Towards Identification of Privacy Requirements with Systems Thinking View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2022-07-31

AUTHORS

Tuisku Sarrala , Tommi Mikkonen , Anh Nguyen Duc , Pekka Abrahamsson

ABSTRACT

Implementing privacy as software functions is required by privacy regulation. Achieving this requires shared understanding between business process owners and software engineers, who implement it. Current literature reveals a major gap between privacy requirements and how engineers interpret privacy. Furthermore, as today’s sociotechnical systems are increasingly complex and ever-evolving, unknown privacy issues can emerge from them as a side-effect. Understanding privacy and identifying privacy threats are pre-requisites for deciding on and implementing the right functionality in software. However, current methods for privacy threat identification do not cover all aspects of privacy, suit complex sociotechnical systems or requirements engineering, or support engineers forming a mental model of privacy. We claim that this situation can be improved by applying a systems thinking approach to privacy threat identification. In this paper, we elaborate the problem and propose a research agenda that will help close the gap between privacy requirements and technical software functionality. More... »

PAGES

249-258

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-031-11510-3_16

DOI

http://dx.doi.org/10.1007/978-3-031-11510-3_16

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1149869982


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0803", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computer Software", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0806", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information Systems", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "University of Jyv\u00e4skyl\u00e4, PO Box 35, 40014, Jyv\u00e4skyl\u00e4, Finland", 
          "id": "http://www.grid.ac/institutes/grid.9681.6", 
          "name": [
            "University of Jyv\u00e4skyl\u00e4, PO Box 35, 40014, Jyv\u00e4skyl\u00e4, Finland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Sarrala", 
        "givenName": "Tuisku", 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "University of Jyv\u00e4skyl\u00e4, PO Box 35, 40014, Jyv\u00e4skyl\u00e4, Finland", 
          "id": "http://www.grid.ac/institutes/grid.9681.6", 
          "name": [
            "University of Jyv\u00e4skyl\u00e4, PO Box 35, 40014, Jyv\u00e4skyl\u00e4, Finland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Mikkonen", 
        "givenName": "Tommi", 
        "id": "sg:person.013323020425.13", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013323020425.13"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Business and IT, University of South-Eastern Norway, PO Box 4, 3199, Borre, Norway", 
          "id": "http://www.grid.ac/institutes/grid.463530.7", 
          "name": [
            "Department of Business and IT, University of South-Eastern Norway, PO Box 4, 3199, Borre, Norway"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Nguyen Duc", 
        "givenName": "Anh", 
        "id": "sg:person.013777216461.94", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013777216461.94"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "University of Jyv\u00e4skyl\u00e4, PO Box 35, 40014, Jyv\u00e4skyl\u00e4, Finland", 
          "id": "http://www.grid.ac/institutes/grid.9681.6", 
          "name": [
            "University of Jyv\u00e4skyl\u00e4, PO Box 35, 40014, Jyv\u00e4skyl\u00e4, Finland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Abrahamsson", 
        "givenName": "Pekka", 
        "id": "sg:person.013004041551.91", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013004041551.91"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2022-07-31", 
    "datePublishedReg": "2022-07-31", 
    "description": "Implementing privacy as software functions is required by privacy regulation. Achieving this requires shared understanding between business process owners and software engineers, who implement it. Current literature reveals a major gap between privacy requirements and how engineers interpret privacy. Furthermore, as today\u2019s sociotechnical systems are increasingly complex and ever-evolving, unknown privacy issues can emerge from them as a side-effect. Understanding privacy and identifying privacy threats are pre-requisites for deciding on and implementing the right functionality in software. However, current methods for privacy threat identification do not cover all aspects of privacy, suit complex sociotechnical systems or requirements engineering, or support engineers forming a mental model of privacy. We claim that this situation can be improved by applying a systems thinking approach to privacy threat identification. In this paper, we elaborate the problem and propose a research agenda that will help close the gap between privacy requirements and technical software functionality.", 
    "editor": [
      {
        "familyName": "Shishkov", 
        "givenName": "Boris", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-031-11510-3_16", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-031-11509-7", 
        "978-3-031-11510-3"
      ], 
      "name": "Business Modeling and Software Design", 
      "type": "Book"
    }, 
    "keywords": [
      "privacy requirements", 
      "threat identification", 
      "sociotechnical systems", 
      "aspects of privacy", 
      "business process owners", 
      "privacy threats", 
      "privacy issues", 
      "software engineers", 
      "complex sociotechnical systems", 
      "software functionality", 
      "software functions", 
      "support engineers", 
      "privacy regulations", 
      "privacy", 
      "right functionality", 
      "process owners", 
      "mental models", 
      "requirements", 
      "functionality", 
      "engineers", 
      "current methods", 
      "system", 
      "software", 
      "research agenda", 
      "owners", 
      "issues", 
      "threat", 
      "identification", 
      "situation", 
      "model", 
      "method", 
      "gap", 
      "aspects", 
      "current literature", 
      "literature", 
      "function", 
      "understanding", 
      "major gaps", 
      "agenda", 
      "regulation", 
      "paper", 
      "problem", 
      "approach"
    ], 
    "name": "Towards Identification of Privacy Requirements with Systems Thinking", 
    "pagination": "249-258", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1149869982"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-031-11510-3_16"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-031-11510-3_16", 
      "https://app.dimensions.ai/details/publication/pub.1149869982"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-12-01T06:51", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20221201/entities/gbq_results/chapter/chapter_31.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-031-11510-3_16"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-031-11510-3_16'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-031-11510-3_16'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-031-11510-3_16'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-031-11510-3_16'


