Bridging the Gap Between GPDR and Software Development: The MATERIALIST Framework-Reference-Cited by-同舟云学术

Bridging the Gap Between GPDR and Software Development: The MATERIALIST Framework

Published:2024-08-01 Issue: Volume: Page:
ISSN:
Container-title:
language:
Short-container-title:

Author:

Saltarella Marco^ORCID,Desolda Giuseppe^ORCID,Esposito Andrea^ORCID,Greco Francesco^ORCID,Lanzilotti Rosa^ORCID

Abstract

As software production evolves, privacy is becoming an increasingly important consideration. This is especially true as national and supranational regulations, such as GDPR, require privacy as a mandatory aspect of software development. However, challenges such as a lack of knowledge about privacy and data protection regulations hinder the adoption of effective and compliant privacy implementation mechanisms. To address this issue, this article presents MATERIALIST, a methodological and technological framework that supports stakeholders involved in a software development lifecycle in including GDPR in their activities. Specifically, it provides design patterns that can be selected starting from GDPR articles, code vulnerabilities, and software lifecycle phases. The framework aims to facilitate the adoption of appropriate privacy implementation mechanisms in the software development lifecycle, thereby improving software quality.

Funder

European Commission

Ministero dell’Istruzione, dell’Università e della Ricerca

Publisher

Springer Science and Business Media LLC

Reference47 articles.

1. (2022) 2022 Data Breach Investigations Report. In: Verizon Business. https://www.verizon.com/business/resources/reports/dbir/. Accessed 7 Nov 2022

2. IBM (2022) Cost of a data breach 2022. https://web.archive.org/web/20220930044228/www.ibm.com/reports/data-breach. Accessed 7 Nov 2022

3. Senarath A, Arachchilage NAG (2018) Why developers cannot embed privacy into software systems? An empirical investigation. In: Proceedings of the 22nd International Conference on Evaluation and Assessment in Software Engineering 2018. ACM, Christchurch New Zealand, pp 211–216

4. I’m all ears! Listening to software developers on putting GDPR principles into software development practice;Alhazmi A;Personal Uniquit Comput,2021

5. Alkubaisy D, Piras L, Al-Obeidallah MG et al (2021) A Framework for Privacy and Security Requirements Analysis and Conflict Resolution for Supporting GDPR Compliance Through Privacy-by-Design. In: International Conference on Evaluation of Novel Approaches to Software Engineering. Springer, pp 67–87