Repository logo
 

PIP: A (Privacy) Injection Pattern for Inserting Privacy Patterns and Services in Software

Date

2015

Authors

Ali, Naureen

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Sensitive data may be leaked in many ways, and misuse of personal data from information systems is very common. It is challenging to implement privacy services in existing applications without affecting other modules. We propose the concept of a master privacy injection pattern (PIP) for software engineers to use to automate dynamically “injecting” existing privacy patterns in existing or new software without modifying its code, or in some cases modifying the code to a very small extent. We illustrate our new PIP and the simplicity of its implementation with the use cases that inject well-known de-identification patterns in a banking application and a hospital management system. Early evaluation results for PIP from a small survey of practising software engineering professionals are encouraging. The majority of respondents believe that the PIP is beneficial, easy to implement, and 85% of the participants stated their intention to use the pattern.

Description

Keywords

Privacy Pattern, Privacy injection, Privacy services, Aspect Oriented programming, Mocking, Dependency Injection

Citation