uu.seUppsala University Publications
Change search
ReferencesLink to record
Permanent link

Direct link
Design and Implementation of the advanced cloud privacy threat modeling
KTH Royal Institute of Technology.
Uppsala University, Disciplinary Domain of Humanities and Social Sciences, Faculty of Law, Department of Law. Uppsala University, Disciplinary Domain of Medicine and Pharmacy, Faculty of Medicine, Department of Public Health and Caring Sciences, Centre for Research Ethics and Bioethics.
Uppsala University, Disciplinary Domain of Humanities and Social Sciences, Faculty of Law, Department of Law. Uppsala University, Disciplinary Domain of Medicine and Pharmacy, Faculty of Medicine, Department of Public Health and Caring Sciences, Centre for Research Ethics and Bioethics.
Department of Medical Epidemiology and Biostatistics, Karolinska institutet.
Show others and affiliations
2016 (English)In: International Journal of Network Security & Its Applications, ISSN 0975-2307, E-ISSN 0974-9330, Vol. 8, no 2, 103-122 p.Article in journal (Refereed) Published
Abstract [en]

Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system. This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. In addition, a case study has been implemented as a proof of concept to demonstrate the usability of the proposed methodology. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design.

Place, publisher, year, edition, pages
2016. Vol. 8, no 2, 103-122 p.
Keyword [en]
Threat Modeling, Privacy, Method Engineering, Cloud Software Development
National Category
Law (excluding Law and Society)
Research subject
Public Law
Identifiers
URN: urn:nbn:se:uu:diva-286414OAI: oai:DiVA.org:uu-286414DiVA: diva2:926372
Projects
bbmri.se
Funder
Swedish Research Council
Available from: 2016-05-06 Created: 2016-04-20 Last updated: 2016-05-12

Open Access in DiVA

No full text

Search in DiVA

By author/editor
Lind, Anna-SaraReichel, Jane
By organisation
Department of LawCentre for Research Ethics and Bioethics
In the same journal
International Journal of Network Security & Its Applications
Law (excluding Law and Society)

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 112 hits
ReferencesLink to record
Permanent link

Direct link