Privacy Impact Assessment: Comparing Methodologies with a Focus on Practicality

Bisztray, Tamas; Gruschka, Nils

doi:10.1007/978-3-030-35055-0_1

Cited by 12 publications

(14 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A comprehensive guidance for carrying out a PIA presented in ISO/IEC 29134:2017 [20], however, it solely describes the the basic concepts for the impact analysis while the provided information for the risk assessor is inadequate [19]. Moreover, several privacy metrics have been documented in the literature by now, however these generally utilise criteria of privacy-enhancing technologies (PETs), such as the the quantification of leaked information or the number of indistinguishable users, instead of the privacy impact [21]. More recently, the NIST proposed a privacy framework in the form of a solid documentation and a methodology to manage the privacy risks of an organization by prioritizing privacy protection activities through enterprise risk management [10].…”

Section: Methodologies Standards and Gdpr Guidelinesmentioning

confidence: 99%

“…The GDPR commands controllers to perform a risk oriented approach for the personal data, the Data Protection Impact Assessment (DPIA) [20]. However, GDPR does not dictate a special assessment method, while at the same time mandates a good overview of the PIIs, since any inappropriate management of PIIs can possibly violate the GDPR [21]. Such an overview is a challenging task especially for complex systems designed before the GDPR era.…”

Section: Methodologies Standards and Gdpr Guidelinesmentioning

confidence: 99%

See 1 more Smart Citation

A Perfect Match: Converging and Automating Privacy and Security Impact Assessment On-the-Fly

et al. 2021

View full text Add to dashboard Cite

As the upsurge of information and communication technologies has become the foundation of all modern application domains, fueled by the unprecedented amount of data being processed and exchanged, besides security concerns, there are also pressing privacy considerations that come into play. Compounding this issue, there is currently a documented gap between the cybersecurity and privacy risk assessment (RA) avenues, which are treated as distinct management processes and capitalise on rather rigid and make-like approaches. In this paper, we aim to combine the best of both worlds by proposing the APSIA (Automated Privacy and Security Impact Assessment) methodology, which stands for Automated Privacy and Security Impact Assessment. APSIA is powered by the use of interdependency graph models and data processing flows used to create a digital reflection of the cyber-physical environment of an organisation. Along with this model, we present a novel and extensible privacy risk scoring system for quantifying the privacy impact triggered by the identified vulnerabilities of the ICT infrastructure of an organisation. We provide a prototype implementation and demonstrate its applicability and efficacy through a specific case study in the context of a heavily regulated sector (i.e., assistive healthcare domain) where strict security and privacy considerations are not only expected but mandated so as to better showcase the beneficial characteristics of APSIA. Our approach can complement any existing security-based RA tool and provide the means to conduct an enhanced, dynamic and generic assessment as an integral part of an iterative and unified risk assessment process on-the-fly. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that such holistic security and privacy mechanisms can reach their full potential towards solving this conundrum.

show abstract

Section: Methodologies Standards and Gdpr Guidelinesmentioning

confidence: 99%

Section: Methodologies Standards and Gdpr Guidelinesmentioning

confidence: 99%

A Perfect Match: Converging and Automating Privacy and Security Impact Assessment On-the-Fly

et al. 2021

View full text Add to dashboard Cite

show abstract

“…Given that the guidelines of ISO/IEC 27005:2011 do not include PIAs, and that data protection standards such as BS 10012:2017, ISO/IEC 29151:2017 and ISO/IEC 27018:2014, require PIA in addition to conducting information security risk assessments, in 2017 ISO issued the ISO/IEC 29134:2017 standard with guidelines for PIA, superseding ISO 22307:2008 ("financial servicesprivacy impact assessment") and related guidelines (WP29 Guidelines on Data Protection Impact Assessment, 2017). In addition, apart from a handful of notable exceptions (Horák et al, 2019), state of the art methodologies and tools to implement PIA are still immature (Bisztray and Gruschka, 2019) and there is a lack of data privacy impact assessment (DPIA) methodologies to investigate the risks of information sharing in software engineering practice under the new requirements imposed by GDPR. The DEFeND platform will advance the current state of the art in data protection impact assessment by providing an in-depth processing analysis based on a recognized methodology and international standards.…”

Section: Literature State Of the Artmentioning

confidence: 99%

Privacy, security, legal and technology acceptance elicited and consolidated requirements for a GDPR compliance platform

