Short paper: Integrating the data protection impact assessment into the software development lifecycle

Irvine, Christopher; Balasubramaniam, Dharini; Henderson, Tristan

View/Open

Irvine_et_al_Integrating_Privacy_2020_PURE.pdf (460.7Kb)

Date

2020

Abstract

Recent years have seen many privacy violations that have cost both the users of software systems and the businesses that run them in a variety of ways. One potential cause of these violations may be the ad hoc nature of the implementation of privacy measures within software systems, which may stem from the poor representation of privacy within many Software Development LifeCycle (SDLC) processes. We propose to give privacy a higher priority within the SDLC through the creation of a confederated Privacy-Aware SDLC (PASDLC) which incorporates the Data Protection Impact Assessment (DPIA) lifecycle. The PASDLC brings stakeholders of the software system closer together through the implementation of multiple interception points, whilst prompting the stakeholders to consider privacy within the software system. We consider many challenges to the creation of the PASDLC, including potential communication issues from confederating the processes of a SDLC and the effective measurement of privacy as an attribute of a software system.

Citation

Irvine , C , Balasubramaniam , D & Henderson , T 2020 , Short paper: Integrating the data protection impact assessment into the software development lifecycle . in J Garcia-Alfaro , G Navarro-Arribas & J Herrera-Joancomarti (eds) , Data Privacy Management, Cryptocurrencies and Blockchain Technology : ESORICS 2020 International Workshops, DPM 2020 and CBT 2020, Guildford, UK, September 17–18, 2020, Revised Selected Papers . Lecture Notes in Computer Science (including subseries Security and Cryptology) , vol. 12484 LNCS , Springer , Cham , pp. 219-228 . https://doi.org/10.1007/978-3-030-66172-4_13

Publication

Data Privacy Management, Cryptocurrencies and Blockchain Technology

DOI

https://doi.org/10.1007/978-3-030-66172-4_13

ISSN

0302-9743

Type

Conference item

Rights

Copyright © Springer Nature Switzerland AG 2020. This work has been made available online in accordance with publisher policies or with permission. Permission for further reuse of this content should be sought from the publisher or the rights holder. This is the author created accepted manuscript following peer review and may differ slightly from the final published version. The final published version of this work is available at https://doi.org/10.1007/978-3-030-66172-4_13.

Collections

University of St Andrews Research

URL

https://deic-web.uab.cat/conferences/dpm/dpm2020/

URI

http://hdl.handle.net/10023/21719