 

This table displays all metadata directly associated to this object as RDF triples.

129 TRIPLES      22 PREDICATES      68 URIs      60 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-031-11510-3_16 schema:about anzsrc-for:08
2 anzsrc-for:0803
3 anzsrc-for:0806
4 schema:author N751d6403833d41a1b7ef4e1d40e68db7
5 schema:datePublished 2022-07-31
6 schema:datePublishedReg 2022-07-31
7 schema:description Implementing privacy as software functions is required by privacy regulation. Achieving this requires shared understanding between business process owners and software engineers, who implement it. Current literature reveals a major gap between privacy requirements and how engineers interpret privacy. Furthermore, as today’s sociotechnical systems are increasingly complex and ever-evolving, unknown privacy issues can emerge from them as a side-effect. Understanding privacy and identifying privacy threats are pre-requisites for deciding on and implementing the right functionality in software. However, current methods for privacy threat identification do not cover all aspects of privacy, suit complex sociotechnical systems or requirements engineering, or support engineers forming a mental model of privacy. We claim that this situation can be improved by applying a systems thinking approach to privacy threat identification. In this paper, we elaborate the problem and propose a research agenda that will help close the gap between privacy requirements and technical software functionality.
8 schema:editor N79fc5c4731134f0fa65b564cc96b5c18
9 schema:genre chapter
10 schema:isAccessibleForFree false
11 schema:isPartOf N41957eeaac4446a4b21ac4ef86cfe73f
12 schema:keywords agenda
13 approach
14 aspects
15 aspects of privacy
16 business process owners
17 complex sociotechnical systems
18 current literature
19 current methods
20 engineers
21 function
22 functionality
23 gap
24 identification
25 issues
26 literature
27 major gaps
28 mental models
29 method
30 model
31 owners
32 paper
33 privacy
34 privacy issues
35 privacy regulations
36 privacy requirements
37 privacy threats
38 problem
39 process owners
40 regulation
41 requirements
42 research agenda
43 right functionality
44 situation
45 sociotechnical systems
46 software
47 software engineers
48 software functionality
49 software functions
50 support engineers
51 system
52 threat
53 threat identification
54 understanding
55 schema:name Towards Identification of Privacy Requirements with Systems Thinking
56 schema:pagination 249-258
57 schema:productId N51b689f74a604570b4d30267ec71fd85
58 N52e5663ccdd348289c32b271fbf668cc
59 schema:publisher N7f05777316ef48fc85b801382cdeba81
60 schema:sameAs https://app.dimensions.ai/details/publication/pub.1149869982
61 https://doi.org/10.1007/978-3-031-11510-3_16
62 schema:sdDatePublished 2022-12-01T06:51
63 schema:sdLicense https://scigraph.springernature.com/explorer/license/
64 schema:sdPublisher Nd7e9c48dcff44bceac0281064e6f7b0e
65 schema:url https://doi.org/10.1007/978-3-031-11510-3_16
66 sgo:license sg:explorer/license/
67 sgo:sdDataset chapters
68 rdf:type schema:Chapter
