Publications tagged with Laws and legislation

Published: September 28, 2025

Publications tagged with "Laws and legislation"

Towards privacy-aware software design in small and medium enterprises

Campanile, L., Iacono, M., & Mastroianni, M. (2022). Towards privacy-aware software design in small and medium enterprises. Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022. https://doi.org/10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958

Abstract

The legal definition of privacy regulations, like GDPR in the European Union, significantly impacted on the way in which software, systems and organizations should be designed or maintained to be compliant to rules. While the privacy community stated proper risk assessment and mitigation approaches to be applied, literature seems to suggest that the software engineering community, with special reference to companies, did actually concentrate on the specification phase, with less attention for the test phase of products. In coherence with the privacy-by-design approach, we believe that a bigger methodological effort must be put in the systematic adaptation of software development cycles to privacy regulations, and that this effort might be promoted in the industrial community by focusing on the relation between organizational costs vs technical features, also leveraging the benefits of targeted testing as a mean to lower operational privacy enforcement costs. © 2022 IEEE.

DOI Publisher Details

{"key"=>"Campanile2022", "type"=>"Conference paper", "bibtex"=>"@conference{Campanile2022,\n  author = {Campanile, Lelio and Iacono, Mauro and Mastroianni, Michele},\n  title = {Towards privacy-aware software design in small and medium enterprises},\n  year = {2022},\n  journal = {Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022},\n  doi = {10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958}\n}\n", "author"=>"Campanile, Lelio and Iacono, Mauro and Mastroianni, Michele", "author_array"=>[{"first"=>"Lelio", "last"=>"Campanile", "prefix"=>"", "suffix"=>""}, {"first"=>"Mauro", "last"=>"Iacono", "prefix"=>"", "suffix"=>""}, {"first"=>"Michele", "last"=>"Mastroianni", "prefix"=>"", "suffix"=>""}], "author_0_first"=>"Lelio", "author_0_last"=>"Campanile", "author_0_prefix"=>"", "author_0_suffix"=>"", "author_1_first"=>"Mauro", "author_1_last"=>"Iacono", "author_1_prefix"=>"", "author_1_suffix"=>"", "author_2_first"=>"Michele", "author_2_last"=>"Mastroianni", "author_2_prefix"=>"", "author_2_suffix"=>"", "title"=>"Towards privacy-aware software design in small and medium enterprises", "year"=>"2022", "journal"=>"Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022", "doi"=>"10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958", "url"=>"https://www.scopus.com/inward/record.uri?eid=2-s2.0-85145353321&doi=10.1109%2fDASC%2fPiCom%2fCBDCom%2fCy55231.2022.9927958&partnerID=40&md5=708dacdf77560860b78f2fe0500d32d5", "abstract"=>"The legal definition of privacy regulations, like GDPR in the European Union, significantly impacted on the way in which software, systems and organizations should be designed or maintained to be compliant to rules. While the privacy community stated proper risk assessment and mitigation approaches to be applied, literature seems to suggest that the software engineering community, with special reference to companies, did actually concentrate on the specification phase, with less attention for the test phase of products. In coherence with the privacy-by-design approach, we believe that a bigger methodological effort must be put in the systematic adaptation of software development cycles to privacy regulations, and that this effort might be promoted in the industrial community by focusing on the relation between organizational costs vs technical features, also leveraging the benefits of targeted testing as a mean to lower operational privacy enforcement costs.  © 2022 IEEE.", "author_keywords"=>"Agile methodology; GDPR; Nonfunctional requirements; Privacy; Privacy-by-design; Risk analysis; Software design; Software development life cycle (SDLC)", "keywords"=>"Laws and legislation; Life cycle; Risk analysis; Risk assessment; Software testing; Agile Methodologies; GDPR; Legal definition; Non-functional requirements; Privacy; Privacy aware; Privacy regulation; Small-and-medium enterprise; Software development life cycle; Software development life-cycle; Software design", "publication_stage"=>"Final", "source"=>"Scopus", "note"=>"Cited by: 13"}

Details

Designing a GDPR compliant blockchain-based IoV distributed information tracking system

Campanile, L., Iacono, M., Marulli, F., & Mastroianni, M. (2021). Designing a GDPR compliant blockchain-based IoV distributed information tracking system [Article]. Information Processing and Management, 58(3). https://doi.org/10.1016/j.ipm.2021.102511

