Venue & metadata

• Journal/Proceedings: Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022
• Note: Cited by: 13
• Author keywords: Agile methodology; GDPR; Nonfunctional requirements; Privacy; Privacy-by-design; Risk analysis; Software design; Software development life cycle (SDLC)

Abstract

The legal definition of privacy regulations, like GDPR in the European Union, significantly impacted on the way in which software, systems and organizations should be designed or maintained to be compliant to rules. While the privacy community stated proper risk assessment and mitigation approaches to be applied, literature seems to suggest that the software engineering community, with special reference to companies, did actually concentrate on the specification phase, with less attention for the test phase of products. In coherence with the privacy-by-design approach, we believe that a bigger methodological effort must be put in the systematic adaptation of software development cycles to privacy regulations, and that this effort might be promoted in the industrial community by focusing on the relation between organizational costs vs technical features, also leveraging the benefits of targeted testing as a mean to lower operational privacy enforcement costs. © 2022 IEEE.

Keywords

Laws and legislation GS Life cycle GS Risk analysis GS Risk assessment GS Software testing GS Agile Methodologies GS GDPR GS Legal definition GS Non-functional requirements GS Privacy GS Privacy aware GS Privacy regulation GS Small-and-medium enterprise GS Software development life cycle GS Software development life-cycle GS Software design GS

Links & artifacts

DOI Publisher Copy BibTeX Download .bib

{"key"=>"Campanile2022", "type"=>"Conference paper", "bibtex"=>"@conference{Campanile2022,\n  author = {Campanile, Lelio and Iacono, Mauro and Mastroianni, Michele},\n  title = {Towards privacy-aware software design in small and medium enterprises},\n  year = {2022},\n  journal = {Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022},\n  doi = {10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958},\n  type = {Conference paper}\n}\n", "author"=>"Campanile, Lelio and Iacono, Mauro and Mastroianni, Michele", "author_array"=>[{"first"=>"Lelio", "last"=>"Campanile", "prefix"=>"", "suffix"=>""}, {"first"=>"Mauro", "last"=>"Iacono", "prefix"=>"", "suffix"=>""}, {"first"=>"Michele", "last"=>"Mastroianni", "prefix"=>"", "suffix"=>""}], "author_0_first"=>"Lelio", "author_0_last"=>"Campanile", "author_0_prefix"=>"", "author_0_suffix"=>"", "author_1_first"=>"Mauro", "author_1_last"=>"Iacono", "author_1_prefix"=>"", "author_1_suffix"=>"", "author_2_first"=>"Michele", "author_2_last"=>"Mastroianni", "author_2_prefix"=>"", "author_2_suffix"=>"", "title"=>"Towards privacy-aware software design in small and medium enterprises", "year"=>"2022", "journal"=>"Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022", "doi"=>"10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958", "url"=>"https://www.scopus.com/inward/record.uri?eid=2-s2.0-85145353321&doi=10.1109%2fDASC%2fPiCom%2fCBDCom%2fCy55231.2022.9927958&partnerID=40&md5=708dacdf77560860b78f2fe0500d32d5", "abstract"=>"The legal definition of privacy regulations, like GDPR in the European Union, significantly impacted on the way in which software, systems and organizations should be designed or maintained to be compliant to rules. While the privacy community stated proper risk assessment and mitigation approaches to be applied, literature seems to suggest that the software engineering community, with special reference to companies, did actually concentrate on the specification phase, with less attention for the test phase of products. In coherence with the privacy-by-design approach, we believe that a bigger methodological effort must be put in the systematic adaptation of software development cycles to privacy regulations, and that this effort might be promoted in the industrial community by focusing on the relation between organizational costs vs technical features, also leveraging the benefits of targeted testing as a mean to lower operational privacy enforcement costs.  © 2022 IEEE.", "author_keywords"=>"Agile methodology; GDPR; Nonfunctional requirements; Privacy; Privacy-by-design; Risk analysis; Software design; Software development life cycle (SDLC)", "keywords"=>"Laws and legislation; Life cycle; Risk analysis; Risk assessment; Software testing; Agile Methodologies; GDPR; Legal definition; Non-functional requirements; Privacy; Privacy aware; Privacy regulation; Small-and-medium enterprise; Software development life cycle; Software development life-cycle; Software design", "publication_stage"=>"Final", "source"=>"Scopus", "note"=>"Cited by: 13"}
    

Suggested citation

Campanile, L., Iacono, M., & Mastroianni, M. (2022). Towards privacy-aware software design in small and medium enterprises. Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022. https://doi.org/10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958