Академический Документы
Профессиональный Документы
Культура Документы
In this context, this project aims to apply PbD principles in the design of the architecture for a privacy-
enhanced cloud-based platform. This work consists on the investigation comparatively of existing
approaches for a real use case as like Igloo Project by Penguin Formula and SocialCoin. [4, 5] Therefore,
it aims to identify further improvement points and goes one step further by providing concrete
enhancements to the evaluated methods in terms of: i) productivity; ii) case of use; and iii) reliability. In
an effort to perform this systematically, we aim to evaluate the LINDDUN, STRIDE and PRIPARE methods
as privacy threat modelling frameworks to mitigate such threats[6, 7, 8]
References:
[1] Buocz, T., Ehrke-Rabel, T., Hödl, E., & Eisenberger, I. (2019). Bitcoin and the GDPR: Allocating
responsibility in distributed networks. Computer Law & Security Review, 35(2), 182-198.
[2] Fabiano, N. (2017, June). Internet of Things and blockchain: legal issues and privacy. The challenge for
a privacy standard. In 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green
Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom)
and IEEE Smart Data (SmartData) (pp. 727-734). IEEE.
[3] Russo, B., Valle, L., Bonzagni, G., Locatello, D., Pancaldi, M., & Tosi, D. (2018). Cloud Computing and
the New EU General Data Protection Regulation. IEEE Cloud Computing, 5(6), 58-68.
an Dijk, N., Tanas, A., Rommetveit, K., & Raab, C. (2018). Right engineering? The redesign of privacy
[4] V
and personal data protection. International Review of Law, Computers & Technology, 32(2-3), 230-256.
[5] Mina Deng, Kim Wuyts, Riccardo Scandariato, Bart Preneel, and Wouter Joosen. 2011. A privacy
threat analysis framework: supporting the elicitation and fulfillment of privacy requirements.
Requirements Engineering 16, 1 (2011), 3–32.
[6] Khan, R., McLaughlin, K., Laverty, D., & Sezer, S. (2017, September). STRIDE-based threat modeling for
cyber-physical systems. In 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe
(ISGT-Europe) (pp. 1-6). IEEE.
[7] Notario, N., Crespo, A., Martín, Y. S., Del Alamo, J. M., Le Métayer, D., Antignac, T., ... & Wright, D.
(2015, May). PRIPARE: integrating privacy best practices into a privacy engineering methodology. In 2015
IEEE Security and Privacy Workshops (pp. 151-158). IEEE.
[8] Kung, A., Kargl, F., Suppan, S., Cuellar, J., Pöhls, H. C., Kapovits, A., ... & Martin, Y. S. (2017). A privacy
engineering framework for the internet of things. In Data Protection and Privacy:(In) visibilities and
Infrastructures (pp. 163-202). Springer, Cham.
Requisitos (e.g. média, disciplinas concluídas): It is intended that the student has good knowledge of
programming, log audits, inspection of source codes, information security. It is also appreciated that the
student has some GDPR concepts, as well as the desire to learn and compose .
Resultado esperado (protótipo, algoritmo, software, demonstração, …): As a final result of this work, it is
expected that the student can develop a software algorithm for detection, vulnerability assessment and
the accomplishment of a set of tests that allows to evaluate the same.