Bitte benutzen Sie diese Kennung, um auf die Ressource zu verweisen: http://dx.doi.org/10.18419/opus-9298
Autor(en): Riedel, Frederik
Titel: Applicability analysis: elicitation of privacy risks through STPA(-Priv) in a selected IoT-scenario
Erscheinungsdatum: 2017
Dokumentart: Abschlussarbeit (Bachelor)
Seiten: 81
URI: http://nbn-resolving.de/urn:nbn:de:bsz:93-opus-ds-93156
http://elib.uni-stuttgart.de/handle/11682/9315
http://dx.doi.org/10.18419/opus-9298
Zusammenfassung: Context This bachelor’s thesis discusses the usage of System-Theoretic Process Analysis (STPA) for privacy engineering. STPA has been developed for safety engineering originally. I show how this methodology can be applied to privacy risk analysis by using the extension STPA-Priv. I explain why privacy is important and why privacy risk analysis can help improve systems regarding privacy. Objective The goal is to apply the privacy extension of STPA to a real-world Internet of Things scenario to determine the applicability and possible problems with this methodology. Method STPA considers safety a system property. I think that privacy is a system property as well and therefore STPA can be applied to privacy risk analysis. Most changes from STPA to STPA-Priv have been made in its terminology, the process itself remains the same. This brings many of the advantages of systems theory to the field of privacy engineering, such as the top-down nature of STPA that helps handle complex socio-technical systems. Results I found out that STPA-Priv is a good approach to elicit privacy risks and requirements. I was able to elicit many privacy risks from our scenario using STPA-Priv which shows that the methodology works in general. Conclusions After all, I can recommend using STPA-Priv to evaluate projects for privacy risks. Nevertheless, there are still changes and improvements necessary. However, the overall methodology would not be affected by those changes. STPA-Priv is very straight-forward for people that are already familiar with STPA.
Enthalten in den Sammlungen:05 Fakultät Informatik, Elektrotechnik und Informationstechnik

Dateien zu dieser Ressource:
Datei Beschreibung GrößeFormat 
Bachelorarbeit.pdf7,71 MBAdobe PDFÖffnen/Anzeigen


Alle Ressourcen in diesem Repositorium sind urheberrechtlich geschützt.