Incorporating privacy in the design of cloud-based systems: a conceptual meta-model

Purpose The purpose of this paper is to extend PriS (privacy safeguard), a privacy requirements engineering method for eliciting and modelling privacy requirements during system design, with the addition of privacy-aware cloud-based concepts to assist analysts to reason and model about privacy in cloud environments. Design/methodology/approach An analysis of previous findings on the file of cloud privacy based on previous work has been conducted and a set of privacy-related concepts that need to be considered during privacy analysis for cloud-based systems have been revealed. These concepts were used for extending the conceptual model of PriS. Findings The main finding of the paper is the design of a new, novel conceptual model that assists analysts and designers in reasoning about privacy in cloud environments. A new template using the JSON (Javascript notation object) format has been introduced for better expressing the privacy requirements along with the related concepts presented through the conceptual model, thus letting the developers to better understand the findings during the design stage and better guide them to the implementation of the respective solution. Research limitations/implications The design of a cloud-based process that will guide analysts in detail for eliciting and modelling the identified privacy-related requirements is the limitation and in parallel the next step of the specific work presented here. Practical implications The conceptual model has been applied on a real case scenario regarding its efficiency on capturing and mapping all necessary concepts for assisting analysts proceed with the design of the privacy-aware system. The results were positive, all concepts were easy to use and totally understandable from the design team and the stakeholders and the use of the JSON template received very positive comments, especially from the developer’s team. Originality/value The paper presents a novel conceptual model for reasoning about privacy requirements in the cloud. The applicability of the proposed model has also been tested on a real case study.

[1]  Jason Hong,et al.  Privacy patterns for online interactions , 2006, PLoP '06.

[2]  Qiang Zhang,et al.  The Characteristics of Cloud Computing , 2010, 2010 39th International Conference on Parallel Processing Workshops.

[3]  S. Fischer-Hübner IT-Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms , 2001 .

[4]  Haralambos Mouratidis,et al.  Secure Tropos: a Security-Oriented Extension of the Tropos Methodology , 2007, Int. J. Softw. Eng. Knowl. Eng..

[5]  Orestis Mavropoulos,et al.  Apparatus: Reasoning About Security Requirements in the Internet of Things , 2016, CAiSE Workshops.

[6]  A. Antón,et al.  Strategies for Developing Policies and Requirements for Secure Electronic Commerce Systems , 2000 .

[7]  Lawrence Chung,et al.  Dealing with Security Requirements During the Development of Information Systems , 1993, CAiSE.

[8]  Eduardo B. Fernández,et al.  An analysis of security issues for cloud computing , 2013, Journal of Internet Services and Applications.

[9]  Elizabeth D. Mynatt,et al.  STRAP: A Structured Analysis Framework for Privacy , 2005 .

[10]  Siani Pearson,et al.  Privacy, Security and Trust in Cloud Computing , 2013 .

[11]  Pericles Loucopoulos,et al.  Enterprise Knowledge Management and Conceptual Modelling , 1997, Conceptual Modeling.

[12]  Jan Jürjens,et al.  Eliciting security requirements and tracing them to design: an integration of Common Criteria, heuristics, and UMLsec , 2010, Requirements Engineering.

[13]  Munawar Hafiz,et al.  A pattern language for developing privacy enhancing technologies , 2013, Softw. Pract. Exp..

[14]  Axel van Lamsweerde,et al.  Handling Obstacles in Goal-Oriented Requirements Engineering , 2000, IEEE Trans. Software Eng..

[15]  Stefanos Gritzalis,et al.  Privacy in the Cloud: Bridging the Gap between Design and Implementation , 2013, CAiSE Workshops.

[16]  Siani Pearson,et al.  Privacy, Security and Trust Issues Arising from Cloud Computing , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[17]  Haralambos Mouratidis,et al.  Aligning Security and Privacy to Support the Development of Secure Information Systems , 2012, J. Univers. Comput. Sci..

[18]  Abigail Sellen,et al.  Design for Privacy in Ubiquitous Computing Environments , 1993, ECSCW.

[19]  Stefanos Gritzalis,et al.  Enhancing Web privacy and anonymity in the digital era , 2004, Inf. Manag. Comput. Secur..

[20]  Edgar R. Weippl,et al.  Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space , 2011, USENIX Security Symposium.

[21]  Peng Ning,et al.  Managing security of virtual machine images in a cloud environment , 2009, CCSW '09.

[22]  Annie I. Antón,et al.  Goal-based requirements analysis , 1996, Proceedings of the Second International Conference on Requirements Engineering.

[23]  Annie I. Antón,et al.  Strategies for Developing Policies and Requirements for Secure and Private Electronic Commerce , 2001, E-Commerce Security and Privacy.

[24]  Haralambos Mouratidis,et al.  Towards the design of secure and privacy-oriented information systems in the cloud: Identifying the major concepts , 2014, Comput. Stand. Interfaces.

[25]  Haralambos Mouratidis,et al.  Towards a Framework to Elicit and Manage Security and Privacy Requirements from Laws and Regulations , 2010, REFSQ.

[26]  Annie I. Antón,et al.  Evaluating existing security and privacy requirements for legal compliance , 2009, Requirements Engineering.

[27]  Haralambos Mouratidis,et al.  Migrating into the Cloud: Identifying the Major Security and Privacy Concerns , 2013, I3E.

[28]  John Mylopoulos,et al.  Representing and Using Nonfunctional Requirements: A Process-Oriented Approach , 1992, IEEE Trans. Software Eng..

[29]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2004, Requirements Engineering.

[30]  E. Weippl,et al.  A Goal-Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud-Based System , 2013 .

[31]  John Mylopoulos,et al.  Security and privacy requirements analysis within a social setting , 2003, Proceedings. 11th IEEE International Requirements Engineering Conference, 2003..

[32]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[33]  Stefanos Gritzalis,et al.  Addressing privacy requirements in system design: the PriS method , 2008, Requirements Engineering.

[34]  James A. Landay,et al.  Privacy risk models for designing privacy-sensitive ubiquitous computing systems , 2004, DIS '04.

[35]  J. C. Cannon Privacy: What Developers and IT Professionals Should Know , 2004 .