ABSTRACT
There has recently been an upsurge of legislative, technical and organizational frameworks in the field of privacy which recommend, and even mandate the need to consider privacy issues in the design of information systems. Privacy design patterns have been acknowledged as a useful tool to support engineers in this complex task, as they leverage best-practices which are already available in the engineering community. There are currently different privacy pattern catalogs coexisting, however, an ongoing effort is being made to unify these scattered contributions into one comprehensive system of patterns. To this end, the relationships between the privacy patterns must be expressed consistently. However, the catalogs available describe pattern relationships at different, incompatible levels of detail, or do not describe them at all. To solve this problem, this paper presents a taxonomy of types of relationships that can be used to describe the relationships between privacy patterns. This taxonomy has been validated against each individual catalog to ensure its applicability in the unified privacy pattern system.
- Christopher Alexander, Sara Ishikawa, Murray Silverstein, Max Jacobson, Ingrid Fiksdahl-King, and Shlomo Angel. 1977. A Pattern Language: Towns, Buildings, Construction, Oxford University Press.Google Scholar
- Sherman R. Alpert, Kyle Brown, and Bobby Woolf. 1998. The design patterns Smalltalk companion, Addison-Wesley. Google ScholarDigital Library
- Christoph Bier and Erik Krempel. 2012. Common Privacy Patterns in Video Surveillance and Smart Energy. 2012 7th Int. Conf. Comput. Converg. Technol. (2012), 610--615.Google Scholar
- Frank Buschmann, Regine Meunier, Hans Rohnert, Peter Sommerlad, and Michael Stal. 1996. Pattern-oriented Software Architecture Volume 1, West Sussex: John Wiley & Sons Ltd. Google ScholarDigital Library
- Ann Cavoukian. 2009. Privacy by Design The 7 Foundational Principles.Google Scholar
- Michael Colesky, Jaap-Henk Hoepman, and Christiaan Hillen. 2016. A Critical Analysis of Privacy Design Strategies. 2016 IEEE Secur. Priv. Work., 33--40.Google Scholar
- George Danezis et al. 2015. Privacy and Data Protection by Design - from policy to engineering.Google Scholar
- Data Protection and Privacy Commissioners. 2010. Resolution on Privacy by Design. In 32nd International Conference of Data Protection and Privacy Commissioners. Jerusalem.Google Scholar
- Nick Doty and Mohit Gupta. 2011. Privacy Patterns. Retrieved October 10, 2016 from https://privacypatterns.org/Google Scholar
- Nick Doty and Mohit Gupta. 2016. Privacy Patterns - Collaborative development of privacy software design patterns. Retrieved January 31, 2016 from https://github.com/privacypatternsGoogle Scholar
- Olha Drozd. 2016a. Privacy pattern catalogue: A tool for integrating privacy principles of ISO/IEC 29100 into the software development process. IFIP Adv. Inf. Commun. Technol. 476 (2016), 129--140.Google ScholarCross Ref
- Olha Drozd. 2016b. Privacy Patterns Catalog. (2016). Retrieved January 25, 2017 from http://privacypatterns.wu.ac.at:8080/catalog/Google Scholar
- Hisain Elshaafi, Christophe Jouvray, Nicolas Notario, Henning Kopp, Frank Kargl, and Sigrid Guergens. 2015. PRIPARE: Guidelines for Best Practice Templates.Google Scholar
- European Parliament and Council of the European Union. 2016. REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). http://eur-lex.europa.eu/eli/reg/2016/679/ojGoogle Scholar
- EuroPLOP. 2004. EuroPLoP. Retrieved January 25, 2017 from http://www.europlop.net/Google Scholar
- Simone Fischer-Hübner et al. 2010. HCI Pattern Collection -- Version 2.Google Scholar
- Munawar Hafiz. 2013. A pattern language for developing privacy enhancing technologies. Softw. - Pract. Exp. 43, 7 (2013), 769--787.Google ScholarCross Ref
- Jaap-Henk Hoepman. 2012. Privacy Design Strategies. (October 2012).Google Scholar
- ISO/IEC. 2011. ISO/EIC 29100:2011 Information technology: Security techniques: Privacy framework. (2011).Google Scholar
- Yod-Samuel Martín, Jose M. del Alamo, and Juan C. Yelmo. 2015. Toward a Pattern Language for Privacy - enhancing Design Techniques. In VII Congreso Iberoamericano de Telemática (CITA 2015). Popayán, 173--180.Google Scholar
- Gerard Meszaros and Jim Doble. 1998. A pattern language for pattern writing. Pattern languages of program design. Google ScholarDigital Library
- James Noble. 1998. Classifying relationships between object-oriented design patterns. In Proceedings 1998 Australian Software Engineering Conference (Cat. No.98EX233). IEEE Comput. Soc, 98--107. Google ScholarDigital Library
- PrimeLife Project. 2011. PrimeLife - Privacy and Identity Management in Europe for Life. Retrieved January 25, 2017 from http://primelife.ercim.eu/Google Scholar
- PRIPARE. 2015. privacypatterns.eu - Collecting patterns for better privacy. Retrieved January 25, 2017 from https://privacypatterns.eu/Google Scholar
- Sasha Romanosky, Alessandro Acquisti, Jason Hong, Lorrie Faith Cranor, and Batya Friedman. 2006. Privacy patterns for online interactions. Proc. 2006 Conf. Pattern Lang. programs - PLoP '06, 1. Google ScholarDigital Library
- Till Schümmer. 2004. The Public Privacy -- Patterns for Filtering Personal Information in Collaborative Systems. In Proceedings of CHI workshop on Human-Computer-Human-Interaction Patterns.Google Scholar
Index Terms
- Organizing Design Patterns for Privacy: A Taxonomy of Types of Relationships
Recommendations
A framework and roadmap for enhancing the application of privacy design patterns
SAC '20: Proceedings of the 35th Annual ACM Symposium on Applied ComputingPrivacy patterns have become a cornerstone of the Privacy by Design paradigm realization by being used in different methodologies, strategies, tools, and many other privacy engineering proposals reported in the state-of-the-art. While these proposals ...
Privacy transparency patterns
EuroPLoP '15: Proceedings of the 20th European Conference on Pattern Languages of ProgramsThis paper describes two privacy patterns for creating privacy transparency: the Personal Data Table pattern and the Privacy Policy Icons pattern, as well as a full overview of privacy transparency patterns. It is a first step in creating a full set of ...
A System of Privacy Patterns for Informing Users: Creating a Pattern System
EuroPLoP '18: Proceedings of the 23rd European Conference on Pattern Languages of ProgramsThe General Data Protection Regulation mandates data protection in the European Union. This includes data protection by design and having privacy-preserving defaults. This legislation has been in force since May 2018, promising severe consequences for ...
Comments