Towards privacy-aware software design in small and medium enterprises

2 minute read

Conference Lelio Campanile, Mauro Iacono, Michele Mastroianni — 2022 · Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022

Venue & metadata

Journal/Proceedings: Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022
Note: Cited by: 13
Author keywords: Agile methodology; GDPR; Nonfunctional requirements; Privacy; Privacy-by-design; Risk analysis; Software design; Software development life cycle (SDLC)

Abstract

The legal definition of privacy regulations, like GDPR in the European Union, significantly impacted on the way in which software, systems and organizations should be designed or maintained to be compliant to rules. While the privacy community stated proper risk assessment and mitigation approaches to be applied, literature seems to suggest that the software engineering community, with special reference to companies, did actually concentrate on the specification phase, with less attention for the test phase of products. In coherence with the privacy-by-design approach, we believe that a bigger methodological effort must be put in the systematic adaptation of software development cycles to privacy regulations, and that this effort might be promoted in the industrial community by focusing on the relation between organizational costs vs technical features, also leveraging the benefits of targeted testing as a mean to lower operational privacy enforcement costs. © 2022 IEEE.

Keywords

Laws and legislation Life cycle Risk analysis Risk assessment Software testing Agile Methodologies GDPR Legal definition Non-functional requirements Privacy Privacy aware Privacy regulation Small-and-medium enterprise Software development life cycle Software development life-cycle Software design

Links & artifacts

DOI Publisher

@conference{Campanile2022,
  author = {Campanile, Lelio and Iacono, Mauro and Mastroianni, Michele},
  title = {Towards privacy-aware software design in small and medium enterprises},
  year = {2022},
  journal = {Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022},
  doi = {10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958}
}

Suggested citation

Campanile, L., Iacono, M., & Mastroianni, M. (2022). Towards privacy-aware software design in small and medium enterprises. Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022. https://doi.org/10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958

← Back to Publications