research-article

Privacy by Design and Software Engineering: a Systematic Literature Review

Authors:
Vinícius Camargo Andrade

Pontifical Catholic University of Paraná, Brasil

Pontifical Catholic University of Paraná, Brasil

0000-0001-9827-1332
View Profile

,
Rhodrigo Deda Gomes

Pontifical Catholic University of Paraná, Brasil

Pontifical Catholic University of Paraná, Brasil

0000-0002-5671-2694
View Profile

,
Sheila Reinehr

Pontifical Catholic University of Paraná, Brasil

Pontifical Catholic University of Paraná, Brasil

0000-0001-9430-7713
View Profile

,
Cinthia Obladen De Almendra Freitas

Pontifical Catholic University of Paraná, Brasil

Pontifical Catholic University of Paraná, Brasil

0000-0002-7015-094X
View Profile

,
Andreia Malucelli

Pontifical Catholic University of Paraná, Brasil

Pontifical Catholic University of Paraná, Brasil

0000-0002-0929-1874
View Profile

SBQS '22: Proceedings of the XXI Brazilian Symposium on Software QualityNovember 2022Article No.: 18Pages 1–10https://doi.org/10.1145/3571473.3571480

Published:27 January 2023Publication History

SBQS '22: Proceedings of the XXI Brazilian Symposium on Software Quality

Pages 1–10

ABSTRACT

Service providers increasingly collect, process, store, and share data from their users to understand their preferences to make better decisions and make accurate estimates for the delivery of advertisements, products, and services. However, the misuse of personal data puts the privacy of the data subjects at risk. In addition, privacy can directly affect the quality of the software product. In an attempt to minimize these problems, the Privacy by Design approach has been proposed to ensure that privacy requirements are incorporated from the early stages of system development and applied to the entire data lifecycles. Meanwhile, Privacy by Design is often criticized due to its lack of specific methodology and tools capable of translating its principles into practical Software Engineering activities. Therefore, this research aims to investigate, through a systematic literature review, how Privacy by Design principles have been applied in the Software Engineering area. The search retrieved 6046 primary articles, published up to May 2022. After applying the inclusion and exclusion criteria, 75 primary studies were selected for analysis. The results show that there is a lack of models, processes, and tools to support Privacy by Design throughout the software development lifecycle and that it has become more relevant considering the requirements of the General Data Protection Regulation (GDPR).

