Abstract
In recent years, privacy-compliant software development has become an important topic, especially with the emergence of the EU General Data Protection Regulation (GDPR). Existing practices of software development challenge privacy compliance by increasingly promoting reuse, adaptation and integration of existing software artifacts from organizational or open-source repositories. Methods and approaches have been introduced to accelerate and improve development through reuse on the one hand and to mitigate threats related to data privacy on the other hand. However, the operationalization of this body of knowledge for developing systems that intensively reuse software artifacts is understudied. Moreover, ontologies, taxonomies and frameworks developed to conceptualize, organize and model privacy requirements focus on forward engineering activities (software design and development), and are less oriented for application in existing software projects and artifacts that are considered for reuse and integration. The aim of this research is to create a framework aimed to investigate, explore and guide privacy-compliant software reuse, especially in open-source environments. To this end, we will follow a design science approach whose main artifact will be a privacy compliance assessment method. The method will be developed in three steps: (1) systematically reviewing and analyzing the state-of-the-art in privacy-compliant software reuse; (2) empirically studying open-source repositories (in particular, GitHub) for privacy discussions, including ontology-based machine learning method for privacy discussions identification; and (3) developing and evaluating a privacy assessment method, for supporting reuse decisions, utilizing the existing models and frameworks.
Original language | English |
---|---|
Journal | CEUR Workshop Proceedings |
Volume | 3618 |
State | Published - 2023 |
Event | 42nd International Conference on Conceptual Modeling: ER Forum, 7th Symposium on Conceptual Modeling Education, SCME 2023, Project Exhibitions, Posters and Demos, and Doctoral Consortium, ER-Companion 2023 - Lisbon, Portugal Duration: 6 Nov 2023 → 9 Nov 2023 |
Bibliographical note
Publisher Copyright:© 2023 CEUR-WS. All rights reserved.
Keywords
- Compliance
- GDPR
- Open-Source
- Privacy
- Software Development
- Software Reuse
ASJC Scopus subject areas
- General Computer Science