Refining Privacy-Aware Data Flow Diagrams
Paper i proceeding, 2021
Privacy, like security, is a non-functional property, yet most software design tools are focused on functional aspects, using for instance Data Flow Diagrams (DFDs). In previous work, a conceptual model was introduced where DFDs were extended into so-called Privacy-Aware Data Flow Diagrams (PA-DFDs) with the aim of adding specific privacy checks to existing DFDs. An implementation to add such automatic checks has also been developed. In this paper, we define the notion of refinement for both DFDs and PA-DFDs as a special type of structure-preserving map (or graph homomorphism). We also provide three algorithms to find, check and transform refinements, and we show that the standard diagram "transform→refine/refine→transform" commutes. We have implemented our algorithms in a proof-of-concept tool called DFD Refinery, and have applied it to realistic scenarios.
Dataflow diagrams
GDPR
Refinement
Privacy by Design
Författare
Hanaa Alshareef
Chalmers, Data- och informationsteknik, Formella metoder
Sandro Stucki
Chalmers, Data- och informationsteknik, Informationssäkerhet
Gerardo Schneider
Göteborgs universitet
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
03029743 (ISSN) 16113349 (eISSN)
Vol. 13085 LNCS 121-1409783030921231 (ISBN)
19th International Conference on Software Engineering and Formal Methods, SEFM 2021
Virtual event, ,
Virtual event, ,
Perspex
Vetenskapsrådet (VR) (2018-04230), 2019-01-01 -- 2022-12-31.
Styrkeområden
Informations- och kommunikationsteknik
Ämneskategorier
Systemvetenskap
Datavetenskap (datalogi)
Datorsystem
DOI
10.1007/978-3-030-92124-8_8