Interaction-Based Privacy Threat Elicitation

Sion, Laurens; Wuyts, Kim; Yskout, Koen; Landuyt, Dimitri Van; Joosen, Wouter

doi:10.1109/eurospw.2018.00017

Cited by 25 publications

(26 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There are two main approaches. The original per-element approach [2], [4] iterates systematically over each element of the model, while the per-interaction approach [3], [14] considers each interaction (i.e. sender-flow-destination combination) in the model.…”

Section: Threat Modelingmentioning

confidence: 99%

Knowledge is Power: Systematic Reuse of Privacy Knowledge for Threat Elicitation

Wuyts

Sion

Landuyt

et al. 2019

2019 IEEE Security and Privacy Workshops (SPW)

Self Cite

View full text Add to dashboard Cite

Privacy threat modeling is difficult. Identifying relevant threats that cause privacy harm requires an extensive assessment of common potential privacy issues for all elements in the system-under-analysis. In practice, the outcome of a threat modeling exercise thus strongly depends on the level of experience and expertise of the analyst. However, capturing (at least part of) this privacy expertise in a reusable threat knowledge base (i.e. an inventory of common threat types), such as LINDDUN's and STRIDE's threat trees, can greatly improve the efficiency of the threat elicitation process and the overall quality of identified threats. In this paper, we highlight the problems of current knowledge bases, such as limited semantics and lack of instantiation logic, and discuss the requirements for a privacy threat knowledge base that streamlines threat elicitation efforts. Index Terms-privacy, threat modeling, knowledge base This research is partially funded by the Research Fund KU Leuven and the PRiSE KU Leuven-C2 research project.

show abstract

Section: Threat Modelingmentioning

confidence: 99%

Knowledge is Power: Systematic Reuse of Privacy Knowledge for Threat Elicitation

Wuyts

Sion

Landuyt

et al. 2019

2019 IEEE Security and Privacy Workshops (SPW)

Self Cite

View full text Add to dashboard Cite

show abstract

“…A final common class of design-level analysis approaches for security is threat modeling, which starts from a data flow diagram-based abstraction of the system to elicit security [10], [19] or privacy [21], [37] threats. Both the security and privacy threat modeling approaches support a systematic analysis of the system under consideration by iterating over every element (element-based [10], [19], [37]) or interaction (interactionbased [19], [38]). The knowledge-bases used in these approaches can also be extended for detecting additional threat types, but the element-or interaction-based approach limits the complexity of the criteria to assess as they remain limited to a single element or interaction.…”

Section: Related Workmentioning

confidence: 99%

Towards Automated Security Design Flaw Detection

Sion

Tuma

Scandariato

et al. 2019

2019 34th IEEE/ACM International Conference on Automated Software Engineering Workshop (ASEW)

Self Cite

View full text Add to dashboard Cite

Efficiency of security-by-design has become an important goal for organizations implementing software engineering practices such as Agile, DevOps, and Continuous Integration. Software architectures are (often manually) analyzed at design time for potential security design flaws, based on natural language descriptions of security weaknesses (e.g., CWE, CAPEC). The use of natural language hinders the application of such knowledge bases in an automated fashion. In this paper, we analyze an existing catalog of 19 security design flaws in order to identify conceptual, technology-independent requirements on architectural models that enable automatically detecting these flaws. This constitutes the first step towards automated assessment of design-level security. Our findings are illustrated on an IoT-based smart home system.

show abstract

“…Privacy by Design (PbD) [27] is a fairly new system that works to embed privacy practice more deeply and effectively into the development process [30,59]. REGULATION (EU) 2016/679 General Data Protection Regulation (GDPR) [1] confirms the importance of this and is applicable to all systems that manage personal data processing -a common feature of IoT applications.…”

Section: Introductionmentioning

confidence: 99%

Privacy Laws and Privacy by Design Schemes for the Internet of Things

et al. 2021

View full text Add to dashboard Cite

Internet of Things applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complying with regulations. One key reason is that, at times, regulations are vague and could be challenging to extract and enact such legal requirements. In this article, we have conducted a systematic analysis of the privacy and data protection laws that are used across different continents, namely (i) General Data Protection Regulations, (ii) the Personal Information Protection and Electronic Documents Act, (iii) the California Consumer Privacy Act, (iv) Australian Privacy Principles, and (v) New Zealand’s Privacy Act 1993. Then, we used framework analysis method to attain a comprehensive view of different privacy and data protection laws and highlighted the disparities to assist developers in adhering to the regulations across different regions, along with creating a Combined Privacy Law Framework (CPLF). After that, the key principles and individuals’ rights of the CPLF were mapped with Privacy by Design (PbD) schemes (e.g., privacy principles, strategies, guidelines, and patterns) developed previously by different researchers to investigate the gaps in existing schemes. Subsequently, we have demonstrated how to apply and map privacy patterns into IoT architectures at the design stage and have also highlighted the complexity of doing such mapping. Finally, we have identified the major challenges that should be addressed and potential research directions to take the burden off software developers when applying privacy-preserving techniques that comply with privacy and data protection laws. We have released a companion technical report [3] that comprises all definitions, detailed steps on how we developed the CPLF, and detailed mappings between CPLF and PbD schemes.

show abstract

Interaction-Based Privacy Threat Elicitation

Cited by 25 publications

References 10 publications

Knowledge is Power: Systematic Reuse of Privacy Knowledge for Threat Elicitation

Knowledge is Power: Systematic Reuse of Privacy Knowledge for Threat Elicitation

Towards Automated Security Design Flaw Detection

Privacy Laws and Privacy by Design Schemes for the Internet of Things

Contact Info

Product

Resources

About