Bitte benutzen Sie diese Kennung, um auf die Ressource zu verweisen: http://dx.doi.org/10.18419/opus-9318
Langanzeige der Metadaten
DC ElementWertSprache
dc.contributor.authorMindermann, Kai-
dc.contributor.authorRiedel, Frederik-
dc.contributor.authorAbdulkhaleq, Asim-
dc.contributor.authorStach, Christoph-
dc.contributor.authorWagner, Stefan-
dc.date.accessioned2017-10-26T14:48:52Z-
dc.date.available2017-10-26T14:48:52Z-
dc.date.issued2017de
dc.identifier.isbn978-1-5386-3488-2-
dc.identifier.urihttp://nbn-resolving.de/urn:nbn:de:bsz:93-opus-ds-93354de
dc.identifier.urihttp://elib.uni-stuttgart.de/handle/11682/9335-
dc.identifier.urihttp://dx.doi.org/10.18419/opus-9318-
dc.description.abstractContext: System Theoretic Process Analysis for Privacy (STPA-Priv) is a novel privacy risk elicitation method using a top down approach. It has not gotten very much attention but may offer a convenient structured approach and generation of additional artifacts compared to other methods. Aim: The aim of this exploratory study is to find out what benefits the privacy risk elicitation method STPA-Priv has and to explain how the method can be used. Method: Therefore we apply STPA-Priv to a real world health scenario that involves a smart glucose measurement device used by children. Different kinds of data from the smart device including location data should be shared with the parents, physicians, and urban planners. This makes it a sociotechnical system that offers adequate and complex privacy risks to be found. Results: We find out that STPA-Priv is a structured method for privacy analysis and finds complex privacy risks. The method is supported by a tool called XSTAMPP which makes the analysis and its results more profound. Additionally, we learn that an iterative application of the steps might be necessary to find more privacy risks when more information about the system is available later. Conclusions: STPA-Priv helps to identify complex privacy risks that are derived from sociotechnical interactions in a system. It also outputs privacy constraints that are to be enforced by the system to ensure privacy.en
dc.language.isoende
dc.relation.uridoi:10.1109/REW.2017.30de
dc.rightsinfo:eu-repo/semantics/openAccessde
dc.subject.ddc004de
dc.titleExploratory study of the privacy extension for System Theoretic Process Analysis (STPA-Priv) to elicit privacy risks in eHealthen
dc.typeconferenceObjectde
ubs.bemerkung.externAuthor's versionde
ubs.fakultaetInformatik, Elektrotechnik und Informationstechnikde
ubs.institutInstitut für Parallele und Verteilte Systemede
ubs.institutInstitut für Softwaretechnologiede
ubs.konferenznameIEEE International Requirements Engineering Conference (25th, 2017, Lissabon)de
ubs.konferenznameWorkshop on Evolving Security and Privacy Requirements Engineering - ESPRE (4th, 2017, Lissabon)de
ubs.publikation.noppnyesde
ubs.publikation.sourceProceedings / 2017 IEEE 25th International Requirements Engineering Conference Workshops : 4-8 September 2017, Lisbon, Portugal. - Los Alamitos, 2017. - ISBN 978-1-5386-3488-2, S. 90-96de
ubs.publikation.typKonferenzbeitragde
Enthalten in den Sammlungen:05 Fakultät Informatik, Elektrotechnik und Informationstechnik

Dateien zu dieser Ressource:
Datei Beschreibung GrößeFormat 
ESPRE_STPA-Priv_authors_version.pdf626,23 kBAdobe PDFÖffnen/Anzeigen


Alle Ressourcen in diesem Repositorium sind urheberrechtlich geschützt.