systems in elderly care. In International Conference on Human Aspects of Information Security, Privacy, and Trust. Springer, 526–537.

Digital Library

[52]

Martin Kost, Johann-Christoph Freytag, Frank Kargl, and Antonio Kung. 2011. Privacy verification using ontologies. In 2011 Sixth International Conference on Availability, Reliability and Security. IEEE, 627–632.

Digital Library

[53]

Antonio Kung. 2014. PEARs: privacy enhancing architectures. In Annual Privacy Forum. Springer, 18–29.

[54]

Antonio Kung, Johann-Christoph Freytag, and Frank Kargl. 2011. Privacy-by-design in its applications. In 2011 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks. IEEE, 1–6.

Digital Library

[55]

Antonio Kung, Christophe Jouvray, and Fanny Coudert. 2015. SALT frameworks to tackle surveillance and privacy concerns. In 2015 3rd International Conference on Model-Driven Engineering and Software Development (MODELSWARD). IEEE, 665–673.

[56]

J Richard Landis and Gary G Koch. 1977. The measurement of observer agreement for categorical data. biometrics (1977), 159–174.

[57]

Daniel Le Métayer. 2013. Privacy by design: a formal framework for the analysis of architectural choices. In Proceedings of the third ACM conference on Data and application security and privacy. 95–104.

Digital Library

[58]

Jörg Lenhard, Lothar Fritsch, and Sebastian Herold. 2017. A literature study on privacy patterns research. In 2017 43rd Euromicro Conference on Software Engineering and Advanced Applications (SEAA). IEEE, 194–201.

[59]

Yod-Samuel Martín, Jose M Del Alamo, and Juan C Yelmo. 2014. Engineering privacy requirements valuable lessons from another realm. In 2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE). IEEE, 19–24.

[60]

Nazila Gol Mohammadi, Sachar Paulus, Mohamed Bishr, Andreas Metzger, Holger Koennecke, Sandro Hartenstein, and Klaus Pohl. 2013. An Analysis of Software Quality Attributes and Their Contribution to Trustworthiness. In CLOSER. 542–552.

[61]

Miguel Ehécatl Morales-Trujillo and Gabriel Alberto Garcia-Mireles. 2018. Extending ISO/IEC 29110 basic profile with privacy-by-design approach: A case study in the health care sector. In 2018 11th International Conference on the Quality of Information and Communications Technology (QUATIC). IEEE, 56–64.

[62]

Miguel Ehécatl Morales-Trujillo, Gabriel Alberto García-Mireles, Erick Orlando Matla-Cruz, and Mario Piattini. 2019. A Systematic Mapping Study of Privacy by Design in Software Engineering. CLEI Electronic Journal 22, 1 (2019).

[63]

Anthony Morton and M Angela Sasse. 2012. Privacy is a process, not a PET: a theory for effective privacy practice. In Proceedings of the 2012 New Security Paradigms Workshop. 87–104.

Digital Library

[64]

Nicolás Notario, Alberto Crespo, Antonio Kung, Inga Kroener, Daniel Le Métayer, Carmela Troncoso, Jose M Del Alamo, and Yod Samuel Martín. 2014. Pripare: a new vision on engineering privacy and security by design. In Cyber Security and Privacy Forum. Springer, 65–76.

[65]

Nicolás Notario, Alberto Crespo, Yod-Samuel Martín, Jose M Del Alamo, Daniel Le Métayer, Thibaud Antignac, Antonio Kung, Inga Kroener, and David Wright. 2015. PRIPARE: integrating privacy best practices into a privacy engineering methodology. In 2015 IEEE Security and Privacy Workshops. IEEE, 151–158.

Digital Library

[66]

Marie Caroline Oetzel and Sarah Spiekermann. 2012. Privacy-by-design through systematic privacy impact assessment-a design science approach. (2012).

[67]

Gabriel Pedroza, Victor Muntes-Mulero, Yod Samuel Martín, and Guillaume Mockly. 2021. A Model-based approach to realize privacy and data protection by design. In 2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 332–339.

[68]

Mariana Maia Peixoto. 2020. Privacy Requirements Engineering in Agile Software Development: a Specification Method. In REFSQ Workshops.

