Towards a risk-driven methodology for privacy metrics development

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

10 Citations (Scopus)

Abstract

Large amounts of privacy-critical data are transferred, processed and stored in services like cloud computing. Sufficient and credible evidence of the actual privacy level of these kinds of services is needed to be able meet the increased privacy requirements. In this study, we propose a generic risk-driven methodology for development of privacy metrics. The methodology is based on privacy threat analysis, utilization of taxonomical information, and decomposition of privacy and system requirements. The stages of the methodology are discussed using cloud services as an example. Moreover, feasibility of the proposed approach is discussed. (28 refs.)
Original languageEnglish
Title of host publicationProceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010
Subtitle of host publicationSecond IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010
Place of PublicationLos Alamitos, CA, USA
PublisherInstitute of Electrical and Electronic Engineers IEEE
Pages1086-1092
ISBN (Print)978-1-4244-8439-3, 978-0-7695-4211-9
DOIs
Publication statusPublished - 2010
MoE publication typeA4 Article in a conference publication
EventIEEE Second International Conference on Social Computing, SocialCom 2010, Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010 - Minneapolis, MN, United States
Duration: 20 Aug 201022 Aug 2010

Conference

ConferenceIEEE Second International Conference on Social Computing, SocialCom 2010, Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010
Abbreviated titleSocialCom 2010 ; PASSAT 2010
CountryUnited States
CityMinneapolis, MN
Period20/08/1022/08/10

Fingerprint

Cloud computing
Decomposition

Cite this

Savola, R. (2010). Towards a risk-driven methodology for privacy metrics development. In Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010 (pp. 1086-1092). Los Alamitos, CA, USA: Institute of Electrical and Electronic Engineers IEEE. https://doi.org/10.1109/SocialCom.2010.161
Savola, Reijo. / Towards a risk-driven methodology for privacy metrics development. Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010. Los Alamitos, CA, USA : Institute of Electrical and Electronic Engineers IEEE, 2010. pp. 1086-1092
@inproceedings{59d5343c1ffc4362909d9ea6737b9fed,
title = "Towards a risk-driven methodology for privacy metrics development",
abstract = "Large amounts of privacy-critical data are transferred, processed and stored in services like cloud computing. Sufficient and credible evidence of the actual privacy level of these kinds of services is needed to be able meet the increased privacy requirements. In this study, we propose a generic risk-driven methodology for development of privacy metrics. The methodology is based on privacy threat analysis, utilization of taxonomical information, and decomposition of privacy and system requirements. The stages of the methodology are discussed using cloud services as an example. Moreover, feasibility of the proposed approach is discussed. (28 refs.)",
author = "Reijo Savola",
year = "2010",
doi = "10.1109/SocialCom.2010.161",
language = "English",
isbn = "978-1-4244-8439-3",
pages = "1086--1092",
booktitle = "Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010",
publisher = "Institute of Electrical and Electronic Engineers IEEE",
address = "United States",

}

Savola, R 2010, Towards a risk-driven methodology for privacy metrics development. in Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010. Institute of Electrical and Electronic Engineers IEEE, Los Alamitos, CA, USA, pp. 1086-1092, IEEE Second International Conference on Social Computing, SocialCom 2010, Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010, Minneapolis, MN, United States, 20/08/10. https://doi.org/10.1109/SocialCom.2010.161

Towards a risk-driven methodology for privacy metrics development. / Savola, Reijo.

Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010. Los Alamitos, CA, USA : Institute of Electrical and Electronic Engineers IEEE, 2010. p. 1086-1092.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Towards a risk-driven methodology for privacy metrics development

AU - Savola, Reijo

PY - 2010

Y1 - 2010

N2 - Large amounts of privacy-critical data are transferred, processed and stored in services like cloud computing. Sufficient and credible evidence of the actual privacy level of these kinds of services is needed to be able meet the increased privacy requirements. In this study, we propose a generic risk-driven methodology for development of privacy metrics. The methodology is based on privacy threat analysis, utilization of taxonomical information, and decomposition of privacy and system requirements. The stages of the methodology are discussed using cloud services as an example. Moreover, feasibility of the proposed approach is discussed. (28 refs.)

AB - Large amounts of privacy-critical data are transferred, processed and stored in services like cloud computing. Sufficient and credible evidence of the actual privacy level of these kinds of services is needed to be able meet the increased privacy requirements. In this study, we propose a generic risk-driven methodology for development of privacy metrics. The methodology is based on privacy threat analysis, utilization of taxonomical information, and decomposition of privacy and system requirements. The stages of the methodology are discussed using cloud services as an example. Moreover, feasibility of the proposed approach is discussed. (28 refs.)

U2 - 10.1109/SocialCom.2010.161

DO - 10.1109/SocialCom.2010.161

M3 - Conference article in proceedings

SN - 978-1-4244-8439-3

SN - 978-0-7695-4211-9

SP - 1086

EP - 1092

BT - Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010

PB - Institute of Electrical and Electronic Engineers IEEE

CY - Los Alamitos, CA, USA

ER -

Savola R. Towards a risk-driven methodology for privacy metrics development. In Proceedings of the IEEE Second International Conference on Social Computing, SocialCom 2010 : Second IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010. Los Alamitos, CA, USA: Institute of Electrical and Electronic Engineers IEEE. 2010. p. 1086-1092 https://doi.org/10.1109/SocialCom.2010.161