Refining Privacy-Aware Data Flow Diagrams

被引:1
|
作者
Alshareef, Hanaa [1 ]
Stucki, Sandro [1 ]
Schneider, Gerardo [2 ]
机构
[1] Chalmers Univ Technol, Gothenburg, Sweden
[2] Univ Gothenburg, Gothenburg, Sweden
来源
SOFTWARE ENGINEERING AND FORMAL METHODS (SEFM 2021) | 2021年 / 13085卷
基金
瑞典研究理事会;
关键词
Privacy by design; DFDs; GDPR; Refinement; REFINEMENT;
D O I
10.1007/978-3-030-92124-8_8
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Privacy, like security, is a non-functional property, yet most software design tools are focused on functional aspects, using for instance Data Flow Diagrams (DFDs). In previous work, a conceptual model was introduced where DFDs were extended into so-called Privacy-Aware Data Flow Diagrams (PA-DFDs) with the aim of adding specific privacy checks to existing DFDs. An implementation to add such automatic checks has also been developed. In this paper, we define the notion of refinement for both DFDs and PA-DFDs as a special type of structure-preserving map (or graph homomorphism). We also provide three algorithms to find, check and transform refinements, and we show that the standard diagram "transform -> refine/refine -> transform" commutes. We have implemented our algorithms in a proof-of-concept tool called DFD Refinery, and have applied it to realistic scenarios.
引用
下载
收藏
页码:121 / 140
页数:20
相关论文
共 50 条
  • [21] A Privacy-Aware Conceptual Model for Handling Personal Data
    Antignac, Thibaud
    Scandariato, Riccardo
    Schneider, Gerardo
    LEVERAGING APPLICATIONS OF FORMAL METHODS, VERIFICATION AND VALIDATION: FOUNDATIONAL TECHNIQUES, PT I, 2016, 9952 : 942 - 957
  • [22] SURFCON: Synonym Discovery on Privacy-Aware Clinical Data
    Wang, Zhen
    Yue, Xiang
    Moosavinasab, Soheil
    Huang, Yungui
    Lin, Simon
    Sun, Huan
    KDD'19: PROCEEDINGS OF THE 25TH ACM SIGKDD INTERNATIONAL CONFERENCCE ON KNOWLEDGE DISCOVERY AND DATA MINING, 2019, : 1578 - 1586
  • [23] Privacy-Aware and Trustworthy Data Aggregation in Mobile Sensing
    Fan, Jingyao
    Li, Qinghua
    Cao, Guohong
    2015 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2015, : 31 - 39
  • [24] Prometheus: Privacy-Aware Data Retrieval on Hybrid Cloud
    Zhou, Zhigang
    Zhang, Hongli
    Du, Xiaojiang
    Li, Panpan
    Yu, Xiangzhan
    2013 PROCEEDINGS IEEE INFOCOM, 2013, : 2643 - 2651
  • [25] PRIVACY-AWARE DATA PROVIDING WEB SERVICES COMPOSITION
    Cherbal, Amin
    Benslimane, Djamal
    ICSOFT 2009: PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON SOFTWARE AND DATA TECHNOLOGIES, VOL 2, 2009, : 167 - +
  • [26] Special issue on secure and privacy-aware data management
    Elena Ferrari
    Murat Kantarcioglu
    Distributed and Parallel Databases, 2014, 32 : 1 - 3
  • [27] Toward Privacy-Aware Healthcare Data Fusion Systems
    Al Jawarneh, Isam Mashhour
    Bellavista, Paolo
    Foschini, Luca
    Montanari, Rebecca
    Berrocal, Javier
    Murillo, Juan M.
    GERONTECHNOLOGY, IWOG 2018, 2019, 1016 : 26 - 37
  • [28] A Framework for Privacy-aware and Secure Decentralized Data Storage
    Aslam, Sidra
    Mrissa, Michael
    COMPUTER SCIENCE AND INFORMATION SYSTEMS, 2023, 20 (03) : 1235 - 1261
  • [29] Privacy-aware blockchain for personal data sharing and tracking
    Onik, Md Mehedi Hassan
    Kim, Chul-Soo
    Lee, Nam-Yong
    Yang, Jinhong
    OPEN COMPUTER SCIENCE, 2019, 9 (01) : 80 - 91
  • [30] A UML Profile for Privacy-Aware Data Lifecycle Models
    Alshammari, Majed
    Simpson, Andrew
    COMPUTER SECURITY, 2017, 2018, 10683 : 189 - 209
12345