A Methodology for Assuring Privacy by Design in Information Systems

Arfaoui, Siham; Mezrioui, Abdellatif; BELMEKKI, Abdelhamid

doi:10.17762/ijcnis.v12i3.4852

Cited by 3 publications

(18 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• Also, IS evolves and therefore the methodological approach must take into account this fact of scalability and be invoked continuously. ISPM [8] assume that the ISs could be in one of the following states:…”

Section: Ispm Requirementsmentioning

confidence: 99%

“…• They are already designed and comply with PbD principles but they must evolve while respecting the PbD principles. To summarize, ISPM [8] is:…”

Section: Ispm Requirementsmentioning

confidence: 99%

“…In what follows, the authors present the ISPM methodology approach [8]. It consists of six steps as shown in Figure 2:…”

Section: Ispm Stepsmentioning

confidence: 99%

“…With regard to video surveillance and biometrics data, the works carried out [12,13,14,15] are very advanced and propose an end-to-end implementation of Privacy by Design. In this article, the authors aim to implement PbD principles in the IS of service providers according to ISPM methodology [8], which allow to control insider employees and external skeakholders privacy risks. Indeed, the security problems of telecommunications networks have preoccupied the international community for the past two decades.…”

Section: Related Workmentioning

confidence: 99%

“…Indeed, software systems are just one of the building blocks of an IS and by the way is not the only block that should be considered. Hence, in this paper, we aim to use ISPM « Information System Privacy Methodology » [8] which aims privacy by design implementation in IS of any domain. In the following sections, the authors present requirements that ISPM must meet.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

A Privacy by Design Methodology Application in Telecom Domain

Arfaoui

BELMEKKI

Mezrioui

2022

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

Telecommunication has been considerably developed over the last decades, notably through optical fiber submarine cables and wireless connections offering voice and data wide range services. Telecommunication infrastructures are the necessary backbone that make possible any voice and data exchange. Unfortunately, these infrastructures are still suffering from various vulnerabilities and continue to be target of specific cyber-attacks. Some of these attacks could lead to service deniability, integrity and privacy loss. Against this fact, it’s also established that telecom service providers, as the owner of this infrastructure,can have access to huge data, even personal data related to customer and to their employees. Basically, this personal data is related directly to the customer’s and employee’s identity, geolocation, interest areas and contact circle, etc., when it comes to the use of this personal data, the privacy concerns become a big challenge for telecom service providers due to heavy impact that can induce. Given the personal data protection criticality in telecom domain, privacy by design PbD should be incorporate. Then, this article aims to apply in telecom service providers ISPM methodology "Information System Privacy Methodology" which focuses on PbD implementation in enterprises architecture, specifically in information systems taking into account all technical and organizational aspects.

show abstract

Section: Ispm Requirementsmentioning

confidence: 99%

“…• They are already designed and comply with PbD principles but they must evolve while respecting the PbD principles. To summarize, ISPM [8] is:…”

Section: Ispm Requirementsmentioning

confidence: 99%

“…In what follows, the authors present the ISPM methodology approach [8]. It consists of six steps as shown in Figure 2:…”

Section: Ispm Stepsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Privacy by Design Methodology Application in Telecom Domain

Arfaoui

BELMEKKI

Mezrioui

2022

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

show abstract

Toward a Holistic Privacy Requirements Engineering Process: Insights From a Systematic Literature Review

Herwanto,

Ekaputra,

Quirchmayr

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Privacy requirements engineering is a crucial aspect of privacy engineering. It aims to integrate privacy principles into organizational and technical processes throughout the software development lifecycle. This specialized field involves various strategies, including compliance with regulatory frameworks, asset analysis, and system diagram development for threat modeling. The wide range of approaches, while beneficial in providing different perspectives, presents a significant challenge to the novice privacy engineer or developer in identifying the most effective methodologies. The lack of a single methodology highlights the need for a systematic literature review (SLR) to establish a standardized process for privacy requirements engineering that promotes consistency across different methodologies. To address this issue, we conducted a comprehensive SLR to synthesize existing privacy requirements engineering methodologies. Our analysis involved dissecting each method's processes, tasks, techniques, work products, and resources. Our review examined 40 privacy requirements engineering methodologies detailed in 50 papers, from which we extracted five key processes commonly followed in privacy requirements engineering research. We used this as the foundation for a holistic approach to facilitate the adoption of a comprehensive privacy requirements engineering process. The review also identifies ongoing challenges and suggests future directions in this field.INDEX TERMS privacy requirements engineering, privacy design engineering, privacy engineering, privacy by design

show abstract

Implementation of Privacy and Security in the Wireless Networks

Singh

Balamurgan

2022

2022 International Conference on Futuristic Technologies (INCOFT)

View full text Add to dashboard Cite

A Methodology for Assuring Privacy by Design in Information Systems

Cited by 3 publications

References 10 publications

A Privacy by Design Methodology Application in Telecom Domain

A Privacy by Design Methodology Application in Telecom Domain

Toward a Holistic Privacy Requirements Engineering Process: Insights From a Systematic Literature Review

Implementation of Privacy and Security in the Wireless Networks

Contact Info

Product

Resources

About