References

Amir Shayan Ahmadian, Daniel Strüber, and Jan Jürjens. 2019. Privacy-enhanced system design modeling based on privacy features. In Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing. 1492–1499.Google ScholarDigital Library
A Al-Momani, F Kargl, R Schmidt, A Kung, and C Bösch. 2019. A Privacy-Aware V-Model for Software Development. In 2019 IEEE Security and Privacy Workshops (SPW). https://doi.org/10.1109/SPW.2019.00028Google ScholarCross Ref
Ibraheem Alharbi, S Zyngier, and C Hodkinson. 2012. An evaluation of the interaction between companies’ privacy practices and user information privacy concerns in the success of electronic commerce. In European, Mediterranean and Middle Eastern Conference on Information Systems.Google Scholar
Naureen Ali, Dawn Jutla, and Peter Bodorik. 2016. PIP: An injection pattern for inserting privacy patterns and services in software. In Annual Privacy Forum. Springer, 144–157.Google Scholar
Maha Aljohani, Kirstie Hawkey, and James Blustein. 2016. Proposed privacy patterns for privacy preserving healthcare systems in accord with nova scotia’s personal health information act. In International Conference on Human Aspects of Information Security, Privacy, and Trust. Springer, 91–102.Google ScholarCross Ref
Majed Alshammari and Andrew Simpson. 2017. Personal data management: an abstract personal data lifecycle model. In International Conference on Business Process Management. Springer, 685–697.Google Scholar
Majed Alshammari and Andrew Simpson. 2017. Towards a principled approach for engineering privacy by design. In Annual Privacy Forum. Springer, 161–177.Google Scholar
Majed Alshammari and Andrew Simpson. 2017. A UML profile for privacy-aware data lifecycle models. In Computer Security. Springer, 189–209.Google Scholar
Majed Alshammari and Andrew Simpson. 2018. Privacy architectural strategies: an approach for achieving various levels of privacy protection. In Proceedings of the 2018 Workshop on Privacy in the Electronic Society. 143–154.Google ScholarDigital Library
Vincent Amankona, Audrey Asante, Michael Opoku, Patrick Ohemeng-Gyaase, Clement Srekumah, Alex K Peprah, and Philip Amankwa-Danquah. 2021. Integrating Privacy-By-Design in e-Health. In 2021 International Conference on Electrical, Computer and Energy Technologies (ICECET). IEEE, 1–7.Google ScholarCross Ref
Oshrat Ayalon and Eran Toch. 2021. User-Centered Privacy-by-Design: Evaluating the Appropriateness of Design Prototypes. International Journal of Human-Computer Studies (2021), 102641.Google ScholarDigital Library
Maria Teresa Baldassarre, Vita Santa Barletta, Danilo Caivano, and Michele Scalera. 2019. Privacy oriented software development. In International Conference on the Quality of Information and Communications Technology. Springer, 18–32.Google ScholarCross Ref
Maria Teresa Baldassarre, Vita Santa Barletta, Danilo Caivano, and Michele Scalera. 2020. Integrating security and privacy in software development. Software Quality Journal 28, 3 (2020), 987–1018.Google ScholarDigital Library
Mortaza S Bargh and Sunil Choenni. 2019. Towards Applying Design-Thinking for Designing Privacy-Protecting Information Systems. In 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). IEEE, 196–202.Google Scholar
Fredrik Blix, Salah Addin Elshekeil, and Saran Laoyookhong. 2017. Data protection by design in systems development: From legal requirements to technical solutions. In 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST). IEEE, 98–103.Google ScholarCross Ref
J Efrim Boritz, Won Gyun No, and RP Sundarraj. 2008. Internet privacy in e-commerce: Framework, review, and opportunities for future research. In Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008). IEEE, 204–204.Google ScholarDigital Library
Pierre Bourque and Richard E Fairley. 2014. Guide to the Software Engineering Body of Knowledge (Swebok(r)): Version 3.0. Vol. 3. IEEE Computer Society. 348 pages.Google Scholar
BRASIL. 2018. Lei Geral de Proteção de Dados Pessoais (LGPD). http://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/l13709.htmGoogle Scholar
Fei Bu, Nengmin Wang, Bin Jiang, and Qi Jiang. 2021. Motivating information system engineers’ acceptance of Privacy by Design in China: An extended UTAUT model. International Journal of Information Management 60 (2021), 102358.Google ScholarDigital Library
