Privacy-by-design based on quantitative threat modeling

Luna, J. and Suri, Neeraj and Krontiris, I. (2012) Privacy-by-design based on quantitative threat modeling. In: 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS). IEEE. ISBN 9781467330879

Full text not available from this repository.

Abstract

While the general concept of "Privacy-by-Design (PbD)" is increasingly a popular one, there is considerable paucity of either rigorous or quantitative underpinnings supporting PbD. Drawing upon privacy-aware modeling techniques, this paper proposes a quantitative threat modeling methodology (QTMM) that can be used to draw objective conclusions about different privacy-related attacks that might compromise a service. The proposed QTMM has been empirically validated in the context of the EU project ABC4Trust, where the end-users actually elicited security and privacy requirements of the so-called privacy-Attribute Based Credentials (privacy-ABCs) in a real-world scenario. Our overall objective, is to provide architects of privacy-respecting systems with a set of quantitative and automated tools to help decide across functional system requirements and the corresponding trade-offs (security, privacy and economic), that should be taken into account before the actual deployment of their services. © 2012 IEEE.

Item Type:
Contribution in Book/Report/Proceedings
Subjects:
ID Code:
137523
Deposited By:
Deposited On:
14 Oct 2019 13:46
Refereed?:
Yes
Published?:
Published
Last Modified:
07 Apr 2020 07:16