English
Related papers

Related papers: Transforming Data Flow Diagrams for Privacy Compli…

200 papers

We increasingly rely on digital services and the conveniences they provide. Processing of personal data is integral to such services and thus privacy and data protection are a growing concern, and governments have responded with regulations…

Cryptography and Security · Computer Science 2022-11-30 Feiyang Tang , Bjarte M. Østvold

The application of the General Data Protection Regulation (GDPR) has significantly affected privacy requirements elicitation, modelling, and verification in Software Engineering (SE). One of the affected areas is requirements visualisation…

Software Engineering · Computer Science 2026-05-28 Evangelia Vanezi , Georgia M. Kapitsaki , Anna Philippou

This work introduces Information Inference Diagrams (I2Ds), a modeling framework aiming to complement existing approaches for privacy and security analysis of distributed systems. It is intended to support established threat modeling…

Cryptography and Security · Computer Science 2025-10-28 Sebastian Rehms , Stefan Köpsell , Verena Klös , Florian Tschorsch

The growing interconnection between software systems increases the need for security already at design time. Security-related properties like confidentiality are often analyzed based on data flow diagrams (DFDs). However, manually analyzing…

Software Engineering · Computer Science 2024-03-15 Nicolas Boltz , Sebastian Hahner , Christopher Gerking , Robert Heinrich

The new General Data Protection Regulation (GDPR) will take effect in May 2018, and hence, designing compliant data protection policies and system architectures became crucial for organizations to avoid penalties. Unfortunately, the…

Cryptography and Security · Computer Science 2018-05-15 Vinh Thong Ta

In system development life cycle (SDLC), a system model can be developed using Data Flow Diagram (DFD). DFD is graphical diagrams for specifying, constructing and visualizing the model of a system. DFD is used in defining the requirements…

Software Engineering · Computer Science 2010-11-02 Rosziati Ibrahim , Siow Yen yen

Specifying legal requirements for software systems to ensure their compliance with the applicable regulations is a major concern to requirements engineering (RE). Personal data which is collected by an organization is often shared with…

Software Engineering · Computer Science 2023-11-27 Muhammad Ilyas Azeem , Sallam Abualhaija

In Europe and indeed worldwide, the General Data Protection Regulation (GDPR) provides protection to individuals regarding their personal data in the face of new technological developments. GDPR is widely viewed as the benchmark for data…

Software Engineering · Computer Science 2020-07-24 Damiano Torre , Mauricio Alferez , Ghanem Soltana , Mehrdad Sabetzadeh , Lionel Briand

The enactment of the General Data Protection Regulation (GDPR) in 2018 forced any organization that collects and/or processes EU-based personal data to comply with stringent privacy regulations. Software organizations have struggled to…

Software Engineering · Computer Science 2020-02-18 Ze Shi Li , Colin Werner , Neil Ernst , Daniela Damian

Models of software systems are used throughout the software development lifecycle. Dataflow diagrams (DFDs), in particular, are well-established resources for security analysis. Many techniques, such as threat modelling, are based on DFDs…

Software Engineering · Computer Science 2024-01-10 Simon Schneider , Nicolás E. Díaz Ferreyra , Pierre-Jean Quéval , Georg Simhandl , Uwe Zdun , Riccardo Scandariato

Data protection laws such as GDPR aim to give users unprecedented control over their personal data. Compliance with these regulations requires systematically considering information flow and interactions among entities handling sensitive…

Programming Languages · Computer Science 2025-08-07 Chinmayi Prabhu Baramashetru , Paola Giannini , Silvia Lizeth Tapia Tarifa , Olaf Owe

Data-driven applications and services have been increasingly deployed in all aspects of life including healthcare and medical services in which a huge amount of personal data is collected, aggregated, and processed in a centralised server…

Cryptography and Security · Computer Science 2024-04-23 Naila Azam , Anna Lito Michala , Shuja Ansari , Nguyen Truong

Context: Consistent requirements and system specifications are essential for the compliance of software systems towards the General Data Protection Regulation (GDPR). Both artefacts need to be grounded in the original text and conjointly…

Software Engineering · Computer Science 2025-11-03 Oleksandr Kosenkov , Ehsan Zabardast , Davide Fucci , Daniel Mendez , Michael Unterkalmsteiner

The General Data Protection Regulation (GDPR) grants all natural persons the right of access to their personal data if this is being processed by data controllers. The data controllers are obliged to share the data in an electronic format…

Cryptography and Security · Computer Science 2021-05-06 Laura Boeschoten , Roos Voorvaart , Casper Kaandorp , Ruben van den Goorbergh , Martine de Vos

Data flow diagrams (DFDs) are popular for sketching systems for subsequent threat modelling. Their limited semantics make reasoning about them difficult, but enriching them endangers their simplicity and subsequent ease of take up. We…

Cryptography and Security · Computer Science 2020-06-09 Shamal Faily , Riccardo Scandariato , Adam Shostack , Laurens Sion , Duncan Ki-Aries

Based on Article 35 of the EU (European Union) General Data Protection Regulation, a Data Protection Impact Assessment (DPIA) is necessary whenever there is a possibility of a high privacy and data protection risk to individuals caused by a…

Cryptography and Security · Computer Science 2023-04-25 Fatemeh Zarrabi , Isabel Wagner , Eerke Boiten

With the arrival of the European Union's General Data Protection Regulation (GDPR), several companies are making significant changes to their systems to achieve compliance. The changes range from modifying privacy policies to redesigning…

Computers and Society · Computer Science 2019-07-01 Jayashree Mohan , Melissa Wasserman , Vijay Chidambaram

Enforcing data protection and privacy rules within large data processing applications is becoming increasingly important, especially in the light of GDPR and similar regulatory frameworks. Most modern data processing happens on top of a…

Cryptography and Security · Computer Science 2020-08-13 Zsolt Istvan , Soujanya Ponnapalli , Vijay Chidambaram

Through legislation and technical advances users gain more control over how their data is processed, and they expect online services to respect their privacy choices and preferences. However, data may be processed for many different…

Databases · Computer Science 2024-03-19 Dorota Filipczuk , Enrico H. Gerding , George Konstantinidis

Data privacy legislation, such as GDPR and CCPA/CPRA, has rendered data privacy law compliance a requirement of all software systems. Developers need to implement various kinds of functionalities to cover law needs, including user rights…

Software Engineering · Computer Science 2025-12-18 Ioanna Theophilou , Georgia M. Kapitsaki
‹ Prev 1 2 3 10 Next ›