Accession Number:

ADA512390

Title:

Privacy Risk Assessment Case Studies in Support of SQUARE

Descriptive Note:

Final rept.

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING INST

Report Date:

2009-07-01

Pagination or Media Count:

45.0

Abstract:

This report contributes to further development of the Security Quality Requirements Engineering SQUARE method to support privacy. Risk assessment is Step 4 in the standard SQUARE process. The report examines privacy definitions, privacy regulations, and risk assessment techniques for privacy. The risk assessment techniques are classified using a standard method, and promising techniques are applied to two case studies. The case study results are provided along with future plans for SQUARE in support of Privacy. Software-intensive systems are widely used for the rapid storage and retrieval of data. We trust that all types of data will reside in these systems and easily be transferred to other systems. This high level of trust poses certain privacy risks for sensitive information. If these risks are identified, we will be able to understand the potential consequences and establish the necessary preventative measures. This report summarizes the assessment of risks while focusing primarily on privacy concerns.

Subject Categories:

  • Information Science
  • Computer Programming and Software
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE