A taxonomy on privacy and confidentiality

Ensuring privacy and confidentiality often implies in tailoring a solution to a specific application. We currently lack a common framework to compare and assess different solutions in terms of privacy and confidentiality. All of this makes it harder to establish whether we can reapply strategies to new applications and problems. From the point of view of an application’s stakeholders, the lack of this common framework makes it harder to navigate and search for the correct alternative, significantly if one cannot easily place the application in a context of privacy and confidentiality vulnerabilities. We believe that a taxonomy centered on applications’ privacy and confidentiality vulnerabilities would provide this framework. We then provide a taxonomy on privacy and confidentiality we employed to successfully classify nineteen applications, showcasing the generality of our taxonomy. We have further validated our taxonomy through an orthogonality demonstration and a utility demonstration and its utility by applying it to an intelligent infection analysis system part of a smart campus initiative.

[1]  Valerio Schiavoni,et al.  Trust Management as a Service: Enabling Trusted Execution in the Face of Byzantine Stakeholders , 2020, 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[2]  Paul Breitbarth,et al.  The impact of GDPR one year on , 2019, Netw. Secur..

[3]  Riccardo Scandariato,et al.  Current and Future Bots in Software Development , 2019, 2019 IEEE/ACM 1st International Workshop on Bots in Software Engineering (BotSE).

[4]  Josep Domingo-Ferrer,et al.  Privacy-preserving cloud computing on sensitive data: A survey of methods, products and challenges , 2019, Comput. Commun..

[5]  Emilia Mendes,et al.  Taxonomies in software engineering: A Systematic mapping study and a revised taxonomy development method , 2017, Inf. Softw. Technol..

[6]  David M. Eyers,et al.  SCONE: Secure Linux Containers with Intel SGX , 2016, OSDI.

[7]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[8]  Zahir Tari,et al.  Security and Privacy in Cloud Computing , 2014, IEEE Cloud Computing.

[9]  Jan Muntermann,et al.  A method for taxonomy development and its application in information systems , 2013, Eur. J. Inf. Syst..

[10]  H. Nissenbaum Privacy as contextual integrity , 2004 .

[11]  Isabel Wagner,et al.  Privacy in the Smart City—Applications, Technologies, Challenges, and Solutions , 2018, IEEE Communications Surveys & Tutorials.

[12]  Ittai Anati,et al.  Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[13]  Michael Friedewald,et al.  Seven Types of Privacy , 2013, European Data Protection.