Skip to main content
. 2020 Apr 10;22(4):429. doi: 10.3390/e22040429

Table 3.

Privacy requirements’ engineering methodologies.

Methodology Description Tool Reference
LINDDUN LINDDUN aims to support the elicitation and fulfillment of privacy requirements in software based systems through a privacy threat analysis framework. Design of a data flow diagram (DFD) of the system [5]
SQUARE for Privacy SQUARE for privacy follows the same steps as the original SQUARE method in conjunction with the Privacy Requirements Elicitation Technique (PRET). PRET tool [36]
PriS PriS is referred as a goal-oriented approach that considers privacy requirements as organizational goals that have to be achieved by the system. Pris [8]
Role-Based Access Control (RBAC) RBAC framework is an agent-oriented framework that aims to model privacy requirements and to map user’s roles and permissions with a structured way. Not supported [4]
STRAP STRAP is referred as a goal-oriented approach and it is based on a structured analysis of privacy vulnerabilities, as well as on an iterative process of four steps (Analysis, Refinement, Evaluation and Iteration) for the integration of preferences. Not supported [10]
Secure Tropos with PriS A model-based process that takes into consideration security and privacy concepts in parallel at the early stages of system analysis and design. Not supported [7]
i* method Agent-oriented method that focuses on system agents and their interdependencies and aims to analyze, model, and design the organization’s processes at the early stages of system design. Organization Modelling Environment (OME) [9]
Privacy Criteria Method Privacy Criteria Method (PCM)—an approach designed to guide the specification of privacy requirements in agile software development. PCM Tool [37]
Pret Computer-Aided Privacy Requirements Elicitation Technique that helps software developers elicit privacy requirements more efficiently in the early stages of software development. PRET tool [38]
EPICUREAN EPICUREAN is a recommender-based privacy requirements elicitation approach. EPICUREAN uses modeling and data mining techniques to determine and recommend appropriate privacy settings to the user. EPICUREAN Knowledge Model [39]