A Practical Approach to Stakeholder-driven Determination of Security Requirements based on the GDPR and Common Criteria Topics: Data and Software Security; Legal and Regulatory Issues; Software Security Assurance In Proceedings of the 6th International Conference on Information Systems Security and Privacy ICISSP - Volume 1, 473-480, 2020 , Valletta, Malta