Integrating security and privacy requirements at every stage of the software development cycle is critical to guarantee the confidentiality, integrity and availability of the system and consequently of the data. Developers need to be supported in this challenge, as many different skills are required to respond effectively to the growing number of cyber-attacks. In such a context, this research study endeavors to define the key elements that support decision-making in privacy oriented software development. A Privacy Knowledge Base (PKB) is defined to support developers’ decisions in all software development phases, and a prototype (PKB-Tool) is developed to operationally integrate privacy and security requirements into the development of new systems and the re-engineering of legacy systems. An ongoing experimentation in the context of an industrial project is presented to validate the efficacy of the 5 key elements in supporting developers in integrating privacy and security requirements in the software life cycle.

Privacy Knowledge Base for Supporting Decision-Making in Software Development

Baldassarre, Maria teresa;Barletta, Vita Santa;Caivano, Danilo;Piccinno, Antonio;Scalera, Michele
2022-01-01

Abstract

Integrating security and privacy requirements at every stage of the software development cycle is critical to guarantee the confidentiality, integrity and availability of the system and consequently of the data. Developers need to be supported in this challenge, as many different skills are required to respond effectively to the growing number of cyber-attacks. In such a context, this research study endeavors to define the key elements that support decision-making in privacy oriented software development. A Privacy Knowledge Base (PKB) is defined to support developers’ decisions in all software development phases, and a prototype (PKB-Tool) is developed to operationally integrate privacy and security requirements into the development of new systems and the re-engineering of legacy systems. An ongoing experimentation in the context of an industrial project is presented to validate the efficacy of the 5 key elements in supporting developers in integrating privacy and security requirements in the software life cycle.
2022
978-3-030-98387-1
978-3-030-98388-8
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11586/449541
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 10
  • ???jsp.display-item.citation.isi??? 1
social impact