Search results

1 – 2 of 2
Article
Publication date: 1 December 2007

Evangelia Kavakli, Stefanos Gritzalis and Kalloniatis Christos

The purpose of the paper is to present Privacy Safeguard (PriS) a formal security requirements engineering methodology which, incorporates privacy requirements in the system…

Abstract

Purpose

The purpose of the paper is to present Privacy Safeguard (PriS) a formal security requirements engineering methodology which, incorporates privacy requirements in the system design process and to demonstrate its applicability in an e‐voting case.

Design/methodology/approach

PriS provides a methodological framework for addressing privacy‐related issues during system development. It provides a set of concepts for formally expressing privacy requirements (authentication, authorisation, identification, data protection, anonymity, pseudonymity, unlinkability and unobservability) and a systematic way‐of‐working for translating these requirements into system models. The main activities of the PriS way‐of‐working are: elicit privacy‐related goals, analyse the impact of privacy goals on processes, model affected processes using privacy process patterns and identify the technique(s) that best support/implement the above‐process patterns.

Findings

Analysis of a number of well known privacy‐enhancing technologies, as well as of existing security requirement engineering methodologies, pinpoints the gap between system design methodologies and technological solutions. To this end, PriS provides an integrated approach for matching privacy‐related requirements to proper implementation techniques. Experimentation with the e‐voting case suggests that PriS has a high degree of applicability on internet systems that wish to provide services that ensure users privacy, such as anonymous browsing, untraceable transactions, etc.

Originality/value

The paper proposes a new methodology for addressing privacy requirements during the design process. Instead of prescribing a single solution, PriS guides developers to choose the most appropriate implementation techniques for realizing the identified privacy issues. In addition, due to its formal definition it facilitates control of the accuracy and precision of the results and enables the development of automated tools for assisting its application.

Details

Transforming Government: People, Process and Policy, vol. 1 no. 4
Type: Research Article
ISSN: 1750-6166

Keywords

Article
Publication date: 1 March 2006

Evangelia Kavakli, Christos Kalloniatis, Pericles Loucopoulos and Stefanos Gritzalis

To present a new methodology for incorporating privacy requirements into the system design process called PriS, and describe its applicability in the e‐VOTE system for presenting…

1209

Abstract

Purpose

To present a new methodology for incorporating privacy requirements into the system design process called PriS, and describe its applicability in the e‐VOTE system for presenting methodology's way‐of‐working.

Design/methodology/approach

PriS is a requirement engineering methodology focused on privacy issues. It provides a set of concepts for modelling privacy requirements (anonymity, pseudonymity, unlinkability and unobservability) in the organisation domain and a systematic way‐of‐working for translating these requirements into system models. The conceptual model used in PriS is based on the Enterprise Knowledge Development (EKD) framework. PriS models privacy requirements as a special type of goal.

Findings

Based on the analysis of a number of well‐known privacy‐enhancing technologies as well as of existing security requirement engineering methodologies, this paper pinpoints the gap between system design methodologies and technological solutions. To this end, PriS is suggested, with a view to providing a methodological framework for matching privacy‐related requirements with the proper implementation techniques.

Originality/value

This paper proposes a new methodology for addressing privacy requirements during the design process. It guides developers to choose the most appropriate implementation techniques for realising the identified privacy issues. PriS methodology has a high degree of applicability on Internet systems that wish to provide services that ensure users privacy, such as anonymous browsing, untraceable transactions, etc.

Details

Internet Research, vol. 16 no. 2
Type: Research Article
ISSN: 1066-2243

Keywords

1 – 2 of 2