The Never-Ending Story: On the Need for Continuous Privacy Impact Assessment
Uloženo v:
| Název: | The Never-Ending Story: On the Need for Continuous Privacy Impact Assessment |
|---|---|
| Autoři: | Sion, Laurens, Van Landuyt, Dimitri, Joosen, Wouter |
| Zdroj: | 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). :314-317 |
| Informace o vydavateli: | IEEE, 2020. |
| Rok vydání: | 2020 |
| Témata: | DevOps, Technology, Science & Technology, Computer Science, Information Systems, continuous privacy assessment, privacy risk, 02 engineering and technology, Computer Science, Theory & Methods, Computer Science, DevPrivOps, Telecommunications, 0202 electrical engineering, electronic engineering, information engineering, privacy by design, GDPR |
| Popis: | The importance of privacy by design has increased with initiatives such as the General Data Protection Regulation (GDPR). While static, design-level assessment of privacy aspects provides considerable benefits in the creation of privacy-preserving software-intensive systems, operational aspects that are difficult to predict at design-time also play a key role. This is particularly true in the instance of privacy impact or privacy risk: while existing approaches succeed fairly well in assessing the overall risk from a static design context, they are not well suited to capture risk elements that are dynamic and often impossible to foresee.In this position paper, we highlight this problem at the basis of a number of realistic motivational scenarios and outline our vision towards continuous privacy impact assessment and risk management. |
| Druh dokumentu: | Article Conference object |
| DOI: | 10.1109/eurospw51379.2020.00049 |
| Přístupová URL adresa: | https://lirias.kuleuven.be/bitstream/123456789/655699/2/SionIWPE2020.pdf https://www.computer.org/csdl/proceedings-article/euros&pw/2020/859700a314/1o8qo9MLp96 http://dblp.uni-trier.de/db/conf/eurosp/eurosp2020w.html#SionLJ20 https://dblp.uni-trier.de/db/conf/eurosp/eurosp2020w.html#SionLJ20 https://doi.org/10.1109/EuroSPW51379.2020.00049 https://lirias.kuleuven.be/handle/123456789/655699 https://doi.org/10.1109/eurospw51379.2020.00049 |
| Rights: | IEEE Copyright |
| Přístupové číslo: | edsair.doi.dedup.....18443bda65198e7871e7ea9cc201bed5 |
| Databáze: | OpenAIRE |
Nájsť tento článok vo Web of Science | Abstrakt: | The importance of privacy by design has increased with initiatives such as the General Data Protection Regulation (GDPR). While static, design-level assessment of privacy aspects provides considerable benefits in the creation of privacy-preserving software-intensive systems, operational aspects that are difficult to predict at design-time also play a key role. This is particularly true in the instance of privacy impact or privacy risk: while existing approaches succeed fairly well in assessing the overall risk from a static design context, they are not well suited to capture risk elements that are dynamic and often impossible to foresee.In this position paper, we highlight this problem at the basis of a number of realistic motivational scenarios and outline our vision towards continuous privacy impact assessment and risk management. |
|---|---|
| DOI: | 10.1109/eurospw51379.2020.00049 |