Incorporating privacy patterns into semi-automatic business process derivation


As of July 2018 University of Brighton Repository is no longer updated. Please see our new repository at

Argyropoulos, Nikolaos, Kalloniatis, Christos, Mouratidis, Haralambos and Fish, Andrew (2016) Incorporating privacy patterns into semi-automatic business process derivation In: 2016 IEEE Tenth International Conference on Research Challenges in Information Science (RCIS), Grenoble, France, 1-3 June 2016.

[img] Text
PID4212663.pdf - Accepted Version

Download (776kB)


The design of systems capable of protecting users' privacy is a challenging endeavour. Since users are becoming more concerned about the amounts of their personal data handled, stored and shared by such systems it is imperative to identify methods for developing privacy-aware information systems. Current approaches either focus on the elicitation of user requirements at an abstract high level or approach the issue of privacy exclusively from a technical point of view. As a result, privacy implementations are often misaligned with the overarching system goals. This work improves the current situation by presenting an approach for the design of privacy-aware business processes. Goal models are created as a first step, for privacy requirements elicitation, and are then transformed into process models, thus bridging the gap between high level goals and low level processes. Privacy process patterns are utilised for the final instantiation of process models, achieving the satisfaction of the identified privacy objectives through the integration of privacy enhancing technologies. The main advantage of the proposed approach is its ability to map privacy from the strategic to the operational level through a semi-automatic process while offering designers adequate guidance to its operationalisation via the use of process patterns.

Item Type: Contribution to conference proceedings in the public domain ( Full Paper)
Additional Information: © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Subjects: G000 Computing and Mathematical Sciences > G500 Information Systems
G000 Computing and Mathematical Sciences > G600 Software Engineering > G610 Software Design
G000 Computing and Mathematical Sciences > G600 Software Engineering
DOI (a stable link to the resource): 10.1109/RCIS.2016.7549305
Depositing User: Converis
Date Deposited: 09 Feb 2017 03:01
Last Modified: 09 Feb 2017 09:29

Actions (login required)

View Item View Item


Downloads per month over past year