Abstract

Blockchain technologies and distributed ledgers enable the design and implementation of trustable data logging systems that can be used by multiple parties to produce a non-repudiable database. The case of Internet of Vehicles may greatly benefit of such a possibility to track the chain of responsibility in case of accidents or damages due to bad or omitted maintenance, improving the safety of circulation and helping granting a correct handling of related legal issues. However, there are privacy issues that have to be considered, as tracked information potentially include data about private persons (position, personal habits), commercially relevant information (state of the fleet of a company, freight movement and related planning, logistic strategies), or even more critical knowledge (e.g., considering vehicles belonging to police, public authorities, governments or officers in sensible positions). In the European Union, all this information is covered by the General Data Protection Regulation (GDPR). In this paper we propose a reference model for a system that manages relevant information to show how blockchain can support GDPR compliant solutions for Internet of Vehicles, taking as a reference an integrated scenario based on Italy, and analyze a subset of its use cases to show its viability with reference to privacy issues. © 2021 Elsevier Ltd

DOI Publisher Details

{"key"=>"Campanile2021", "type"=>"Article", "bibtex"=>"@article{Campanile2021,\n  author = {Campanile, Lelio and Iacono, Mauro and Marulli, Fiammetta and Mastroianni, Michele},\n  title = {Designing a GDPR compliant blockchain-based IoV distributed information tracking system},\n  year = {2021},\n  journal = {Information Processing and Management},\n  volume = {58},\n  number = {3},\n  doi = {10.1016/j.ipm.2021.102511}\n}\n", "author"=>"Campanile, Lelio and Iacono, Mauro and Marulli, Fiammetta and Mastroianni, Michele", "author_array"=>[{"first"=>"Lelio", "last"=>"Campanile", "prefix"=>"", "suffix"=>""}, {"first"=>"Mauro", "last"=>"Iacono", "prefix"=>"", "suffix"=>""}, {"first"=>"Fiammetta", "last"=>"Marulli", "prefix"=>"", "suffix"=>""}, {"first"=>"Michele", "last"=>"Mastroianni", "prefix"=>"", "suffix"=>""}], "author_0_first"=>"Lelio", "author_0_last"=>"Campanile", "author_0_prefix"=>"", "author_0_suffix"=>"", "author_1_first"=>"Mauro", "author_1_last"=>"Iacono", "author_1_prefix"=>"", "author_1_suffix"=>"", "author_2_first"=>"Fiammetta", "author_2_last"=>"Marulli", "author_2_prefix"=>"", "author_2_suffix"=>"", "author_3_first"=>"Michele", "author_3_last"=>"Mastroianni", "author_3_prefix"=>"", "author_3_suffix"=>"", "title"=>"Designing a GDPR compliant blockchain-based IoV distributed information tracking system", "year"=>"2021", "journal"=>"Information Processing and Management", "volume"=>"58", "number"=>"3", "doi"=>"10.1016/j.ipm.2021.102511", "url"=>"https://www.scopus.com/inward/record.uri?eid=2-s2.0-85099496929&doi=10.1016%2fj.ipm.2021.102511&partnerID=40&md5=83a5e19e91b864d0a78b2bb6924d6254", "abstract"=>"Blockchain technologies and distributed ledgers enable the design and implementation of trustable data logging systems that can be used by multiple parties to produce a non-repudiable database. The case of Internet of Vehicles may greatly benefit of such a possibility to track the chain of responsibility in case of accidents or damages due to bad or omitted maintenance, improving the safety of circulation and helping granting a correct handling of related legal issues. However, there are privacy issues that have to be considered, as tracked information potentially include data about private persons (position, personal habits), commercially relevant information (state of the fleet of a company, freight movement and related planning, logistic strategies), or even more critical knowledge (e.g., considering vehicles belonging to police, public authorities, governments or officers in sensible positions). In the European Union, all this information is covered by the General Data Protection Regulation (GDPR). In this paper we propose a reference model for a system that manages relevant information to show how blockchain can support GDPR compliant solutions for Internet of Vehicles, taking as a reference an integrated scenario based on Italy, and analyze a subset of its use cases to show its viability with reference to privacy issues. © 2021 Elsevier Ltd", "author_keywords"=>"Blockchain; DPIA; EU regulation; GDPR; Internet of Vehicles; Interoperability; Italian regulation; Privacy by design; Risk assessment", "keywords"=>"Accidents; Blockchain; Fleet operations; Laws and legislation; Tracking (position); Vehicle to vehicle communications; Vehicles; Data logging systems; Design and implementations; Distributed information; European union; Freight movement; General data protection regulations; Public authorities; Reference modeling; Privacy by design", "publication_stage"=>"Final", "source"=>"Scopus", "note"=>"Cited by: 74"}

