ConfIs: A Tool for Privacy and Security Analysis and Conflict Resolution for Supporting GDPR Compliance through Privacy-by-Design

Duaa Alkubaisy; Duaa Alkubaisy; Luca Piras; Mohammed Al-Obeidallah; Karl Cox; Haralambos Mouratidis

doi:10.5220/0010406100800091

ConfIs: A Tool for Privacy and Security Analysis and Conflict Resolution for Supporting GDPR Compliance through Privacy-by-Design

Duaa Alkubaisy, Duaa Alkubaisy, Luca Piras, Mohammed Al-Obeidallah, Karl Cox, Haralambos Mouratidis

2021

Abstract

Privacy and security requirements, and their potential conflicts, are increasingly having more and more importance. It is becoming a necessary part to be considered, starting from the very early stages of requirements engineering, and in the entire software engineering cycle, for the design of any software system. In the last few years, this has been even more emphasized and required by the law. A relevant example is the case of the General Data Protection Regulation (GDPR), which requires organizations, and their software engineers, to enforce and guarantee privacy-by-design to make their platforms compliant with the regulation. In this context, complex activities related to privacy and security requirements elicitation, analysis, mapping and identification of potential conflicts, and the individuation of their resolution, become crucial. In the literature, there is not available a comprehensive requirement engineering oriented tool for supporting the requirements analyst. In this paper, we propose ConfIs, a tool for supporting the analyst in performing a process covering these phases in a systematic and interactive way. We present ConfIs and its process with a realistic example from DEFeND, an EU project aiming at supporting organizations in achieving GDPR compliance. In this context, we evaluated ConfIs by involving privacy/security requirements experts, which recognized our tool and method as supportive, concerning these complex activities.

Download

Paper Citation

in Harvard Style

Alkubaisy D., Piras L., Al-Obeidallah M., Cox K. and Mouratidis H. (2021). ConfIs: A Tool for Privacy and Security Analysis and Conflict Resolution for Supporting GDPR Compliance through Privacy-by-Design. In Proceedings of the 16th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE, ISBN 978-989-758-508-1, pages 80-91. DOI: 10.5220/0010406100800091

in Bibtex Style

@conference{enase21,
author={Duaa Alkubaisy and Luca Piras and Mohammed Al-Obeidallah and Karl Cox and Haralambos Mouratidis},
title={ConfIs: A Tool for Privacy and Security Analysis and Conflict Resolution for Supporting GDPR Compliance through Privacy-by-Design},
booktitle={Proceedings of the 16th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,},
year={2021},
pages={80-91},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010406100800091},
isbn={978-989-758-508-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 16th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,
TI - ConfIs: A Tool for Privacy and Security Analysis and Conflict Resolution for Supporting GDPR Compliance through Privacy-by-Design
SN - 978-989-758-508-1
AU - Alkubaisy D.
AU - Piras L.
AU - Al-Obeidallah M.
AU - Cox K.
AU - Mouratidis H.
PY - 2021
SP - 80
EP - 91
DO - 10.5220/0010406100800091