[69]

Charith Perera, Mahmoud Barhamgi, Arosha K Bandara, Muhammad Ajmal, Blaine Price, and Bashar Nuseibeh. 2020. Designing privacy-aware internet of things applications. Information Sciences 512(2020), 238–257.

Digital Library

[70]

Charith Perera, Ciaran McCormick, Arosha K Bandara, Blaine A Price, and Bashar Nuseibeh. 2016. Privacy-by-design framework for assessing internet of things applications and platforms. In Proceedings of the 6th International Conference on the Internet of Things. 83–92.

Digital Library

[71]

Kai Petersen, Sairam Vakkalanka, and Ludwik Kuzniarz. 2015. Guidelines for conducting systematic mapping studies in software engineering: An update. Information and Software Technology 64 (2015), 1–18.

Digital Library

[72]

Luca Piras, Mohammed Ghazi Al-Obeidallah, Andrea Praitano, Aggeliki Tsohou, Haralambos Mouratidis, Beatriz Gallego-Nicasio Crespo, Jean Baptiste Bernard, Marco Fiorani, Emmanouil Magkos, Andres Castillo Sanz, 2019. DEFeND architecture: a privacy by design platform for GDPR compliance. In International Conference on Trust and Privacy in Digital Business. Springer, 78–93.

Digital Library

[73]

Stefano Righini, Luca Calderoni, and Dario Maio. 2022. A privacy-aware zero interaction smart mobility system. IEEE Access 10(2022), 11924–11937.

[74]

Anna Romanou. 2018. The necessity of the implementation of Privacy by Design in sectors where data protection concerns arise. Computer law & security review 34, 1 (2018), 99–110.

[75]

Mark Rowan and Josh Dehlinger. 2014. Encouraging privacy by design concepts with privacy policy auto-generation in eclipse (page). In Proceedings of the 2014 Workshop on Eclipse Technology eXchange. 9–14.

Digital Library

[76]

Hanne Rygge and Audun Jøsang. 2018. Threat poker: solving security and privacy threats in agile software development. In Nordic Conference on Secure IT Systems. Springer, 468–483.

[77]

Puttakul Sakul-Ung and Sucha Smanchat. 2019. Towards Privacy Framework in Software Development Projects and Applications: An Integrated Framework. In 2019 Research, Invention, and Innovation Congress (RI2C). IEEE, 1–6.

[78]

Gerardo Schneider. 2018. Is privacy by construction possible?. In International Symposium on Leveraging Applications of Formal Methods. Springer, 471–485.

Digital Library

[79]

Farida Habib Semantha, Sami Azam, Bharanidharan Shanmugam, Kheng Cher Yeo, and Abhijith Reddy Beeravolu. 2021. A Conceptual Framework to Ensure Privacy in Patient Record Management System. IEEE Access 9(2021), 165667–165689.

[80]

Awanthika Senarath and Nalin AG Arachchilage. 2018. Why developers cannot embed privacy into software systems? An empirical investigation. In Proceedings of the 22nd International Conference on Evaluation and Assessment in Software Engineering 2018. 211–216.

[81]

Awanthika Senarath, Nalin AG Arachchilage, and Jill Slay. 2017. Designing Privacy for You: A Practical Approach for User-Centric Privacy. In International Conference on Human Aspects of Information Security, Privacy, and Trust. Springer, 739–752.

[82]

Boris Shishkov and Marijn Janssen. 2018. Enforcing context-awareness and privacy-by-design in the specification of information systems. In International Symposium on Business Modeling and Software Design. Springer, 87–111.

[83]

Johanneke Siljee. 2015. Privacy transparency patterns. In Proceedings of the 20th european conference on pattern languages of programs. 1–11.

Digital Library

[84]

Andreia R Silva, Placido R Pinheiro, Adriano B Albuquerque, and Jonatas C Barroso. 2017. Capacidade do Cliente na Solicitação de Requisitos Não-Funcionais. In Anais do XVI Simpósio Brasileiro de Qualidade de Software. SBC, 221–235.

[85]

Sarah Spiekermann. 2012. The challenges of privacy by design. Commun. ACM 55, 7 (2012), 38–40.

Digital Library

[86]

Jovan Stevovic, Eleonora Bassi, Alessio Giori, Fabio Casati, and Giampaolo Armellin. 2015. Enabling privacy by design in medical records sharing. In Reforming European Data Protection Law. Springer, 385–406.

