Visa enkel post

dc.contributor.authorEkdahl, Axel
dc.contributor.authorNyman, Lídia
dc.date.accessioned2019-11-19T09:33:11Z
dc.date.available2019-11-19T09:33:11Z
dc.date.issued2019-11-19
dc.identifier.urihttp://hdl.handle.net/2077/62557
dc.description.abstractThis study analyses two state-of-the-art methodologies for eliciting privacy threats in software contexts, LINDDUN and PIA. A first goal is to understand the limitations of these methodologies in terms of compliance to the provisions of the robust General Data Protection Regulation (GDPR). A second goal is to improve the first methodology by addressing its limitations and proving a more complete coverage with regards to the regulation. The study is divided into two phases; an analysis of the current coverage of the two methodologies and the development of an extended version of LINDDUN. The extended LINDDUN includes a privacy-aware Data Flow Diagram and extensions of the Content Unawareness and Policy and Noncompliance threat trees, as well as developed rules for defining where in a software design a privacy threat commonly exists. It was observed that PIA was considered more effective than LINDDUN in identifying design issues related to GDPR. While the extended version of LINDDUN showed to provide a more complete coverage than the original LINDDUN.sv
dc.language.isoengsv
dc.subjectPrivacysv
dc.subjectPrivacy Threat Modelingsv
dc.subjectGDPRsv
dc.subjectLINDDUNsv
dc.subjectPIAsv
dc.subjectGDPR compliancesv
dc.subjectPrivacy Impact Assessmentsv
dc.titleA Methodology to Validate Compliance to the GDPRsv
dc.typetext
dc.setspec.uppsokTechnology
dc.type.uppsokH2
dc.contributor.departmentGöteborgs universitet/Institutionen för data- och informationsteknikswe
dc.contributor.departmentUniversity of Gothenburg/Department of Computer Science and Engineeringeng
dc.type.degreeStudent essay


Filer under denna titel

Thumbnail

Dokumentet tillhör följande samling(ar)

Visa enkel post