Thesis icon

Thesis

A principled approach for engineering privacy by design

Abstract:

Privacy is a multi-faceted concept that has several aspects. It is subjective in nature, not least because it is influenced by a variety of factors, including societal demands, which evolve over time, and technological developments. With the advent of information technologies, legal frameworks and standards alone are not sufficient to preserve the privacy of data subjects. As a response, Privacy by Design (PbD) has emerged as a proactive approach for embedding privacy into the early stages of the design process. Challenges involved in engineering PbD include a lack of holistic methodologies that address the plurality and contextuality of privacy and support the translation of its principles into engineering activities. In this dissertation, we investigate various methods for engineering PbD that capture and address privacy issues in the early stages of the design process. We also investigate how to model the key aspects of abstract privacy principles stated in legal frameworks and standards to bridge the semantic gap between technical and normative concepts. This gives rise to the Abstract Personal Data Lifecycle (APDL) model, which serves as an abstract model for personal data lifecycles. We also define a UML profile for the APDL model to represent data-processing activities in a way that is amenable to risk analysis and compliance checking. In addition, we develop a privacy risk model that defines the main factors that have impacts on privacy risks along with their assessable attributes and conceptual relationships. Based on this, we develop analysis and assessment approaches that illustrate how combinations of these factors are analysed and used as inputs to assess the levels of risk. Furthermore, we characterise privacy protection as a quality attribute by means of a general quality attribute scenario to avoid non-operational or overlapping definitions. Based on this, we develop a tactical approach that identifies privacy architectural strategies as collections of tactics, which are described through design patterns, to support the adoption of Privacy-Enhancing Technologies (PETs), and to specify, implement and justify various levels of privacy protection. Together, these contributions give rise to a principled approach for engineering PbD that captures privacy concerns in a comprehensive manner; addresses these concerns at an architectural level; and reasons about the compliance of architectural choices with legal frameworks and standards. It is aided by techniques and tools, which provide procedures with a prescribed language and notation, to accomplish its activities.

Actions

Access Document

Files:

Authors

More by this author
Division:
MPLS
Department:
Computer Science
Role:
Author

Contributors

Role:
Supervisor


DOI:
Type of award:
DPhil
Level of award:
Doctoral
Awarding institution:
University of Oxford


UUID:
uuid:6f436c73-8b9b-4a61-83c9-ee7b7cbbc915
Deposit date:
2019-05-25
ARK identifier:

Terms of use


Views and Downloads






If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP