A holistic list of privacy-preserving measures for system development life cycles

Alida Hills; Adéle Da Veiga; Mariaan Loock; Karen Renaud

doi:10.1007/978-3-031-84078-4_20

A holistic list of privacy-preserving measures for system development life cycles

Alida Hills, Adéle Da Veiga, Mariaan Loock, Karen Renaud

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

1 Downloads (Pure)

Abstract

Personal information, as a key resource for companies, must be kept confidential as per the relevant data protection regulations. The same data protection regulations provide employees and customers the right to control their personal information. IT software is used to create, edit, store, and delete this personal information. However, cyber-attacks, security concerns, and data breaches relating to the personal information of customers and employees occur at an alarming rate, violating the confidentiality and privacy of said customers and employees. Privacy by Design (PbD) should be embedded into traditional Information Technology (IT) software development life cycles (SDLCs) to minimise data loss or breaches of personal information to aid in ensuring end-to-end privacy and confidentiality of personal data. Moreover, IT software must comply with data protection regulations to minimise data loss or breaches of personal information. A scoping literature review was conducted to gain insight into PbD and data protection regulations principles that are embedded into IT SDLC phases. Relevant articles were analysed using a qualitative approach. Privacy-preserving measures are identified that can be used to meet the PbD and data protection regulations requirements. The contribution of this paper is a holistic list of privacy-preserving measures that can be utilised to embed privacy considerations data protection regulations into the IT SDLC phases.

Original language	English
Title of host publication	Advanced Research in Technologies, Information, Innovation and Sustainability
Subtitle of host publication	4th International Conference, ARTIIS 2024, Santiago de Chile, Chile, October 21–23, 2024, Revised Selected Papers, Part III
Editors	Teresa Guarda, Filipe Portela, Gustavo Gatica
Place of Publication	Cham
Publisher	Springer
Pages	283-300
Number of pages	18
ISBN (Electronic)	9783031840784
ISBN (Print)	9783031840777
DOIs	https://doi.org/10.1007/978-3-031-84078-4_20
Publication status	Published - 13 Mar 2025
Event	International Conference on Advanced Research in Technologies, Information, Innovation and Sustainability 2024 - Universidad Andrés Bello, Santiago de Chile, Chile Duration: 21 Oct 2024 → 23 Oct 2024 https://www.artiis.org/past-edition/artiis-2024

Publication series

Name	Communications in Computer and Information Science
Publisher	Springer
Volume	2347
ISSN (Print)	1865-0929
ISSN (Electronic)	1865-0937

Conference

Conference	International Conference on Advanced Research in Technologies, Information, Innovation and Sustainability 2024
Abbreviated title	ARTIIS 2024
Country/Territory	Chile
City	Santiago de Chile
Period	21/10/24 → 23/10/24
Internet address	https://www.artiis.org/past-edition/artiis-2024

Keywords

software development life cycle (SDLC)
privacy
privacy by design (PbD)
data protection regulations

Access to Document

10.1007/978-3-031-84078-4_20

Hills-etal-ARTIIS-2024-A-holistic-list-of-privacy-preserving-measuresAccepted author manuscript, 942 KBLicence: CC BY 4.0

Cite this

Hills, A., Da Veiga, A., Loock, M., & Renaud, K. (2025). A holistic list of privacy-preserving measures for system development life cycles. In T. Guarda, F. Portela, & G. Gatica (Eds.), Advanced Research in Technologies, Information, Innovation and Sustainability: 4th International Conference, ARTIIS 2024, Santiago de Chile, Chile, October 21–23, 2024, Revised Selected Papers, Part III (pp. 283-300). (Communications in Computer and Information Science; Vol. 2347). Springer. https://doi.org/10.1007/978-3-031-84078-4_20

Hills, Alida ; Da Veiga, Adéle ; Loock, Mariaan et al. / A holistic list of privacy-preserving measures for system development life cycles. Advanced Research in Technologies, Information, Innovation and Sustainability: 4th International Conference, ARTIIS 2024, Santiago de Chile, Chile, October 21–23, 2024, Revised Selected Papers, Part III. editor / Teresa Guarda ; Filipe Portela ; Gustavo Gatica. Cham : Springer, 2025. pp. 283-300 (Communications in Computer and Information Science).

@inproceedings{07584f562ed144328633d57718749ee1,

title = "A holistic list of privacy-preserving measures for system development life cycles",

abstract = "Personal information, as a key resource for companies, must be kept confidential as per the relevant data protection regulations. The same data protection regulations provide employees and customers the right to control their personal information. IT software is used to create, edit, store, and delete this personal information. However, cyber-attacks, security concerns, and data breaches relating to the personal information of customers and employees occur at an alarming rate, violating the confidentiality and privacy of said customers and employees. Privacy by Design (PbD) should be embedded into traditional Information Technology (IT) software development life cycles (SDLCs) to minimise data loss or breaches of personal information to aid in ensuring end-to-end privacy and confidentiality of personal data. Moreover, IT software must comply with data protection regulations to minimise data loss or breaches of personal information. A scoping literature review was conducted to gain insight into PbD and data protection regulations principles that are embedded into IT SDLC phases. Relevant articles were analysed using a qualitative approach. Privacy-preserving measures are identified that can be used to meet the PbD and data protection regulations requirements. The contribution of this paper is a holistic list of privacy-preserving measures that can be utilised to embed privacy considerations data protection regulations into the IT SDLC phases.",

keywords = "software development life cycle (SDLC), privacy, privacy by design (PbD), data protection regulations",

author = "Alida Hills and {Da Veiga}, Ad{\'e}le and Mariaan Loock and Karen Renaud",

