Unraveling Privacy Threat Modeling Complexity: Conceptual Privacy Analysis Layers
Kim Wuyts, Avi Douglen
TL;DR
This paper introduces a four-layer conceptual framework to better understand and structure privacy threat analysis in software development, addressing the complexity of identifying threats in privacy-sensitive systems.
Contribution
It proposes a novel four-layer model to systematically analyze privacy threats, enhancing clarity and applicability of privacy threat modeling methods.
Findings
The four-layer model captures privacy complexity effectively.
Structured analysis improves threat identification process.
Framework supports more actionable privacy threat assessments.
Abstract
Analyzing privacy threats in software products is an essential part of software development to ensure systems are privacy-respecting; yet it is still a far from trivial activity. While there have been many advancements in the past decade, they tend to focus on describing 'what' the threats are. What isn't entirely clear yet is 'how' to actually find these threats. Privacy is a complex domain. We propose to use four conceptual layers (feature, ecosystem, business context, and environment) to capture this privacy complexity. These layers can be used as a frame to structure and specify the privacy analysis support in a more tangible and actionable way, thereby improving applicability of the analysis process.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPrivacy-Preserving Technologies in Data · Digital and Cyber Forensics · Information and Cyber Security