To read this content please select one of the options below:

Incorporating privacy requirements into the system design process: The PriS conceptual framework

Evangelia Kavakli (Department of Cultural Technology and Communication, University of the Aegean, Mytilene, Greece)
and
Christos Kalloniatis (Department of Cultural Technology and Communication, University of the Aegean, Mytilene, Greece)
Pericles Loucopoulos (School of Informatics, University of Manchester, Manchester, UK)
Stefanos Gritzalis (Department of Information and Communications Systems Engineering, University of the Aegean, Samos, Greece)

Internet Research

ISSN: 1066-2243

Article publication date: 1 March 2006

1209

Abstract

Purpose

To present a new methodology for incorporating privacy requirements into the system design process called PriS, and describe its applicability in the e‐VOTE system for presenting methodology's way‐of‐working.

Design/methodology/approach

PriS is a requirement engineering methodology focused on privacy issues. It provides a set of concepts for modelling privacy requirements (anonymity, pseudonymity, unlinkability and unobservability) in the organisation domain and a systematic way‐of‐working for translating these requirements into system models. The conceptual model used in PriS is based on the Enterprise Knowledge Development (EKD) framework. PriS models privacy requirements as a special type of goal.

Findings

Based on the analysis of a number of well‐known privacy‐enhancing technologies as well as of existing security requirement engineering methodologies, this paper pinpoints the gap between system design methodologies and technological solutions. To this end, PriS is suggested, with a view to providing a methodological framework for matching privacy‐related requirements with the proper implementation techniques.

Originality/value

This paper proposes a new methodology for addressing privacy requirements during the design process. It guides developers to choose the most appropriate implementation techniques for realising the identified privacy issues. PriS methodology has a high degree of applicability on Internet systems that wish to provide services that ensure users privacy, such as anonymous browsing, untraceable transactions, etc.

Keywords

Citation

Kavakli, E., Kalloniatis, C., Loucopoulos, P. and Gritzalis, S. (2006), "Incorporating privacy requirements into the system design process: The PriS conceptual framework", Internet Research, Vol. 16 No. 2, pp. 140-158. https://doi.org/10.1108/10662240610656483

Publisher

:

Emerald Group Publishing Limited

Copyright © 2006, Emerald Group Publishing Limited

Related articles