Details

Privacy regulations, smart roads, blockchain, and liability insurance: Putting technologies to work

Campanile, L., Iacono, M., Levis, A. H., Marulli, F., & Mastroianni, M. (2021). Privacy regulations, smart roads, blockchain, and liability insurance: Putting technologies to work [Article]. IEEE Security and Privacy, 19(1), 34–43. https://doi.org/10.1109/MSEC.2020.3012059

Abstract

Smart streets promise widely available traffic information to help improve people’s safety. Unfortunately, gathering that data may threaten privacy. We describe an architecture that exploits a blockchain and the Internet of Vehicles and show its compliance with the General Data Protection Regulation. © 2003-2012 IEEE.

DOI Publisher Details

{"key"=>"Campanile202134", "type"=>"Article", "bibtex"=>"@article{Campanile202134,\n  author = {Campanile, Lelio and Iacono, Mauro and Levis, Alexander H. and Marulli, Fiammetta and Mastroianni, Michele},\n  title = {Privacy regulations, smart roads, blockchain, and liability insurance: Putting technologies to work},\n  year = {2021},\n  journal = {IEEE Security and Privacy},\n  volume = {19},\n  number = {1},\n  pages = {34 – 43},\n  doi = {10.1109/MSEC.2020.3012059}\n}\n", "author"=>"Campanile, Lelio and Iacono, Mauro and Levis, Alexander H. and Marulli, Fiammetta and Mastroianni, Michele", "author_array"=>[{"first"=>"Lelio", "last"=>"Campanile", "prefix"=>"", "suffix"=>""}, {"first"=>"Mauro", "last"=>"Iacono", "prefix"=>"", "suffix"=>""}, {"first"=>"Alexander H.", "last"=>"Levis", "prefix"=>"", "suffix"=>""}, {"first"=>"Fiammetta", "last"=>"Marulli", "prefix"=>"", "suffix"=>""}, {"first"=>"Michele", "last"=>"Mastroianni", "prefix"=>"", "suffix"=>""}], "author_0_first"=>"Lelio", "author_0_last"=>"Campanile", "author_0_prefix"=>"", "author_0_suffix"=>"", "author_1_first"=>"Mauro", "author_1_last"=>"Iacono", "author_1_prefix"=>"", "author_1_suffix"=>"", "author_2_first"=>"Alexander H.", "author_2_last"=>"Levis", "author_2_prefix"=>"", "author_2_suffix"=>"", "author_3_first"=>"Fiammetta", "author_3_last"=>"Marulli", "author_3_prefix"=>"", "author_3_suffix"=>"", "author_4_first"=>"Michele", "author_4_last"=>"Mastroianni", "author_4_prefix"=>"", "author_4_suffix"=>"", "title"=>"Privacy regulations, smart roads, blockchain, and liability insurance: Putting technologies to work", "year"=>"2021", "journal"=>"IEEE Security and Privacy", "volume"=>"19", "number"=>"1", "pages"=>"34 – 43", "doi"=>"10.1109/MSEC.2020.3012059", "url"=>"https://www.scopus.com/inward/record.uri?eid=2-s2.0-85090453122&doi=10.1109%2fMSEC.2020.3012059&partnerID=40&md5=adce51b5e8ab8d5d1e0f4610d02140b2", "abstract"=>"Smart streets promise widely available traffic information to help improve people’s safety. Unfortunately, gathering that data may threaten privacy. We describe an architecture that exploits a blockchain and the Internet of Vehicles and show its compliance with the General Data Protection Regulation.  © 2003-2012 IEEE.", "keywords"=>"Data privacy; Laws and legislation; Vehicle to vehicle communications; General data protection regulations; Liability insurance; Privacy regulation; Traffic information; Blockchain", "publication_stage"=>"Final", "source"=>"Scopus", "note"=>"Cited by: 27"}

Details

← Back to all publications