Towards a risk-driven methodology for privacy metrics development

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    10 Citations (Scopus)

    Abstract

    Large amounts of privacy-critical data are transferred, processed and stored in services like cloud computing. Sufficient and credible evidence of the actual privacy level of these kinds of services is needed to be able meet the increased privacy requirements. In this study, we propose a generic risk-driven methodology for development of privacy metrics. The methodology is based on privacy threat analysis, utilization of taxonomical information, and decomposition of privacy and system requirements. The stages of the methodology are discussed using cloud services as an example. Moreover, feasibility of the proposed approach is discussed. (28 refs.)
    Original languageEnglish
    Title of host publicationProceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010
    Subtitle of host publicationSecond IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010
    Place of PublicationLos Alamitos, CA, USA
    PublisherIEEE Institute of Electrical and Electronic Engineers
    Pages1086-1092
    ISBN (Print)978-1-4244-8439-3, 978-0-7695-4211-9
    DOIs
    Publication statusPublished - 2010
    MoE publication typeA4 Article in a conference publication
    EventIEEE Second International Conference on Social Computing, SocialCom 2010, Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010 - Minneapolis, MN, United States
    Duration: 20 Aug 201022 Aug 2010

    Conference

    ConferenceIEEE Second International Conference on Social Computing, SocialCom 2010, Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010
    Abbreviated titleSocialCom 2010 ; PASSAT 2010
    CountryUnited States
    CityMinneapolis, MN
    Period20/08/1022/08/10

    Fingerprint

    Cloud computing
    Decomposition

    Cite this

    Savola, R. (2010). Towards a risk-driven methodology for privacy metrics development. In Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010 (pp. 1086-1092). Los Alamitos, CA, USA: IEEE Institute of Electrical and Electronic Engineers . https://doi.org/10.1109/SocialCom.2010.161
    Savola, Reijo. / Towards a risk-driven methodology for privacy metrics development. Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010. Los Alamitos, CA, USA : IEEE Institute of Electrical and Electronic Engineers , 2010. pp. 1086-1092
    @inproceedings{59d5343c1ffc4362909d9ea6737b9fed,
    title = "Towards a risk-driven methodology for privacy metrics development",
    abstract = "Large amounts of privacy-critical data are transferred, processed and stored in services like cloud computing. Sufficient and credible evidence of the actual privacy level of these kinds of services is needed to be able meet the increased privacy requirements. In this study, we propose a generic risk-driven methodology for development of privacy metrics. The methodology is based on privacy threat analysis, utilization of taxonomical information, and decomposition of privacy and system requirements. The stages of the methodology are discussed using cloud services as an example. Moreover, feasibility of the proposed approach is discussed. (28 refs.)",
    author = "Reijo Savola",
    year = "2010",
    doi = "10.1109/SocialCom.2010.161",
    language = "English",
    isbn = "978-1-4244-8439-3",
    pages = "1086--1092",
    booktitle = "Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010",
    publisher = "IEEE Institute of Electrical and Electronic Engineers",
    address = "United States",

    }

    Savola, R 2010, Towards a risk-driven methodology for privacy metrics development. in Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010. IEEE Institute of Electrical and Electronic Engineers , Los Alamitos, CA, USA, pp. 1086-1092, IEEE Second International Conference on Social Computing, SocialCom 2010, Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010, Minneapolis, MN, United States, 20/08/10. https://doi.org/10.1109/SocialCom.2010.161

    Towards a risk-driven methodology for privacy metrics development. / Savola, Reijo.

    Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010. Los Alamitos, CA, USA : IEEE Institute of Electrical and Electronic Engineers , 2010. p. 1086-1092.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    TY - GEN

    T1 - Towards a risk-driven methodology for privacy metrics development

    AU - Savola, Reijo

    PY - 2010

    Y1 - 2010

    N2 - Large amounts of privacy-critical data are transferred, processed and stored in services like cloud computing. Sufficient and credible evidence of the actual privacy level of these kinds of services is needed to be able meet the increased privacy requirements. In this study, we propose a generic risk-driven methodology for development of privacy metrics. The methodology is based on privacy threat analysis, utilization of taxonomical information, and decomposition of privacy and system requirements. The stages of the methodology are discussed using cloud services as an example. Moreover, feasibility of the proposed approach is discussed. (28 refs.)

    AB - Large amounts of privacy-critical data are transferred, processed and stored in services like cloud computing. Sufficient and credible evidence of the actual privacy level of these kinds of services is needed to be able meet the increased privacy requirements. In this study, we propose a generic risk-driven methodology for development of privacy metrics. The methodology is based on privacy threat analysis, utilization of taxonomical information, and decomposition of privacy and system requirements. The stages of the methodology are discussed using cloud services as an example. Moreover, feasibility of the proposed approach is discussed. (28 refs.)

    U2 - 10.1109/SocialCom.2010.161

    DO - 10.1109/SocialCom.2010.161

    M3 - Conference article in proceedings

    SN - 978-1-4244-8439-3

    SN - 978-0-7695-4211-9

    SP - 1086

    EP - 1092

    BT - Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010

    PB - IEEE Institute of Electrical and Electronic Engineers

    CY - Los Alamitos, CA, USA

    ER -

    Savola R. Towards a risk-driven methodology for privacy metrics development. In Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010. Los Alamitos, CA, USA: IEEE Institute of Electrical and Electronic Engineers . 2010. p. 1086-1092 https://doi.org/10.1109/SocialCom.2010.161