Cloud Native Privacy Engineering through DevPrivOps
Elias Gr\"unewald
TL;DR
This paper introduces a comprehensive approach to integrating privacy engineering into cloud native development, proposing DevPrivOps to enhance privacy by design within agile, scalable service infrastructures.
Contribution
It presents the conceptual dimensions of cloud native privacy engineering and introduces DevPrivOps, a reference lifecycle to embed privacy into agile development practices.
Findings
Proposes a new framework for privacy in cloud native systems.
Introduces DevPrivOps to integrate privacy into agile workflows.
Advances privacy by design using latest cloud technologies.
Abstract
Cloud native information systems engineering enables scalable and resilient service infrastructures for all major online offerings. These are built following agile development practices. At the same time, a growing demand for privacy-friendly services is articulated by societal norms and policy through effective legislative frameworks. In this paper, we identify the conceptual dimensions of cloud native privacy engineering and propose an integrative approach to be addressed in practice to overcome the shortcomings of existing privacy enhancing technologies. Furthermore, we propose a reference software development lifecycle called DevPrivOps to enhance established agile development methods with respect to privacy. Altogether, we show that cloud native privacy engineering advances the state of the art of privacy by design and by default using latest technologies.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPrivacy, Security, and Data Protection · Cloud Data Security Solutions · Privacy-Preserving Technologies in Data