A Formal Modeling Scheme for Analyzing a Software System Design against the GDPR

Evangelia Vanezi, Georgia Kapitsaki, Dimitrios Kouzapas, Anna Philippou

Abstract

Since the adoption of the EU General Data Protection Regulation (GDPR) in May 2018, designing software systems that conform to the GDPR principles has become vital. Modeling languages can be a facilitator for this process, following the principles of model-driven development. In this paper, we present our work on the usage of a π-calculus-based language for modeling and reasoning about the GDPR provisions of 1) lawfulness of processing by providing consent, 2) consent withdrawal, and 3) right to erasure. A static analysis method based on type checking is proposed to validate that a model conforms to associated privacy requirements. This is the first step towards a rigorous Privacy-By-Design methodology for analyzing and validating a software system model against the GDPR. A use case is presented to discuss and illustrate the framework.

Download


Paper Citation


in Harvard Style

Vanezi E., Kapitsaki G., Kouzapas D. and Philippou A. (2019). A Formal Modeling Scheme for Analyzing a Software System Design against the GDPR.In Proceedings of the 14th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE, ISBN 978-989-758-375-9, pages 68-79. DOI: 10.5220/0007722900680079


in Bibtex Style

@conference{enase19,
author={Evangelia Vanezi and Georgia Kapitsaki and Dimitrios Kouzapas and Anna Philippou},
title={A Formal Modeling Scheme for Analyzing a Software System Design against the GDPR},
booktitle={Proceedings of the 14th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,},
year={2019},
pages={68-79},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007722900680079},
isbn={978-989-758-375-9},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 14th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,
TI - A Formal Modeling Scheme for Analyzing a Software System Design against the GDPR
SN - 978-989-758-375-9
AU - Vanezi E.
AU - Kapitsaki G.
AU - Kouzapas D.
AU - Philippou A.
PY - 2019
SP - 68
EP - 79
DO - 10.5220/0007722900680079