Sökning: WFRF:(Schneider Gerardo 1967)
> (2020-2023) >
Precise Analysis of...
Precise Analysis of Purpose Limitation in Data Flow Diagrams
-
- Alshareef, Hanaa, 1985 (författare)
- Chalmers tekniska högskola,Chalmers University of Technology
-
- Tuma, K. (författare)
- Vrije Universiteit Amsterdam (VU)
-
- Stucki, Sandro, 1982 (författare)
- Chalmers tekniska högskola,Chalmers University of Technology
-
visa fler...
-
- Schneider, Gerardo, 1967 (författare)
- Gothenburg University,Göteborgs universitet,Institutionen för data- och informationsteknik, datorteknik (GU),Department of Computer Science and Engineering, Computer Engineering (GU)
-
- Scandariato, Riccardo, 1975 (författare)
- Technische Universität Hamburg-Harburg (TUHH),Technical University of Hamburg (TUHH)
-
visa färre...
-
(creator_code:org_t)
- 2022-08-23
- 2022
- Engelska.
-
Ingår i: ACM International Conference Proceeding Series. - New York, NY, USA : ACM.
- Relaterad länk:
-
https://research.cha... (primary) (free)
-
visa fler...
-
https://doi.org/10.1...
-
https://research.cha...
-
https://gup.ub.gu.se...
-
visa färre...
Abstract
Ämnesord
Stäng
- Data Flow Diagrams (DFDs) are primarily used for modelling functional properties of a system. In recent work, it was shown that DFDs can be used to also model non-functional properties, such as security and privacy properties, if they are annotated with appropriate security- and privacy-related information. An important privacy principle one may wish to model in this way is purpose limitation. But previous work on privacy-aware DFDs (PA-DFDs) considers purpose limitation only superficially, without explaining how the purpose of DFD activators and flows ought to be specified, checked or inferred. In this paper, we define a rigorous formal framework for (1) annotating DFDs with purpose labels and privacy signatures, (2) checking the consistency of labels and signatures, and (3) inferring labels from signatures. We implement our theoretical framework in a proof-of concept tool consisting of a domain-specific language (DSL) for specifying privacy signatures and algorithms for checking and inferring purpose labels from such signatures. Finally, we evaluate our framework and tool through a case study based on a DFD from the privacy literature.
Ämnesord
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Inbäddad systemteknik (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Embedded Systems (hsv//eng)
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Datorsystem (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Computer Systems (hsv//eng)
- NATURVETENSKAP -- Data- och informationsvetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences (hsv//eng)
Nyckelord
- Privacy by design
- purpose limitation
- data flow diagram
- data flow diagram
- Privacy by design
- purpose limitation
Publikations- och innehållstyp
- kon (ämneskategori)
- ref (ämneskategori)