Privacy Architectural Strategies: An Approach for Achieving Various Levels of Privacy Protection

A wide array of Privacy-Enhancing Technologies (PETs) have been proposed as technical measures to provide various levels of privacy protection. Each technical measure is a building block that addresses specific privacy issues and is applicable to specific contexts. Existing approaches, however, do not provide step-by-step guidance to illustrate how these PETs can be appropriately adopted in a contextual and structured manner. From an engineering perspective, it is important to illustrate precisely how to design and implement privacy requirements and incorporate them into software architectures, as well as to choose between alternative PETs. We present an engineering approach to Privacy by Design (PbD) that uses the concept of architectural strategies to support the adoption of PETs in the early stages of the design process to achieve various levels of privacy protection. These strategies are collections of architectural tactics, which are described through design patterns and realised by PETs. We illustrate the approach's use in the context of eToll pricing systems and argue that this contribution lays the foundation for developing appropriate privacy engineering methodologies.

[1]  Carmela Troncoso,et al.  PrETP: Privacy-Preserving Electronic Toll Pricing , 2010, USENIX Security Symposium.

[2]  Seda Guerses,et al.  Energineering privacy by Design Reloaded , 2016 .

[3]  Juan C. Yelmo,et al.  Engineering privacy requirements valuable lessons from another realm , 2014, 2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE).

[4]  Antonio Kung PEARs: Privacy Enhancing ARchitectures , 2014, APF.

[5]  Andrew C. Simpson,et al.  Towards an Effective Privacy Impact and Risk Assessment Methodology: Risk Assessment , 2018, TrustBus.

[6]  Stefan Fenz,et al.  A taxonomy for privacy enhancing technologies , 2015, Comput. Secur..

[7]  M. Hafiz A collection of privacy design patterns , 2006, PLoP '06.

[8]  Andrew Simpson,et al.  Towards an effective PIA−based Risk Analysis: An Approach for Analysing Potential Privacy Risks , 2018 .

[9]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[10]  Jaap-Henk Hoepman,et al.  PDF hosted at the Radboud Repository of the Radboud University Nijmegen , 2022 .

[11]  Pramodita Sharma 2012 , 2013, Les 25 ans de l’OMC: Une rétrospective en photos.

[12]  Agustí Verde Parera,et al.  General data protection regulation , 2018 .

[13]  Jaap-Henk Hoepman,et al.  A Critical Analysis of Privacy Design Strategies , 2016, 2016 IEEE Security and Privacy Workshops (SPW).

[14]  David Wright,et al.  PRIPARE: Integrating Privacy Best Practices into a Privacy Engineering Methodology , 2015, 2015 IEEE Security and Privacy Workshops.

[15]  Marc Langheinrich,et al.  Privacy By Design , 2013, IEEE Pervasive Comput..

[16]  P. Hustinx Privacy-Enhancing Technologies: The Path to Anonymity , 2005 .

[17]  R. Hes,et al.  Privacy-Enhancing Technologies: The Path to Anonymity , 1998 .

[18]  Carmela Troncoso,et al.  Engineering Privacy by Design , 2011 .

[19]  Daniel Le Métayer,et al.  Privacy by Design: From Technologies to Architectures - (Position Paper) , 2014, APF.

[20]  C. Martin 2015 , 2015, Les 25 ans de l’OMC: Une rétrospective en photos.

[21]  Siani Pearson,et al.  Context-Aware Privacy Design Pattern Selection , 2010, TrustBus.

[22]  Sourya Joyee De,et al.  A Refinement Approach for the Reuse of Privacy Risk Analysis Results , 2017, APF.

[23]  Paul Clements,et al.  Software architecture in practice , 1999, SEI series in software engineering.

[24]  Lorrie Faith Cranor,et al.  Engineering Privacy , 2009, IEEE Transactions on Software Engineering.

[25]  Andrew C. Simpson,et al.  A UML Profile for Privacy-Aware Data Lifecycle Models , 2017, CyberICPS/SECPRE@ESORICS.

[26]  Markus Schumacher,et al.  Security Patterns and Security Standards , 2002, EuroPLoP.

[27]  Munawar Hafiz,et al.  A pattern language for developing privacy enhancing technologies , 2013, Softw. Pract. Exp..

[28]  J. Olsen,et al.  The European Commission , 2020, The European Union.

[29]  Charles D. Raab,et al.  Laws, PETs and Other Technologies for Privacy Protection , 2001, J. Inf. Law Technol..

[30]  Sarah Spiekermann,et al.  The challenges of privacy by design , 2012, Commun. ACM.

[31]  Marit Hansen,et al.  Protection Goals for Privacy Engineering , 2015, 2015 IEEE Security and Privacy Workshops.

[32]  Sourya Joyee De,et al.  PRIAM: A Privacy Risk Analysis Methodology , 2016, DPM/QASA@ESORICS.

[33]  Andrew C. Simpson,et al.  Towards a Principled Approach for Engineering Privacy by Design , 2017, APF.

[34]  Jason Hong,et al.  Privacy patterns for online interactions , 2006, PLoP '06.

[35]  A. Azzouz 2011 , 2020, City.

[36]  S. M. García,et al.  2014: , 2020, A Party for Lazarus.

[37]  Sarah Spiekermann,et al.  A systematic methodology for privacy impact assessments: a design science approach , 2014, Eur. J. Inf. Syst..