[87]

Jovan Stevovic, Paolo Sottovia, Maurizio Marchese, and Giampaolo Armellin. 2015. BPM Supported Privacy by Design for Cross-Organization Business Processes. In Service-Oriented Computing-ICSOC 2014 Workshops. Springer, 71–83.

[88]

Mohammad Tahaei, Alisa Frik, and Kami Vaniea. 2021. Privacy Champions in Software Teams: Understanding Their Motivations, Strategies, and Challenges. In Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems. 1–15.

Digital Library

[89]

Damian A Tamburri. 2020. Design principles for the General Data Protection Regulation (GDPR): A formal concept analysis and its evaluation. Information Systems 91(2020), 101469.

[90]

Channel 4 News Investigations Team. 2018. Revealed: Cambridge Analytica data on thousands of Facebook users still not deleted. https://www.channel4.com/news/revealed-cambridge-analytica-data/on-thousands-of-facebook-users-still-not-deleted

[91]

Maria Teresa Baldassarre, Vita Santa Barletta, Danilo Caivano, and Antonio Piccinno. 2021. Integrating Security and Privacy in HCD-Scrum. In CHItaly 2021: 14th Biannual Conference of the Italian SIGCHI Chapter. 1–5.

[92]

Binod Vaidya and Hussein T Mouftah. 2018. Protecting the privacy of electricity consumers in the smart city. Transportation and Power Grid in Smart Cities: Communication Networks and Services (2018), 529–554.

[93]

Jeroen van Rest, Daniel Boonstra, Maarten Everts, Martin van Rijn, and Ron van Paassen. 2014. Designing privacy-by-design. In Annual Privacy Forum. Springer, 55–72.

[94]

Konstantina Vemou and Maria Karyda. 2014. Embedding privacy practices in social networking services. In proceedings of the 7th IADIS International Conference Information Systems. 201–208.

[95]

Fatbardh Veseli, Jetzabel Serna Olvera, Tobias Pulls, and Kai Rannenberg. 2019. Engineering privacy by design: lessons from the design and implementation of an identity wallet platform. In Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing. 1475–1483.

Digital Library

[96]

Roel Wieringa, Neil Maiden, Nancy Mead, and Colette Rolland. 2006. Requirements engineering paper classification and evaluation criteria: a proposal and a discussion. Requirements engineering 11, 1 (2006), 102–107.

Cited By

Andrade VRibeiro RCanteri RReinehr SFreitas CMalucelli A(2024)Privacy in Practice: Exploring Concrete Relationships Between Privacy Patterns and Privacy by Design Principles in Software EngineeringAnais do XXVII Congresso Ibero-Americano em Engenharia de Software (CIbSE 2024)10.5753/cibse.2024.28453(271-285)Online publication date: 6-May-2024
https://doi.org/10.5753/cibse.2024.28453
D. Dela Cruz C(2024)Application of Privacy Engineering Techniques in Software Development for the National Privacy CommissionInternational Journal of Innovative Science and Research Technology (IJISRT)10.38124/ijisrt/IJISRT24AUG877(964-978)Online publication date: 29-Aug-2024
https://doi.org/10.38124/ijisrt/IJISRT24AUG877
Ayala-Rivera VPortillo-Dominguez APasquale L(2024)GDPR compliance via software evolutionJournal of Systems and Software10.1016/j.jss.2024.112144216:COnline publication date: 1-Oct-2024
https://dl.acm.org/doi/10.1016/j.jss.2024.112144
Show More Cited By

Index Terms

Privacy by Design and Software Engineering: a Systematic Literature Review
1. Security and privacy
  1. Software and application security

Recommendations

Privacy by Design in Software Engineering: An update of a Systematic Mapping Study
SAC '23: Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing

Since several data protection regulations were enacted in the last couple of years, we aimed to investigate the state-of-the-art of Privacy by Design in Software Engineering. An early Systematic Mapping Study investigated that before the General Data ...
Privacy transparency patterns
EuroPLoP '15: Proceedings of the 20th European Conference on Pattern Languages of Programs

