Incorporating privacy patterns into semi-automatic business process derivation

Nikolaos Argyropoulos, Christos Kalloniatis, Haralambos Mouratidis, Andrew Fish

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBNpeer-review


The design of systems capable of protecting users' privacy is a challenging endeavour. Since users are becoming more concerned about the amounts of their personal data handled, stored and shared by such systems it is imperative to identify methods for developing privacy-aware information systems. Current approaches either focus on the elicitation of user requirements at an abstract high level or approach the issue of privacy exclusively from a technical point of view. As a result, privacy implementations are often misaligned with the overarching system goals. This work improves the current situation by presenting an approach for the design of privacy-aware business processes. Goal models are created as a first step, for privacy requirements elicitation, and are then transformed into process models, thus bridging the gap between high level goals and low level processes. Privacy process patterns are utilised for the final instantiation of process models, achieving the satisfaction of the identified privacy objectives through the integration of privacy enhancing technologies. The main advantage of the proposed approach is its ability to map privacy from the strategic to the operational level through a semi-automatic process while offering designers adequate guidance to its operationalisation via the use of process patterns.
Original languageEnglish
Title of host publication2016 IEEE Tenth International Conference on Research Challenges in Information Science (RCIS)
Place of PublicationPiscataway, NJ
Number of pages12
ISBN (Print)9781479987115
Publication statusPublished - 25 Aug 2016
Event2016 IEEE Tenth International Conference on Research Challenges in Information Science (RCIS) - Grenoble, France, 1-3 June 2016
Duration: 25 Aug 2016 → …


Conference2016 IEEE Tenth International Conference on Research Challenges in Information Science (RCIS)
Period25/08/16 → …

Bibliographical note

© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.


Dive into the research topics of 'Incorporating privacy patterns into semi-automatic business process derivation'. Together they form a unique fingerprint.

Cite this