Towards a Catalog of Privacy Related Concepts

[Context and motivation] Data from software systems often captures a large amount of personal information and can be used for purposes other than initially intended. Therefore, the Requirements Engineering community has been recognizing the need for approaches to consider privacy concerns from the early activities of the software development process. [Question/problem] However, there is much confusion regarding privacy among people involved in Software Engineering because there is not a unified view of how to consider privacy in software development. [Principal ideas/results] Motivated by this situation, we conducted a Systematic Literature Review to investigate how modeling languages address privacy related concepts. As a result, we developed a catalog of privacy related concepts considered by modeling languages and a conceptual model to show how these concepts relate to each other. [Contribution] This paper contributes to the state of art by presenting a basis to standardize privacy in the Requirements Engineering field and help developers in understanding privacy.

[1]  Mariana Maia Peixoto,et al.  Specifying privacy requirements with goal-oriented modeling languages , 2018, SBES.

[2]  Eran Toch,et al.  Privacy by designers: software developers’ privacy mindset , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE).

[3]  Alberto Rodrigues da Silva,et al.  Model-driven engineering: A survey supported by the unified conceptual model , 2015, Comput. Lang. Syst. Struct..

[4]  Bashar Nuseibeh,et al.  Engineering adaptive privacy: On the role of privacy awareness requirements , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[5]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[6]  John Mylopoulos,et al.  Towards an Ontology for Privacy Requirements via a Systematic Literature Review , 2017, ER.

[7]  Liliana Pasquale,et al.  The Grace Period Has Ended: An Approach to Operationalize GDPR Requirements , 2018, 2018 IEEE 26th International Requirements Engineering Conference (RE).

[8]  Kristian Beckers,et al.  Comparing Privacy Requirements Engineering Approaches , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.

[9]  Mariana Maia Peixoto,et al.  PCM Tool: Privacy Requirements Specification in Agile Software Development , 2019 .

[10]  Stefanos Gritzalis,et al.  Addressing privacy requirements in system design: the PriS method , 2008, Requirements Engineering.