Fei Bu, Nengmin Wang, Bin Jiang, and Huigang Liang. 2020. “Privacy by Design” implementation: Information system engineers’ perspective. International Journal of Information Management 53 (2020), 102124.Google ScholarCross Ref
Joseph Bugeja and Andreas Jacobsson. 2020. On the Design of a Privacy-Centered Data Lifecycle for Smart Living Spaces. In IFIP International Summer School on Privacy and Identity Management. Springer, 126–141.Google Scholar
Carole Cadwalladr and Emma Graham-Harrison. 2018. Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach. The guardian 17(2018), 22.Google Scholar
Julio C Caiza, Yod-Samuel Martín, Jose M Del Alamo, and Danny S Guamán. 2017. Organizing design patterns for privacy: a taxonomy of types of relationships. In Proceedings of the 22nd European Conference on Pattern Languages of Programs. 1–11.Google ScholarDigital Library
Ann Cavoukian. 2012. Operationalizing Privacy by Design: A Guide to Implementing. (2012).Google Scholar
Ann Cavoukian 2009. Privacy by design: The 7 foundational principles. Information and privacy commissioner of Ontario, Canada 5 (2009), 12.Google Scholar
Ann Cavoukian, Stuart Shapiro, and R Jason Cronk. 2014. Privacy engineering: Proactively embedding privacy, by design. Office of the Information and Privacy Commissioner.Google Scholar
Krishna Chandramouli, V Fernandez Arguedas, and Ebroul Izquierdo. 2013. Knowledge modeling for privacy-by-design in smart surveillance solution. In 2013 10th IEEE International Conference on Advanced Video and Signal Based Surveillance. IEEE, 171–176.Google ScholarCross Ref
Shan Chen and Mary-Anne Williams. 2013. Grounding Privacy-by-Design for information systems. In Pacific Asia Conference on Information Systems. Association of Information Systems, 107.Google Scholar
Michael Colesky, Julio C Caiza, José M Del Alamo, Jaap-Henk Hoepman, and Yod-Samuel Martín. 2018. A system of privacy patterns for user control. In Proceedings of the 33rd Annual ACM Symposium on Applied Computing. 1150–1156.Google ScholarDigital Library
Michael Colesky and Sepideh Ghanavati. 2016. Privacy shielding by design—a strategies case for near-compliance. In 2016 IEEE 24th International Requirements Engineering Conference Workshops (REW). IEEE, 271–275.Google ScholarCross Ref
Michael Colesky, Jaap-Henk Hoepman, and Christiaan Hillen. 2016. A critical analysis of privacy design strategies. In 2016 IEEE Security and Privacy Workshops (SPW). IEEE, 33–40.Google ScholarCross Ref
Nicholas Confessore. 2018. Cambridge Analytica and Facebook: The scandal and the fallout so far. The New York Times 4(2018), 2018.Google Scholar
Martin Degeling, Christopher Lentzsch, Alexander Nolte, Thomas Herrmann, and Kai-Uwe Loser. 2016. Privacy by socio-technical design: A collaborative approach for privacy friendly system design. In 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC). IEEE, 502–505.Google ScholarCross Ref
Juan Manuel Dodero, Mercedes Rodriguez-Garcia, Iván Ruiz-Rube, and Manuel Palomo-Duarte. 2019. Privacy-preserving reengineering of model-view-controller application architectures using linked data. Journal of Web Engineering 18, 7 (2019), 695–728.Google ScholarCross Ref
EU. 2016. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46. Official Journal of the European Union (OJ) 59, 1-88 (2016), 294.Google Scholar
Noria Foukia, David Billard, and Eduardo Solana. 2016. PISCES: A framework for privacy by design in IoT. In 2016 14th Annual Conference on Privacy, Security and Trust (PST). IEEE, 706–713.Google ScholarCross Ref
Rafa Galvez and Seda Gurses. 2018. The odyssey: Modeling privacy threats in a brave new world. In 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 87–94.Google ScholarCross Ref
Francesca Rubina Gaudino. 2011. Applied sciences in biomedical and ICT from the perspective of the patient’s right to data privacy and security: turning a zero-sum into a positive-sum game. In Proceedings of the 4th International Symposium on Applied Sciences in Biomedical and Communication Technologies. 1–6.Google ScholarDigital Library
Michele Guerriero, Damian A Tamburri, Youssef Ridene, Francesco Marconi, Marcello M Bersani, and Matej Artac. 2017. Towards DevOps for Privacy-by-Design in Data-Intensive Applications: A Research Roadmap. In Proceedings of the 8th ACM/SPEC on International Conference on Performance Engineering Companion. 139–144.Google ScholarDigital Library
