Design and Implementation of the Advanced Cloud Privacy Threat Modeling

20 Pages Posted: 21 Mar 2024

See all articles by Ali Gholam

Ali Gholam

Royal Institute of Technology (KTH) - Stockholm Exergi

Anna Lind

SINTEF Energy Research

Jane Reichel

Faculty of Law, Uppsala University, Sweden

Jan-Eric Litton

Royal Institute of Technology (KTH) - Stockholm Exergi

Ake Edlund

Royal Institute of Technology (KTH) - Stockholm Exergi

Erwin Laure

Royal Institute of Technology (KTH) - Stockholm Exergi

Brendon Clarke

Independent

Date Written: March 29, 2016

Abstract

Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system. This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. In addition, a case study has been implemented as a proof of concept to demonstrate the usability of the proposed methodology. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design.

Note:

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Keywords: Threat Modeling, Privacy, Method Engineering, Cloud Software Development

Suggested Citation

Gholam, Ali and Lind, Anna and Reichel, Jane and Litton, Jan-Eric and Edlund, Ake and Laure, Erwin and Clarke, Brendon, Design and Implementation of the Advanced Cloud Privacy Threat Modeling (March 29, 2016). Available at SSRN: https://ssrn.com/abstract=4733971 or http://dx.doi.org/10.2139/ssrn.4733971

Ali Gholam

Royal Institute of Technology (KTH) - Stockholm Exergi

Anna Lind

SINTEF Energy Research

Kolbjørn Hejes vei 1A
Trondheim, NO-7034
Norway

Jane Reichel

Faculty of Law, Uppsala University, Sweden ( email )

Faculty of Law Box 512
Uppsala, SE-751 20
Sweden

Jan-Eric Litton

Royal Institute of Technology (KTH) - Stockholm Exergi

Ake Edlund

Royal Institute of Technology (KTH) - Stockholm Exergi

Erwin Laure

Royal Institute of Technology (KTH) - Stockholm Exergi

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
8
Abstract Views
46
PlumX Metrics