Addressing Privacy in Traditional and Cloud-Based Systems

Abstract

A major challenge in the field of software engineering is to make users trust the software that they use in their everyday activities for professional or recreational reasons. Amid the main criteria that formulate users' trust is the way that that their privacy is protected. Indeed, privacy violation is an issue of great importance for active online users that daily accomplish several transactions that may convey personal data, sensitive personal data, employee data, credit card data and so on. In addition, the appearance of cloud computing has elevated the number of personally identifiable information that users provide in order to gain access to various services, further raising user concerns as to how and to what extend information about them is communicated to others. The aim of this work is to elevate the modern practices for ensuring privacy during software systems design. To this end, the basic privacy requirements that should be considered during system analysis are introduced. Additionally, a number of well-known methods that have been introduced in the research area of requirements engineering which aim on eliciting and modeling privacy requirements during system design are introduced and critically analyzed. The work completes with a discussion of the additional security and privacy concepts that should be considered in the context of cloud-based information systems and how these affect current research.