Irit Hadar, Tomer Hasson, Oshrat Ayalon, Eran Toch, Michael Birnhack, Sofia Sherman, and Arod Balissa. 2018. Privacy by designers: software developers’ privacy mindset. Empirical Software Engineering 23, 1 (2018), 259–289.Google ScholarDigital Library
Majid Hatamian. 2020. Engineering privacy in smartphone apps: A technical guideline catalog for app developers. IEEE Access 8(2020), 35429–35445.Google ScholarCross Ref
Atsuo Hazeyama, Hironori Washizaki, Nobukazu Yoshioka, Haruhiko Kaiya, and Takao Okubo. 2016. Literature survey on technologies for developing privacy-aware software. In 2016 IEEE 24th International Requirements Engineering Conference Workshops (REW). IEEE, 86–91.Google ScholarCross Ref
Tore Hoel, Dai Griffiths, and Weiqin Chen. 2017. The influence of data protection and privacy frameworks on the design of learning analytics systems. In Proceedings of the seventh international learning analytics & knowledge conference. 243–252.Google ScholarDigital Library
Jaap-Henk Hoepman. 2014. Privacy design strategies. In IFIP International Information Security Conference. Springer, 446–459.Google ScholarCross Ref
Rainer Hörbe and Walter Hötzendorfer. 2015. Privacy by design in federated identity management. In 2015 IEEE Security and Privacy Workshops. IEEE, 167–174.Google ScholarDigital Library
ISO Iso. 2001. Iec 9126-1: Software engineering-product quality-part 1: Quality model. Geneva, Switzerland: International Organization for Standardization 21(2001).Google Scholar
ISO/IEC 25000. 2014. ISO/IEC 25000 – Systems and Software Engineering — Systems and Software Quality Requirements and Evaluation (SQuaRE) — Guide to SQuaRE. Geneva, Switzerland. 27 pages.Google Scholar
ISO/IEC 27701. 2019. Security techniques – Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management – Requirements and guidelines.International Organization for Standardization.Google Scholar
Dawn N Jutla, Peter Bodorik, and Sohail Ali. 2013. Engineering privacy for big data apps with the unified modeling language. In 2013 IEEE International Congress on Big Data. IEEE, 38–45.Google ScholarDigital Library
Barbara Kitchenham and Stuart Charters. 2007. Guidelines for performing systematic literature reviews in software engineering. (2007).Google Scholar
Ella Kolkowska. 2015. Privacy principles in design of smart homes systems in elderly care. In International Conference on Human Aspects of Information Security, Privacy, and Trust. Springer, 526–537.Google ScholarDigital Library
Martin Kost, Johann-Christoph Freytag, Frank Kargl, and Antonio Kung. 2011. Privacy verification using ontologies. In 2011 Sixth International Conference on Availability, Reliability and Security. IEEE, 627–632.Google ScholarDigital Library
Antonio Kung. 2014. PEARs: privacy enhancing architectures. In Annual Privacy Forum. Springer, 18–29.Google Scholar
Antonio Kung, Johann-Christoph Freytag, and Frank Kargl. 2011. Privacy-by-design in its applications. In 2011 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks. IEEE, 1–6.Google ScholarDigital Library
Antonio Kung, Christophe Jouvray, and Fanny Coudert. 2015. SALT frameworks to tackle surveillance and privacy concerns. In 2015 3rd International Conference on Model-Driven Engineering and Software Development (MODELSWARD). IEEE, 665–673.Google Scholar
J Richard Landis and Gary G Koch. 1977. The measurement of observer agreement for categorical data. biometrics (1977), 159–174.Google Scholar
Daniel Le Métayer. 2013. Privacy by design: a formal framework for the analysis of architectural choices. In Proceedings of the third ACM conference on Data and application security and privacy. 95–104.Google ScholarDigital Library
Jörg Lenhard, Lothar Fritsch, and Sebastian Herold. 2017. A literature study on privacy patterns research. In 2017 43rd Euromicro Conference on Software Engineering and Advanced Applications (SEAA). IEEE, 194–201.Google ScholarCross Ref
Yod-Samuel Martín, Jose M Del Alamo, and Juan C Yelmo. 2014. Engineering privacy requirements valuable lessons from another realm. In 2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE). IEEE, 19–24.Google ScholarCross Ref
