REFSQ 2024
Mon 8 - Thu 11 April 2024 Winterthur, Switzerland

[Context and Motivation] Privacy requirements engineering is a critical aspect of software design to ensure that user data is protected in accordance with both regulatory and privacy objectives. The privacy requirements identified through this process can be addressed using various privacy design patterns. [Question/Problem] Identifying and implementing the most suitable privacy design patterns poses a major challenge for developers. They need to meticulously examine a wide range of options, which makes it challenging to quickly and effectively choose and justify the best solutions. [Key Ideas/Results] To address this gap, we developed a machine learning model that focuses on semantic text features and learning-to-rank algorithms to recommend privacy design patterns that meet specified privacy requirements. [Contribution] The main contribution of this paper is the development of a recommendation system for privacy design patterns based on privacy requirements using only text-based attributes. The flexibility of our model allows it to be universally applicable and not limited to specific mappings as is common in previous methods. The performance of the model has shown encouraging results in understanding the semantic meaning of privacy requirements and mapping them to privacy design patterns, indicating its suitability for inclusion in the privacy engineering process.

Tue 9 Apr

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

16:00 - 17:30
Quality Requirements (R6)Research Track at Vorhangsaal Conference room MA-E0.46
Chair(s): Emilio Insfran Universitat Politècnica de València, Spain
16:00
40m
Talk
Assessing the Understandability of Attack-Defense Trees for Modelling Security Requirements: an Experimental InvestigationScientific evaluationBest Paper Candidate
Research Track
P: Giovanna Broccia ISTI-CNR, FMT Lab, A: Maurice ter Beek ISTI-CNR, Pisa, Italy, A: Alberto Lluch Lafuente Technical University of Denmark, A: Paola Spoletini Kennesaw State University, A: Alessio Ferrari CNR-ISTI, D: Guntur Budi Herwanto Universitas Gadjah Mada
File Attached
16:40
40m
Talk
Learning to Rank Privacy Design Patterns: A Semantic Approach to Meeting Privacy RequirementsTechnical design
Research Track
P: Guntur Budi Herwanto Universitas Gadjah Mada, A: Gerald Quirchmayr University of Vienna, A: A Min Tjoa Faculty of Informatics, TU Wien, D: Giovanna Broccia ISTI-CNR, FMT Lab