Please use this identifier to cite or link to this item:
Authors: Mindermann, Kai
Riedel, Frederik
Abdulkhaleq, Asim
Stach, Christoph
Wagner, Stefan
Title: Exploratory study of the privacy extension for System Theoretic Process Analysis (STPA-Priv) to elicit privacy risks in eHealth
Issue Date: 2017 Konferenzbeitrag IEEE International Requirements Engineering Conference (25th, 2017, Lissabon)
Workshop on Evolving Security and Privacy Requirements Engineering - ESPRE (4th, 2017, Lissabon) Proceedings / 2017 IEEE 25th International Requirements Engineering Conference Workshops : 4-8 September 2017, Lisbon, Portugal. - Los Alamitos, 2017. - ISBN 978-1-5386-3488-2, S. 90-96
ISBN: 978-1-5386-3488-2 Author's version
Abstract: Context: System Theoretic Process Analysis for Privacy (STPA-Priv) is a novel privacy risk elicitation method using a top down approach. It has not gotten very much attention but may offer a convenient structured approach and generation of additional artifacts compared to other methods. Aim: The aim of this exploratory study is to find out what benefits the privacy risk elicitation method STPA-Priv has and to explain how the method can be used. Method: Therefore we apply STPA-Priv to a real world health scenario that involves a smart glucose measurement device used by children. Different kinds of data from the smart device including location data should be shared with the parents, physicians, and urban planners. This makes it a sociotechnical system that offers adequate and complex privacy risks to be found. Results: We find out that STPA-Priv is a structured method for privacy analysis and finds complex privacy risks. The method is supported by a tool called XSTAMPP which makes the analysis and its results more profound. Additionally, we learn that an iterative application of the steps might be necessary to find more privacy risks when more information about the system is available later. Conclusions: STPA-Priv helps to identify complex privacy risks that are derived from sociotechnical interactions in a system. It also outputs privacy constraints that are to be enforced by the system to ensure privacy.
Appears in Collections:05 Fakultät Informatik, Elektrotechnik und Informationstechnik

Files in This Item:
File Description SizeFormat 
ESPRE_STPA-Priv_authors_version.pdf626,23 kBAdobe PDFView/Open

Items in OPUS are protected by copyright, with all rights reserved, unless otherwise indicated.