Nazila Gol Mohammadi, Sachar Paulus, Mohamed Bishr, Andreas Metzger, Holger Koennecke, Sandro Hartenstein, and Klaus Pohl. 2013. An Analysis of Software Quality Attributes and Their Contribution to Trustworthiness.. In CLOSER. 542–552.Google Scholar
Miguel Ehécatl Morales-Trujillo and Gabriel Alberto Garcia-Mireles. 2018. Extending ISO/IEC 29110 basic profile with privacy-by-design approach: A case study in the health care sector. In 2018 11th International Conference on the Quality of Information and Communications Technology (QUATIC). IEEE, 56–64.Google ScholarCross Ref
Miguel Ehécatl Morales-Trujillo, Gabriel Alberto García-Mireles, Erick Orlando Matla-Cruz, and Mario Piattini. 2019. A Systematic Mapping Study of Privacy by Design in Software Engineering. CLEI Electronic Journal 22, 1 (2019).Google ScholarCross Ref
Anthony Morton and M Angela Sasse. 2012. Privacy is a process, not a PET: a theory for effective privacy practice. In Proceedings of the 2012 New Security Paradigms Workshop. 87–104.Google ScholarDigital Library
Nicolás Notario, Alberto Crespo, Antonio Kung, Inga Kroener, Daniel Le Métayer, Carmela Troncoso, Jose M Del Alamo, and Yod Samuel Martín. 2014. Pripare: a new vision on engineering privacy and security by design. In Cyber Security and Privacy Forum. Springer, 65–76.Google Scholar
Nicolás Notario, Alberto Crespo, Yod-Samuel Martín, Jose M Del Alamo, Daniel Le Métayer, Thibaud Antignac, Antonio Kung, Inga Kroener, and David Wright. 2015. PRIPARE: integrating privacy best practices into a privacy engineering methodology. In 2015 IEEE Security and Privacy Workshops. IEEE, 151–158.Google ScholarDigital Library
Marie Caroline Oetzel and Sarah Spiekermann. 2012. Privacy-by-design through systematic privacy impact assessment-a design science approach. (2012).Google Scholar
Gabriel Pedroza, Victor Muntes-Mulero, Yod Samuel Martín, and Guillaume Mockly. 2021. A Model-based approach to realize privacy and data protection by design. In 2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 332–339.Google ScholarCross Ref
Mariana Maia Peixoto. 2020. Privacy Requirements Engineering in Agile Software Development: a Specification Method.. In REFSQ Workshops.Google Scholar
Charith Perera, Mahmoud Barhamgi, Arosha K Bandara, Muhammad Ajmal, Blaine Price, and Bashar Nuseibeh. 2020. Designing privacy-aware internet of things applications. Information Sciences 512(2020), 238–257.Google ScholarDigital Library
Charith Perera, Ciaran McCormick, Arosha K Bandara, Blaine A Price, and Bashar Nuseibeh. 2016. Privacy-by-design framework for assessing internet of things applications and platforms. In Proceedings of the 6th International Conference on the Internet of Things. 83–92.Google ScholarDigital Library
Kai Petersen, Sairam Vakkalanka, and Ludwik Kuzniarz. 2015. Guidelines for conducting systematic mapping studies in software engineering: An update. Information and Software Technology 64 (2015), 1–18.Google ScholarDigital Library
Luca Piras, Mohammed Ghazi Al-Obeidallah, Andrea Praitano, Aggeliki Tsohou, Haralambos Mouratidis, Beatriz Gallego-Nicasio Crespo, Jean Baptiste Bernard, Marco Fiorani, Emmanouil Magkos, Andres Castillo Sanz, 2019. DEFeND architecture: a privacy by design platform for GDPR compliance. In International Conference on Trust and Privacy in Digital Business. Springer, 78–93.Google ScholarDigital Library
Stefano Righini, Luca Calderoni, and Dario Maio. 2022. A privacy-aware zero interaction smart mobility system. IEEE Access 10(2022), 11924–11937.Google ScholarCross Ref
Anna Romanou. 2018. The necessity of the implementation of Privacy by Design in sectors where data protection concerns arise. Computer law & security review 34, 1 (2018), 99–110.Google Scholar
Mark Rowan and Josh Dehlinger. 2014. Encouraging privacy by design concepts with privacy policy auto-generation in eclipse (page). In Proceedings of the 2014 Workshop on Eclipse Technology eXchange. 9–14.Google ScholarDigital Library
Hanne Rygge and Audun Jøsang. 2018. Threat poker: solving security and privacy threats in agile software development. In Nordic Conference on Secure IT Systems. Springer, 468–483.Google ScholarCross Ref
Puttakul Sakul-Ung and Sucha Smanchat. 2019. Towards Privacy Framework in Software Development Projects and Applications: An Integrated Framework. In 2019 Research, Invention, and Innovation Congress (RI2C). IEEE, 1–6.Google Scholar