This paper describes two privacy patterns for creating privacy transparency: the Personal Data Table pattern and the Privacy Policy Icons pattern, as well as a full overview of privacy transparency patterns. It is a first step in creating a full set of ...
Privacy in Digital Identity Systems: Models, Assessment, and User Adoption
Electronic Government
Abstract
The use of privacy protection measures is of particular importance for existing and upcoming users’ digital identities. Thus, the recently adopted EU Regulation on Electronic identification and trust services (eIDAS) explicitly allows the use of ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

SBQS '22: Proceedings of the XXI Brazilian Symposium on Software Quality

November 2022

352 pages

ISBN:9781450399999

DOI:10.1145/3571473

Editors:
Edna Dias Canedo
(UnB)
,
Davi Viana
(UFMA)
,
Vinicius Garcia
(UFPE)
,
Carla Bezerra
(UFC)
,
Ismayle de Sousa Santos
(UFC)
,
Bruno Gadelha
(UFAM)
,
Ivan Machado
(UFBA)
,
Sérgio Soares
(UFPE)
,
Uirá Kulesza
(UFRN)
,
Breno de França
(UNICAMP)
,
Tayana Conte
(UFAM)
,
José Carlos Maldonado
(USP-ICMC)
,
Sheila Reinehr
(PUCPR)
,
Andreia Malucelli
(PUCPR)
,
Adriano Bessa Albuquerque
(UNIFOR)
,
Gleison Santos
(UNIRIO)
,
Ivan Machado
(UFBA)
,
Monalessa Perini Barcellos
(UFES)
,
Rodrigo Santos
(UNIRIO)
,
Sheila Reinehr
(PUCPR)
,
Tayana Conte
(UFAM)
,
Crescencio Lima
(IFBA)
,
Danilo Monteiro
(ZUP Innovation)
,
Adriana Damian
(Instituto Eldorado)
,
Larissa Rocha
(UEFS)

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 January 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

SBQS '22

SBQS '22: XXI Brazilian Symposium on Software Quality

November 7 - 10, 2022

Curitiba, Brazil

Acceptance Rates

Overall Acceptance Rate 35 of 99 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
371
Total Downloads

Downloads (Last 12 months)211
Downloads (Last 6 weeks)24

Reflects downloads up to 30 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Andrade VRibeiro RCanteri RReinehr SFreitas CMalucelli A(2024)Privacy in Practice: Exploring Concrete Relationships Between Privacy Patterns and Privacy by Design Principles in Software EngineeringAnais do XXVII Congresso Ibero-Americano em Engenharia de Software (CIbSE 2024)10.5753/cibse.2024.28453(271-285)Online publication date: 6-May-2024
https://doi.org/10.5753/cibse.2024.28453
D. Dela Cruz C(2024)Application of Privacy Engineering Techniques in Software Development for the National Privacy CommissionInternational Journal of Innovative Science and Research Technology (IJISRT)10.38124/ijisrt/IJISRT24AUG877(964-978)Online publication date: 29-Aug-2024
https://doi.org/10.38124/ijisrt/IJISRT24AUG877
Ayala-Rivera VPortillo-Dominguez APasquale L(2024)GDPR compliance via software evolutionJournal of Systems and Software10.1016/j.jss.2024.112144216:COnline publication date: 1-Oct-2024
https://dl.acm.org/doi/10.1016/j.jss.2024.112144
Abomhara MNweke LYayilgan SComparin DTeyras Kde Labriolle S(2024)Enhancing privacy protections in national identification systems: an examination of stakeholders’ knowledge, attitudes, and practices of privacy by designInternational Journal of Information Security10.1007/s10207-024-00905-023:6(3665-3689)Online publication date: 3-Sep-2024
https://doi.org/10.1007/s10207-024-00905-0
Andrade VReinehr SFreitas CMalucelli A(2023)Personal Data Privacy in Software Development Processes: A Practitioner’s Point of View2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom60117.2023.00381(2727-2734)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TrustCom60117.2023.00381
Marchetti ENikghadam-Hojjati SBarata J(2023)Collaborative Network 5.0: By Design Human Values and Human-Centred Based Extended Collaborative NetworksCollaborative Networks in Digitalization and Society 5.010.1007/978-3-031-42622-3_29(415-430)Online publication date: 19-Sep-2023
https://doi.org/10.1007/978-3-031-42622-3_29

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents