Show simple item record

Files in this item


Item metadata

dc.contributor.authorIrvine, Christopher
dc.contributor.authorBalasubramaniam, Dharini
dc.contributor.authorHenderson, Tristan
dc.contributor.editorGarcia-Alfaro, Joaquin
dc.contributor.editorNavarro-Arribas, Guillermo
dc.contributor.editorHerrera-Joancomarti, Jordi
dc.identifier.citationIrvine , C , Balasubramaniam , D & Henderson , T 2020 , Short paper: Integrating the data protection impact assessment into the software development lifecycle . in J Garcia-Alfaro , G Navarro-Arribas & J Herrera-Joancomarti (eds) , Data Privacy Management, Cryptocurrencies and Blockchain Technology : ESORICS 2020 International Workshops, DPM 2020 and CBT 2020, Guildford, UK, September 17–18, 2020, Revised Selected Papers . Lecture Notes in Computer Science (including subseries Security and Cryptology) , vol. 12484 LNCS , Springer , Cham , pp. 219-228 .
dc.identifier.otherBibtex: irvine:integrating
dc.identifier.otherORCID: /0000-0002-5093-0906/work/80620855
dc.description.abstractRecent years have seen many privacy violations that have cost both the users of software systems and the businesses that run them in a variety of ways. One potential cause of these violations may be the ad hoc nature of the implementation of privacy measures within software systems, which may stem from the poor representation of privacy within many Software Development LifeCycle (SDLC) processes. We propose to give privacy a higher priority within the SDLC through the creation of a confederated Privacy-Aware SDLC (PASDLC) which incorporates the Data Protection Impact Assessment (DPIA) lifecycle. The PASDLC brings stakeholders of the software system closer together through the implementation of multiple interception points, whilst prompting the stakeholders to consider privacy within the software system. We consider many challenges to the creation of the PASDLC, including potential communication issues from confederating the processes of a SDLC and the effective measurement of privacy as an attribute of a software system.
dc.relation.ispartofData Privacy Management, Cryptocurrencies and Blockchain Technologyen
dc.relation.ispartofseriesLecture Notes in Computer Science (including subseries Security and Cryptology)en
dc.subjectSoftware architectureen
dc.subjectSoftware engineering lifecycleen
dc.subjectData protection impact assessmenten
dc.subjectQA75 Electronic computers. Computer scienceen
dc.titleShort paper: Integrating the data protection impact assessment into the software development lifecycleen
dc.typeConference itemen
dc.contributor.institutionUniversity of St Andrews. School of Computer Scienceen
dc.contributor.institutionUniversity of St Andrews. Centre for Research into Equality, Diversity & Inclusionen

This item appears in the following Collection(s)

Show simple item record