Gerardo Schneider. 2018. Is privacy by construction possible?. In International Symposium on Leveraging Applications of Formal Methods. Springer, 471–485.Google ScholarDigital Library
Farida Habib Semantha, Sami Azam, Bharanidharan Shanmugam, Kheng Cher Yeo, and Abhijith Reddy Beeravolu. 2021. A Conceptual Framework to Ensure Privacy in Patient Record Management System. IEEE Access 9(2021), 165667–165689.Google ScholarCross Ref
Awanthika Senarath and Nalin AG Arachchilage. 2018. Why developers cannot embed privacy into software systems? An empirical investigation. In Proceedings of the 22nd International Conference on Evaluation and Assessment in Software Engineering 2018. 211–216.Google Scholar
Awanthika Senarath, Nalin AG Arachchilage, and Jill Slay. 2017. Designing Privacy for You: A Practical Approach for User-Centric Privacy. In International Conference on Human Aspects of Information Security, Privacy, and Trust. Springer, 739–752.Google Scholar
Boris Shishkov and Marijn Janssen. 2018. Enforcing context-awareness and privacy-by-design in the specification of information systems. In International Symposium on Business Modeling and Software Design. Springer, 87–111.Google ScholarCross Ref
Johanneke Siljee. 2015. Privacy transparency patterns. In Proceedings of the 20th european conference on pattern languages of programs. 1–11.Google ScholarDigital Library
Andreia R Silva, Placido R Pinheiro, Adriano B Albuquerque, and Jonatas C Barroso. 2017. Capacidade do Cliente na Solicitação de Requisitos Não-Funcionais. In Anais do XVI Simpósio Brasileiro de Qualidade de Software. SBC, 221–235.Google Scholar
Sarah Spiekermann. 2012. The challenges of privacy by design. Commun. ACM 55, 7 (2012), 38–40.Google ScholarDigital Library
Jovan Stevovic, Eleonora Bassi, Alessio Giori, Fabio Casati, and Giampaolo Armellin. 2015. Enabling privacy by design in medical records sharing. In Reforming European Data Protection Law. Springer, 385–406.Google Scholar
Jovan Stevovic, Paolo Sottovia, Maurizio Marchese, and Giampaolo Armellin. 2015. BPM Supported Privacy by Design for Cross-Organization Business Processes. In Service-Oriented Computing-ICSOC 2014 Workshops. Springer, 71–83.Google ScholarCross Ref
Mohammad Tahaei, Alisa Frik, and Kami Vaniea. 2021. Privacy Champions in Software Teams: Understanding Their Motivations, Strategies, and Challenges. In Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems. 1–15.Google ScholarDigital Library
Damian A Tamburri. 2020. Design principles for the General Data Protection Regulation (GDPR): A formal concept analysis and its evaluation. Information Systems 91(2020), 101469.Google ScholarCross Ref
Channel 4 News Investigations Team. 2018. Revealed: Cambridge Analytica data on thousands of Facebook users still not deleted. https://www.channel4.com/news/revealed-cambridge-analytica-data/on-thousands-of-facebook-users-still-not-deletedGoogle Scholar
Maria Teresa Baldassarre, Vita Santa Barletta, Danilo Caivano, and Antonio Piccinno. 2021. Integrating Security and Privacy in HCD-Scrum. In CHItaly 2021: 14th Biannual Conference of the Italian SIGCHI Chapter. 1–5.Google Scholar
Binod Vaidya and Hussein T Mouftah. 2018. Protecting the privacy of electricity consumers in the smart city. Transportation and Power Grid in Smart Cities: Communication Networks and Services (2018), 529–554.Google Scholar
Jeroen van Rest, Daniel Boonstra, Maarten Everts, Martin van Rijn, and Ron van Paassen. 2014. Designing privacy-by-design. In Annual Privacy Forum. Springer, 55–72.Google Scholar
Konstantina Vemou and Maria Karyda. 2014. Embedding privacy practices in social networking services. In proceedings of the 7th IADIS International Conference Information Systems. 201–208.Google Scholar
Fatbardh Veseli, Jetzabel Serna Olvera, Tobias Pulls, and Kai Rannenberg. 2019. Engineering privacy by design: lessons from the design and implementation of an identity wallet platform. In Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing. 1475–1483.Google ScholarDigital Library
Roel Wieringa, Neil Maiden, Nancy Mead, and Colette Rolland. 2006. Requirements engineering paper classification and evaluation criteria: a proposal and a discussion. Requirements engineering 11, 1 (2006), 102–107.Google Scholar

