Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic
Logic of Programs, Workshop
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
Ontology-based Active Requirements Engineering Framework
APSEC '05 Proceedings of the 12th Asia-Pacific Software Engineering Conference
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Pripayd: privacy friendly pay-as-you-drive insurance
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Privacy Ontology Support for E-Commerce
IEEE Internet Computing
IEEE Transactions on Software Engineering
Privacy Support and Evaluation on an Ontological Basis
ICDEW '07 Proceedings of the 2007 IEEE 23rd International Conference on Data Engineering Workshop
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Goal-driven risk assessment in requirements engineering
Requirements Engineering
ACM SIGMOBILE Mobile Computing and Communications Review
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Hi-index | 0.00 |
As information systems extensively exchange information between participants, privacy concerns may arise from potential misuse. Existing design approaches consider non-technical privacy requirements of different stakeholders during the design and the implementation of a system. However, a technical approach for privacy analysis is largely missing. This paper introduces a formal approach for technically evaluating an information system with respect to its designed or implemented privacy protection. In particular, we introduce a system model that describes various system aspects such as its information flow. We define the semantics of this system model by using ontologies. Based on the system model together with a given privacy ontology, and given privacy requirements we analyze the modeled system to detect privacy leakages and to calculate privacy indicators. The proposed method provides a technical approach to check whether a system conforms to the privacy requirements of the stakeholders or not.