Goal-Modeling Privacy-by-Design Patterns for Supporting GDPR Compliance

Mohammed Al-Obeidallah; Luca Piras; Onyinye Iloanugo; Haralambos Mouratidis; Duaa Alkubaisy; Daniele Dellagiacoma

doi:10.5220/0012080700003538

Goal-Modeling Privacy-by-Design Patterns for Supporting GDPR Compliance

Mohammed Al-Obeidallah, Luca Piras, Onyinye Iloanugo, Haralambos Mouratidis, Duaa Alkubaisy, Daniele Dellagiacoma

2023

Abstract

The introduction of the European General Data Protection Regulation (GDPR) has imposed obligations on organisations collecting data in the EU. This has been beneficial to citizens due to rights reinforcement achieved as data subjects. However, obligations heavily affected organisations, and their privacy requirements analysts, having issues with interpreting and implementing GDPR principles. This paper proposes visual GDPR Patterns supporting analysts through Privacy-by- Design (PbD) and GDPR compliance analysis. In order to achieve that, we extended a requirements modeling tool, SecTro, which is used to assist analysts in creating visual requirements models. Specifically, we extended SecTro with novel visual GDPR patterns representing GDPR principles. We evaluated the patterns in a healthcare case study. The evaluation results suggest that the GDPR patterns can help analysts in PbD modeling analysis, by representing GDPR principles and considering relevant ready-to-use alternatives, towards achieving GDPR compliance.

Download

Paper Citation

in Harvard Style

Al-Obeidallah M., Piras L., Iloanugo O., Mouratidis H., Alkubaisy D. and Dellagiacoma D. (2023). Goal-Modeling Privacy-by-Design Patterns for Supporting GDPR Compliance. In Proceedings of the 18th International Conference on Software Technologies - Volume 1: ICSOFT; ISBN 978-989-758-665-1, SciTePress, pages 361-368. DOI: 10.5220/0012080700003538

in Bibtex Style

@conference{icsoft23,
author={Mohammed Al-Obeidallah and Luca Piras and Onyinye Iloanugo and Haralambos Mouratidis and Duaa Alkubaisy and Daniele Dellagiacoma},
title={Goal-Modeling Privacy-by-Design Patterns for Supporting GDPR Compliance},
booktitle={Proceedings of the 18th International Conference on Software Technologies - Volume 1: ICSOFT},
year={2023},
pages={361-368},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012080700003538},
isbn={978-989-758-665-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 18th International Conference on Software Technologies - Volume 1: ICSOFT
TI - Goal-Modeling Privacy-by-Design Patterns for Supporting GDPR Compliance
SN - 978-989-758-665-1
AU - Al-Obeidallah M.
AU - Piras L.
AU - Iloanugo O.
AU - Mouratidis H.
AU - Alkubaisy D.
AU - Dellagiacoma D.
PY - 2023
SP - 361
EP - 368
DO - 10.5220/0012080700003538
PB - SciTePress