Index Terms

Privacy by Design and Software Engineering: a Systematic Literature Review
1. Security and privacy
  1. Software and application security

Recommendations

Privacy by Design in Software Engineering: An update of a Systematic Mapping Study
SAC '23: Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing

Since several data protection regulations were enacted in the last couple of years, we aimed to investigate the state-of-the-art of Privacy by Design in Software Engineering. An early Systematic Mapping Study investigated that before the General Data ...
Read More
Privacy transparency patterns
EuroPLoP '15: Proceedings of the 20th European Conference on Pattern Languages of Programs

This paper describes two privacy patterns for creating privacy transparency: the Personal Data Table pattern and the Privacy Policy Icons pattern, as well as a full overview of privacy transparency patterns. It is a first step in creating a full set of ...
Read More
Privacy in Digital Identity Systems: Models, Assessment, and User Adoption
Electronic Government
Abstract
The use of privacy protection measures is of particular importance for existing and upcoming users’ digital identities. Thus, the recently adopted EU Regulation on Electronic identification and trust services (eIDAS) explicitly allows the use of ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SBQS '22: Proceedings of the XXI Brazilian Symposium on Software Quality
November 2022
352 pages
ISBN:9781450399999
DOI:10.1145/3571473
Editors:
Edna Dias Canedo
(UnB)
,
Davi Viana
(UFMA)
,
Vinicius Garcia
(UFPE)
,
Carla Bezerra
(UFC)
,
Ismayle de Sousa Santos
(UFC)
,
Bruno Gadelha
(UFAM)
,
Ivan Machado
(UFBA)
,
Sérgio Soares
(UFPE)
,
Uirá Kulesza
(UFRN)
,
Breno de França
(UNICAMP)
,
Tayana Conte
(UFAM)
,
José Carlos Maldonado
(USP-ICMC)
,
Sheila Reinehr
(PUCPR)
,
Andreia Malucelli
(PUCPR)
,
Adriano Bessa Albuquerque
(UNIFOR)
,
Gleison Santos
(UNIRIO)
,
Ivan Machado
(UFBA)
,
Monalessa Perini Barcellos
(UFES)
,
Rodrigo Santos
(UNIRIO)
,
Sheila Reinehr
(PUCPR)
,
Tayana Conte
(UFAM)
,
Crescencio Lima
(IFBA)
,
Danilo Monteiro
(ZUP Innovation)
,
Adriana Damian
(Instituto Eldorado)
,
Larissa Rocha
(UEFS)
Copyright © 2022 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 27 January 2023
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Personal Data Protection
Privacy
Privacy by Design
Software Engineering
Qualifiers
- research-article
- Research
- Refereed limited
Conference

Acceptance Rates
Overall Acceptance Rate35of99submissions,35%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 1
  Total Citations
  View Citations
- 219
  Total Downloads
- Downloads (Last 12 months)170
- Downloads (Last 6 weeks)18
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

Privacy by Design and Software Engineering: a Systematic Literature Review

SBQS '22: Proceedings of the XXI Brazilian Symposium on Software Quality

ABSTRACT

References

Cited By

Index Terms

Recommendations

Privacy by Design in Software Engineering: An update of a Systematic Mapping Study

Privacy transparency patterns

Privacy in Digital Identity Systems: Models, Assessment, and User Adoption