A Framework Managing Conflicts between Security and Privacy Requirements

Abstract

Conflicting requirements are the key reasons for inconsistencies in software development. Privacy and security requirements, and their potential conflicts, are increasingly becoming more important to software development. Over the last few years, this has become formalised and required by law. A relevant example is the case of the General Data Protection Regulation (GDPR), which requires organisations and their software engineers to enforce and guarantee privacy-by-design to make their platforms compliant.

A thorough literature review revealed that there does not exist a comprehensive requirement engineering-oriented tool for supporting users in identifying conflicts between privacy and security requirements. To fill this gap, this research aims to address the problem of identifying and mitigating conflicts between security and privacy requirements. The research designs ConfIS; a three-phrase semi-automated framework which identifies, analyses and resolves conflict between security and privacy requirements. The proposed framework is implemented using Secure Tropos, a CASE Tool for Modelling Security in Requirements Engineering. To achieve a comprehensive evaluation, we designed a focus group session, including participants who are both experts and researchers. They applied ConfIS framework to a realistic example from DEFeND, an EU project aiming at supporting organisations in achieving GDPR compliance. Findings revealed that over 80% found the framework to be very supportive; 87% agreed that mapping between security and privacy for identifying conflict was clear and easy to follow very detailed steps. Additionally, 86% agreed that the framework adequately identified conflicts between requirements, and 77% agreed that the framework supported in understanding conflict resolutions’ patterns and its supporting tools. Through the use of this framework, conflicts can be identified at an early stage of the development process and remedied, thereby reducing development costs. Therefore, this framework builds on existing research by identifying the relevant resolution tools to identify and mitigate conflicts between security and privacy requirements.