A data minimization model for embedding privacy into software systems. Issue 87 (November 2019)
- Record Type:
- Journal Article
- Title:
- A data minimization model for embedding privacy into software systems. Issue 87 (November 2019)
- Main Title:
- A data minimization model for embedding privacy into software systems
- Authors:
- Senarath, Awanthika
Arachchilage, Nalin Asanka Gamagedara - Abstract:
- Highlights: Developers require support to implement data minimization. Data minimization needs to expand beyond data collection. Data minimization should be applied through out the data flow in a system. Understanding data is important to manage data in software systems. Developers can be guided to manage data through understanding data. Abstract: Modern software systems (social networking, banking and shopping applications) are becoming increasingly dependent on our data. These systems need data to provide various economic and social benefits to users as well as businesses. However, the extensive use of personal data in systems poses a threat to user privacy. Therefore, privacy laws expect software systems to practice Data Minimization (DM), to minimize data in software systems. This has put software developers in a dilemma to minimize user data to provide user privacy and maximize user data for enhanced system functionality. Following the design science research approach, in this research we propose and evaluate a methodology that enables developers to make their decisions to minimize user data in software systems through understanding data. The methodology encourage developers to think of the ways they would use data in a system design focusing on the storage and sharing of data. Developers in the three experiments conducted to evaluate the methodology agreed that it enables them to think of the ways they use data in system designs and it helps them to make decisions toHighlights: Developers require support to implement data minimization. Data minimization needs to expand beyond data collection. Data minimization should be applied through out the data flow in a system. Understanding data is important to manage data in software systems. Developers can be guided to manage data through understanding data. Abstract: Modern software systems (social networking, banking and shopping applications) are becoming increasingly dependent on our data. These systems need data to provide various economic and social benefits to users as well as businesses. However, the extensive use of personal data in systems poses a threat to user privacy. Therefore, privacy laws expect software systems to practice Data Minimization (DM), to minimize data in software systems. This has put software developers in a dilemma to minimize user data to provide user privacy and maximize user data for enhanced system functionality. Following the design science research approach, in this research we propose and evaluate a methodology that enables developers to make their decisions to minimize user data in software systems through understanding data. The methodology encourage developers to think of the ways they would use data in a system design focusing on the storage and sharing of data. Developers in the three experiments conducted to evaluate the methodology agreed that it enables them to think of the ways they use data in system designs and it helps them to make decisions to minimize using data in a system design. Developers also showed positive intention to use the proposed methodology within system development activities. … (more)
- Is Part Of:
- Computers & security. Issue 87(2019)
- Journal:
- Computers & security
- Issue:
- Issue 87(2019)
- Issue Display:
- Volume 87, Issue 87 (2019)
- Year:
- 2019
- Volume:
- 87
- Issue:
- 87
- Issue Sort Value:
- 2019-0087-0087-0000
- Page Start:
- Page End:
- Publication Date:
- 2019-11
- Subjects:
- Software development -- Data minimization -- Privacy engineering -- Software developers -- Embedding privacy
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2019.101605 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 16314.xml