UML for Inclusion of Privacy in Software Modeling
Date
2013-04-29
Authors
Ali, Sohail
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Online commerce and service obtain much private data from users. Collection, storage, management, and use of private data are subject to various privacy laws, regulations, and standards. To adhere to legal requirements, many privacy services, such as security, notice, and consent, are required. Inclusion of the required privacy services early in the life cycle of the software development is preferred and advocated. We extend UML use case diagrams with privacy components to represent example privacy services. These components are used to visually model privacy requirements in the analysis phase of the SDLC. We create a prototype by extending Microsoft Visio, a popular UML modeling tool, with our proposed privacy components. In summary, we show how privacy services may be specified in UML use case diagrams rather than adding privacy as an afterthought to software systems and services. The tool is demonstrated with real-world scenarios from the health sector.
Description
Keywords
UML privacy modeling, privacy services