69 N1bbef09b481640a1bce37f669eedf29e rdf:first sg:person.013004041551.91
70 rdf:rest rdf:nil
71 N37e5ea33d0c64a26a7afa7b5198d88c3 rdf:first sg:person.013323020425.13
72 rdf:rest Nc9194d260d9e4dc1ae6807b7007141c4
73 N41957eeaac4446a4b21ac4ef86cfe73f schema:isbn 978-3-031-11509-7
74 978-3-031-11510-3
75 schema:name Business Modeling and Software Design
76 rdf:type schema:Book
77 N495ac7b460be4de4a07c80bd98a72ffd schema:affiliation grid-institutes:grid.9681.6
78 schema:familyName Sarrala
79 schema:givenName Tuisku
80 rdf:type schema:Person
81 N51b689f74a604570b4d30267ec71fd85 schema:name doi
82 schema:value 10.1007/978-3-031-11510-3_16
83 rdf:type schema:PropertyValue
84 N52e5663ccdd348289c32b271fbf668cc schema:name dimensions_id
85 schema:value pub.1149869982
86 rdf:type schema:PropertyValue
87 N71432bb606174abe867f16dcd074b6d2 schema:familyName Shishkov
88 schema:givenName Boris
89 rdf:type schema:Person
90 N751d6403833d41a1b7ef4e1d40e68db7 rdf:first N495ac7b460be4de4a07c80bd98a72ffd
91 rdf:rest N37e5ea33d0c64a26a7afa7b5198d88c3
92 N79fc5c4731134f0fa65b564cc96b5c18 rdf:first N71432bb606174abe867f16dcd074b6d2
93 rdf:rest rdf:nil
94 N7f05777316ef48fc85b801382cdeba81 schema:name Springer Nature
95 rdf:type schema:Organisation
96 Nc9194d260d9e4dc1ae6807b7007141c4 rdf:first sg:person.013777216461.94
97 rdf:rest N1bbef09b481640a1bce37f669eedf29e
98 Nd7e9c48dcff44bceac0281064e6f7b0e schema:name Springer Nature - SN SciGraph project
99 rdf:type schema:Organization
100 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
101 schema:name Information and Computing Sciences
102 rdf:type schema:DefinedTerm
103 anzsrc-for:0803 schema:inDefinedTermSet anzsrc-for:
104 schema:name Computer Software
105 rdf:type schema:DefinedTerm
106 anzsrc-for:0806 schema:inDefinedTermSet anzsrc-for:
107 schema:name Information Systems
108 rdf:type schema:DefinedTerm
109 sg:person.013004041551.91 schema:affiliation grid-institutes:grid.9681.6
110 schema:familyName Abrahamsson
111 schema:givenName Pekka
112 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013004041551.91
113 rdf:type schema:Person
114 sg:person.013323020425.13 schema:affiliation grid-institutes:grid.9681.6
115 schema:familyName Mikkonen
116 schema:givenName Tommi
117 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013323020425.13
118 rdf:type schema:Person
119 sg:person.013777216461.94 schema:affiliation grid-institutes:grid.463530.7
120 schema:familyName Nguyen Duc
121 schema:givenName Anh
122 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013777216461.94
123 rdf:type schema:Person
124 grid-institutes:grid.463530.7 schema:alternateName Department of Business and IT, University of South-Eastern Norway, PO Box 4, 3199, Borre, Norway
125 schema:name Department of Business and IT, University of South-Eastern Norway, PO Box 4, 3199, Borre, Norway
126 rdf:type schema:Organization
127 grid-institutes:grid.9681.6 schema:alternateName University of Jyväskylä, PO Box 35, 40014, Jyväskylä, Finland
128 schema:name University of Jyväskylä, PO Box 35, 40014, Jyväskylä, Finland
129 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...