Tsohou

Magkos

Mouratidis

et al. 2020

ICS

View full text Add to dashboard Cite

Purpose General data protection regulation (GDPR) entered into force in May 2018 for enhancing personal data protection. Even though GDPR leads toward many advantages for the data subjects it turned out to be a significant challenge. Organizations need to implement long and complex changes to become GDPR compliant. Data subjects are empowered with new rights, which, however, they need to become aware of. GDPR compliance is a challenging matter for the relevant stakeholders calls for a software platform that can support their needs. The aim of data governance for supporting GDPR (DEFeND) EU project is to deliver such a platform. The purpose of this paper is to describe the process, within the DEFeND EU project, for eliciting and analyzing requirements for such a complex platform. Design/methodology/approach The platform needs to satisfy legal and privacy requirements and provide functionalities that data controllers request for supporting GDPR compliance. Further, it needs to satisfy acceptance requirements, for assuring that its users will embrace and use the platform. In this paper, the authors describe the methodology for eliciting and analyzing requirements for such a complex platform, by analyzing data attained by stakeholders from different sectors. Findings The findings provide the process for the DEFeND platform requirements’ elicitation and an indicative sample of those. The authors also describe the implementation of a secondary process for consolidating the elicited requirements into a consistent set of platform requirements. Practical implications The proposed software engineering methodology and data collection tools (i.e. questionnaires) are expected to have a significant impact for software engineers in academia and industry. Social implications It is reported repeatedly that data controllers face difficulties in complying with the GDPR. The study aims to offer mechanisms and tools that can assist organizations to comply with the GDPR, thus, offering a significant boost toward the European personal data protection objectives. Originality/value This is the first paper, according to the best of the authors’ knowledge, to provide software requirements for a GDPR compliance platform, including multiple perspectives.

show abstract

“…The efficiency of their synergy in terms of security and privacy threat modelling is proven by the SPARTA tool introduced in [28]. Since STRIDE and LINDDUN miss on risk assessment [7], SPARTA tries to enrich them with FAIR [13] risk analysis, but it does not provide means for managing variability and providing scoring for system configurations. There were some attempts to cover architectural trade-offs and variant explosions (e.g.…”

Section: Identified Gap and Research Questionmentioning

confidence: 99%

Threat and Risk Management Framework for eHealth IoT Applications

Tomashchuk

2020

Proceedings of the 24th ACM International Systems and Software Product Line Conference - Volume B

View full text Add to dashboard Cite

The impact of the Internet of Things (IoT) on the modern industrial and commercial systems is hard to be underestimated. Almost every domain favours from the benefits that IoT brings, and healthcare does not make an exception. This is also clearly demonstrated by a widespread adoption of eHealth systems that often arise from software product lines. Nevertheless, the benefits that IoT brings come together with new threats and risks. An eHealth system that processes many types of sensitive data sets the context for this thesis. Security and privacy gain crucial importance for successful operation and broad user acceptance of the system because of the properties of the data flows that it initiates and operates. However, due to a large number of feature combinations that originate from the software product line nature of the eHealth system in question, a combinatorial explosion of relevant configurations makes reaching security and privacy goals more difficult. Furthermore, another combinatorial explosion of threats and corresponding mitigation strategies for every configuration complicates the situation even further. Nonetheless, configurations that meet specific risk budgets need to be in place. Within this thesis, a new threat and risk management (TRM) framework will be provided. It is based on STRIDE and LINDDUN methodologies, and it will overcome existing limitations by employing components on feature space modelling, risk-driven scoring, configuration decision support, and regulatory compliance. Research outcomes that have been reached so far show promising developments on the vital framework components. CCS CONCEPTS • Security and privacy → Mobile platform security; Data anonymization and sanitization; Usability in security and privacy; Privacy protections; Mobile and wireless security; Information flow control; • Software and its engineering → Software product lines.

show abstract

Privacy Impact Assessment: Comparing Methodologies with a Focus on Practicality

Cited by 12 publications

References 3 publications

A Perfect Match: Converging and Automating Privacy and Security Impact Assessment On-the-Fly

A Perfect Match: Converging and Automating Privacy and Security Impact Assessment On-the-Fly

Privacy, security, legal and technology acceptance elicited and consolidated requirements for a GDPR compliance platform

Threat and Risk Management Framework for eHealth IoT Applications

Contact Info

Product

Resources

About