Nowadays, the dimension and complexity of software development projects increase the possibility of cyber-attacks, information exfiltration and data breaches. In this context, developers play a primary role in addressing privacy requirements and, consequently security, in software applications. Currently, only general guidelines exist that are difficult to put in operation due to the lack of the required security skills and knowledge, and to the use of legacy software development processes that do not deal with privacy and security aspects. This paper presents a knowledge base, the Privacy Knowledge Base (PKB), and the VIS-PRISE prototype (Visually Inspection to Support Privacy and Security) a visual tool that support developers' decisions to integrate privacy and security requirements in all software development phases. An initial experimental study with junior developers is also presented.
A Visual Tool for Supporting Decision-Making in Privacy Oriented Software Development
Baldassarre M. T.;Barletta V. S.
;Caivano D.;Piccinno A.
2020-01-01
Abstract
Nowadays, the dimension and complexity of software development projects increase the possibility of cyber-attacks, information exfiltration and data breaches. In this context, developers play a primary role in addressing privacy requirements and, consequently security, in software applications. Currently, only general guidelines exist that are difficult to put in operation due to the lack of the required security skills and knowledge, and to the use of legacy software development processes that do not deal with privacy and security aspects. This paper presents a knowledge base, the Privacy Knowledge Base (PKB), and the VIS-PRISE prototype (Visually Inspection to Support Privacy and Security) a visual tool that support developers' decisions to integrate privacy and security requirements in all software development phases. An initial experimental study with junior developers is also presented.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
