Engineering Privacy by Design - Lessons from the Design and Implementation of an Identity Wallet Platform
Fatbardh Veseli, Jetzabel Serna Olvera, Tobias Pulls, and Kai Rannenberg
The Privacy-by-Design (PbD) paradigm defines key principles that should be applied during the design of a system. However, when designing a concrete system architecture, this is not straightforward, since no reference set of corresponding technical guidelines exists. We followed the LINDDUN framework as a methodological guide for performing a privacy analysis to the cloud-based identity wallet platform during the design of its architecture. In doing so, we identified the need to adapt and extend LINDDUN. First, we introduce the concept of constraints as an important step in the assessment framework. Next, we convert the application of LINDDUN steps from a linear to an iterative process. Furthermore, we propose new (types of) mechanisms for mitigating identified privacy threats. Finally, we demonstrate our proposed approach with concrete examples from our assessment in the European project CREDENTIAL.
The 34th ACM/SIGAPP Symposium On Applied Computing
Place and Date
Limassol, Cyprus, April 8-12, 2019