Home > Research > Publications & Outputs > Privacy-by-design based on quantitative threat ...

Research

Associated organisational unit

Links

Text available via DOI:

Keywords

View graph of relations

Privacy-by-design based on quantitative threat modeling

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

Privacy-by-design based on quantitative threat modeling. / Luna, J.; Suri, Neeraj; Krontiris, I.
2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS). IEEE, 2012.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Luna, J, Suri, N & Krontiris, I 2012, Privacy-by-design based on quantitative threat modeling. in 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS). IEEE. https://doi.org/10.1109/CRISIS.2012.6378941

APA

Luna, J., Suri, N., & Krontiris, I. (2012). Privacy-by-design based on quantitative threat modeling. In 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS) IEEE. https://doi.org/10.1109/CRISIS.2012.6378941

Vancouver

Luna J, Suri N, Krontiris I. Privacy-by-design based on quantitative threat modeling. In 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS). IEEE. 2012 doi: 10.1109/CRISIS.2012.6378941

Author

Luna, J. ; Suri, Neeraj ; Krontiris, I. / Privacy-by-design based on quantitative threat modeling. 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS). IEEE, 2012.

Bibtex

@inproceedings{7c424397773c4bc5816b7c5cbae8f2ab,
title = "Privacy-by-design based on quantitative threat modeling",
abstract = "While the general concept of {"}Privacy-by-Design (PbD){"} is increasingly a popular one, there is considerable paucity of either rigorous or quantitative underpinnings supporting PbD. Drawing upon privacy-aware modeling techniques, this paper proposes a quantitative threat modeling methodology (QTMM) that can be used to draw objective conclusions about different privacy-related attacks that might compromise a service. The proposed QTMM has been empirically validated in the context of the EU project ABC4Trust, where the end-users actually elicited security and privacy requirements of the so-called privacy-Attribute Based Credentials (privacy-ABCs) in a real-world scenario. Our overall objective, is to provide architects of privacy-respecting systems with a set of quantitative and automated tools to help decide across functional system requirements and the corresponding trade-offs (security, privacy and economic), that should be taken into account before the actual deployment of their services. {\textcopyright} 2012 IEEE.",
keywords = "Automated tools, End-users, Functional systems, Modeling technique, Real-world scenario, Security and privacy, Threat modeling, Computer privacy, Internet, Security of data",
author = "J. Luna and Neeraj Suri and I. Krontiris",
year = "2012",
month = oct,
day = "10",
doi = "10.1109/CRISIS.2012.6378941",
language = "English",
isbn = "9781467330879",
booktitle = "2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS)",
publisher = "IEEE",

}

RIS

TY - GEN

T1 - Privacy-by-design based on quantitative threat modeling

AU - Luna, J.

AU - Suri, Neeraj

AU - Krontiris, I.

PY - 2012/10/10

Y1 - 2012/10/10

N2 - While the general concept of "Privacy-by-Design (PbD)" is increasingly a popular one, there is considerable paucity of either rigorous or quantitative underpinnings supporting PbD. Drawing upon privacy-aware modeling techniques, this paper proposes a quantitative threat modeling methodology (QTMM) that can be used to draw objective conclusions about different privacy-related attacks that might compromise a service. The proposed QTMM has been empirically validated in the context of the EU project ABC4Trust, where the end-users actually elicited security and privacy requirements of the so-called privacy-Attribute Based Credentials (privacy-ABCs) in a real-world scenario. Our overall objective, is to provide architects of privacy-respecting systems with a set of quantitative and automated tools to help decide across functional system requirements and the corresponding trade-offs (security, privacy and economic), that should be taken into account before the actual deployment of their services. © 2012 IEEE.

AB - While the general concept of "Privacy-by-Design (PbD)" is increasingly a popular one, there is considerable paucity of either rigorous or quantitative underpinnings supporting PbD. Drawing upon privacy-aware modeling techniques, this paper proposes a quantitative threat modeling methodology (QTMM) that can be used to draw objective conclusions about different privacy-related attacks that might compromise a service. The proposed QTMM has been empirically validated in the context of the EU project ABC4Trust, where the end-users actually elicited security and privacy requirements of the so-called privacy-Attribute Based Credentials (privacy-ABCs) in a real-world scenario. Our overall objective, is to provide architects of privacy-respecting systems with a set of quantitative and automated tools to help decide across functional system requirements and the corresponding trade-offs (security, privacy and economic), that should be taken into account before the actual deployment of their services. © 2012 IEEE.

KW - Automated tools

KW - End-users

KW - Functional systems

KW - Modeling technique

KW - Real-world scenario

KW - Security and privacy

KW - Threat modeling

KW - Computer privacy

KW - Internet

KW - Security of data

U2 - 10.1109/CRISIS.2012.6378941

DO - 10.1109/CRISIS.2012.6378941

M3 - Conference contribution/Paper

SN - 9781467330879

BT - 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS)

PB - IEEE

ER -