year = "2025",

month = mar,

day = "13",

doi = "10.1007/978-3-031-84078-4_20",

language = "English",

isbn = "9783031840777",

series = "Communications in Computer and Information Science",

publisher = "Springer",

pages = "283--300",

editor = "Teresa Guarda and Filipe Portela and Gustavo Gatica",

booktitle = "Advanced Research in Technologies, Information, Innovation and Sustainability",

note = "International Conference on Advanced Research in Technologies, Information, Innovation and Sustainability 2024, ARTIIS 2024 ; Conference date: 21-10-2024 Through 23-10-2024",

url = "https://www.artiis.org/past-edition/artiis-2024",

}

Hills, A, Da Veiga, A, Loock, M & Renaud, K 2025, A holistic list of privacy-preserving measures for system development life cycles. in T Guarda, F Portela & G Gatica (eds), Advanced Research in Technologies, Information, Innovation and Sustainability: 4th International Conference, ARTIIS 2024, Santiago de Chile, Chile, October 21–23, 2024, Revised Selected Papers, Part III. Communications in Computer and Information Science, vol. 2347, Springer, Cham, pp. 283-300, International Conference on Advanced Research in Technologies, Information, Innovation and Sustainability 2024, Santiago de Chile, Chile, 21/10/24. https://doi.org/10.1007/978-3-031-84078-4_20

A holistic list of privacy-preserving measures for system development life cycles. / Hills, Alida; Da Veiga, Adéle; Loock, Mariaan et al.
Advanced Research in Technologies, Information, Innovation and Sustainability: 4th International Conference, ARTIIS 2024, Santiago de Chile, Chile, October 21–23, 2024, Revised Selected Papers, Part III. ed. / Teresa Guarda; Filipe Portela; Gustavo Gatica. Cham: Springer, 2025. p. 283-300 (Communications in Computer and Information Science; Vol. 2347).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

TY - GEN

T1 - A holistic list of privacy-preserving measures for system development life cycles

AU - Hills, Alida

AU - Da Veiga, Adéle

AU - Loock, Mariaan

AU - Renaud, Karen

PY - 2025/3/13

Y1 - 2025/3/13

N2 - Personal information, as a key resource for companies, must be kept confidential as per the relevant data protection regulations. The same data protection regulations provide employees and customers the right to control their personal information. IT software is used to create, edit, store, and delete this personal information. However, cyber-attacks, security concerns, and data breaches relating to the personal information of customers and employees occur at an alarming rate, violating the confidentiality and privacy of said customers and employees. Privacy by Design (PbD) should be embedded into traditional Information Technology (IT) software development life cycles (SDLCs) to minimise data loss or breaches of personal information to aid in ensuring end-to-end privacy and confidentiality of personal data. Moreover, IT software must comply with data protection regulations to minimise data loss or breaches of personal information. A scoping literature review was conducted to gain insight into PbD and data protection regulations principles that are embedded into IT SDLC phases. Relevant articles were analysed using a qualitative approach. Privacy-preserving measures are identified that can be used to meet the PbD and data protection regulations requirements. The contribution of this paper is a holistic list of privacy-preserving measures that can be utilised to embed privacy considerations data protection regulations into the IT SDLC phases.

AB - Personal information, as a key resource for companies, must be kept confidential as per the relevant data protection regulations. The same data protection regulations provide employees and customers the right to control their personal information. IT software is used to create, edit, store, and delete this personal information. However, cyber-attacks, security concerns, and data breaches relating to the personal information of customers and employees occur at an alarming rate, violating the confidentiality and privacy of said customers and employees. Privacy by Design (PbD) should be embedded into traditional Information Technology (IT) software development life cycles (SDLCs) to minimise data loss or breaches of personal information to aid in ensuring end-to-end privacy and confidentiality of personal data. Moreover, IT software must comply with data protection regulations to minimise data loss or breaches of personal information. A scoping literature review was conducted to gain insight into PbD and data protection regulations principles that are embedded into IT SDLC phases. Relevant articles were analysed using a qualitative approach. Privacy-preserving measures are identified that can be used to meet the PbD and data protection regulations requirements. The contribution of this paper is a holistic list of privacy-preserving measures that can be utilised to embed privacy considerations data protection regulations into the IT SDLC phases.

KW - software development life cycle (SDLC)

KW - privacy

KW - privacy by design (PbD)

KW - data protection regulations

UR - https://www.artiis.org/past-edition/artiis-2024

UR - https://doi.org/10.17868/strath.00090879

U2 - 10.1007/978-3-031-84078-4_20

DO - 10.1007/978-3-031-84078-4_20

M3 - Conference contribution book

SN - 9783031840777

T3 - Communications in Computer and Information Science

SP - 283

EP - 300

BT - Advanced Research in Technologies, Information, Innovation and Sustainability

A2 - Guarda, Teresa

A2 - Portela, Filipe

A2 - Gatica, Gustavo

PB - Springer

CY - Cham

T2 - International Conference on Advanced Research in Technologies, Information, Innovation and Sustainability 2024

Y2 - 21 October 2024 through 23 October 2024

ER -

Hills A, Da Veiga A, Loock M, Renaud K. A holistic list of privacy-preserving measures for system development life cycles. In Guarda T, Portela F, Gatica G, editors, Advanced Research in Technologies, Information, Innovation and Sustainability: 4th International Conference, ARTIIS 2024, Santiago de Chile, Chile, October 21–23, 2024, Revised Selected Papers, Part III. Cham: Springer. 2025. p. 283-300. (Communications in Computer and Information Science). Epub 2025 Mar 12. doi: 10.1007/978-3-031-84078-4_20

A holistic list of privacy-preserving measures for system development life cycles

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this