Skip to main content
SpringerLink
Log in

MBIPV: a model-based approach for identifying privacy violations from software requirements

  • Regular Paper
  • Published:
Software and Systems Modeling Aims and scope Submit manuscript

Abstract

Nowadays, large-scale software systems in many domains, such as smart cities, involve multiple parties whose privacy policies may conflict with each other, and thus, data privacy violations may arise even without users being aware of it. In this context, identifying data security requirements and detecting potential privacy violations are crucial. In the area of model-based security requirements analysis, numerous research efforts have been done. However, few existing studies support automatic privacy violation identification from software requirements. To fill this gap, this paper presents MBIPV, a Model-Based approach for Identifying Privacy Violations from software requirements. First, this paper identifies six types of privacy violations in software requirements. Second, the MBIPV profile is proposed to support modeling software requirements using UML. Third, the MBIPV prototype tool is developed to generate formal models and corresponding privacy properties automatically. Then, the privacy properties are automatically verified by model checking. We evaluated the MBIPV method through case studies of four representative software systems from different domains: smart health, smart transportation, smart home, and e-commerce. The results show that MBIPV has high accuracy and efficiency in identifying the privacy violations from the software requirements. To the best of our knowledge, MBIPV is the first model-based approach that supports the automatic verification of privacy properties of UML software requirement models. The source code of the MBIPV tool and the experimental data are available online at https://github.com/YETONG1219/MBIPV.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Pedroza, G., Mockly, G.: Method and framework for security risks analysis guided by safety criteria. In: Proceedings of the 23rd ACM/IEEE International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings, pp. 1–8 (2020)

  2. Mahadewa, K., Zhang, Y., Bai, G., Bu, L., Zuo, Z., Fernando, D., Liang, Z., Dong, J.S.: Identifying privacy weaknesses from multi-party trigger-action integration platforms. In: Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 2–15 (2021)

  3. Pedroza, G., Muntes-Mulero, V., Martín, Y.S., Mockly, G.: A model-based approach to realize privacy and data protection by design. In: 2021 IEEE European Symposium on Security and Privacy Workshops (EuroS &PW), pp. 332–339 (2021). IEEE

  4. Villamizar, H., Neto, A.A., Kalinowski, M., Garcia, A., Méndez, D.: An approach for reviewing security-related aspects in agile requirements specifications of web applications. In: 2019 IEEE 27th International Requirements Engineering Conference (RE), pp. 86–97 (2019). IEEE

  5. Feng, J., Miao, W., Zheng, H., Huang, Y., Li, J., Wang, Z., Su, T., Gu, B., Pu, G., Yang, M., et al.: Frepa: an automated and formal approach to requirement modeling and analysis in aircraft control domain. In: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 1376–1386 (2020)

  6. Basin, D., Doser, J., Lodderstedt, T.: Model driven security for process-oriented systems. In: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies, pp. 100–109 (2003)

  7. Kreitz, M.: Security by design in software engineering. ACM SIGSOFT Softw. Eng. Notes 44(3), 23–23 (2019)

    Article  Google Scholar 

  8. Rumbaugh, J.E., Jacobson, I., Booch, G.: The unified modeling language reference manual. (1999)

  9. McDermott, J.P., Fox, C.: Using abuse case models for security requirements analysis. In: Proceedings 15th Annual Computer Security Applications Conference (ACSAC’99), 55–64 (1999)

  10. Sindre, G., Opdahl, A.: Eliciting security requirements with misuse cases. Requir. Eng. 10, 34–44 (2004)

    Article  Google Scholar 

  11. Deng, M., Wuyts, K., Scandariato, R., Preneel, B., Joosen, W.: A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requir. Eng. 16, 3–32 (2010)

    Article  Google Scholar 

  12. Hazeyama, A., Tanaka, S., Tanaka, T., Hashiura, H., Munetoh, S., Okubo, T., Kaiya, H., Washizaki, H., Yoshioka, N.: Security requirement modeling support system using software security knowledge base. In: 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC) 02, 234–239 (2018)

  13. Mai, P.X., Goknil, A., Shar, L.K., Pastore, F., Briand, L.C., Shaame, S.: Modeling security and privacy requirements: a use case-driven approach. Inf. Softw. Technol. 100, 165–182 (2018)

    Article  Google Scholar 

  14. Jürjens, J.: Umlsec: Extending uml for secure systems development. In: UML (2002)

  15. Mohsin, M.H.B., Khan, M.U.A.: Uml-sr: A novel security requirements specification language. In: 2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS), 342–349 (2019)

  16. Ni, S., Zhuang, Y., Cao, Z., Kong, X.: Modeling dependability features for real-time embedded systems. IEEE Trans. Depend. Secure Comput. 12, 190–203 (2015)

    Article  Google Scholar 

  17. Hu, X., Zhuang, Y., Zhang, F.: A security modeling and verification method of embedded software based on z and marte. Comput. Secur. 88, 10615 (2020)

    Article  Google Scholar 

  18. Varela-Vaca, Á.J., Rosado, D.G., Sánchez, L.E., Gómez-López, M.T., Gasca, R.M., Fernández-Medina, E.: Carmen: a framework for the verification and diagnosis of the specification of security requirements in cyber-physical systems. Comput. Ind. 132, 103524 (2021)

    Article  Google Scholar 

  19. Escamilla-Ambrosio, P.J., Robles-Ramírez, D.A., Tryfonas, T., Rodríguez-Mota, A., Gallegos-García, G., Salinas-Rosales, M.: Iotsecm: a uml/sysml extension for internet of things security modeling. IEEE Access 9, 154112–154135 (2021)

    Article  Google Scholar 

  20. Bernardi, S., Gentile, U., Marrone, S., Merseguer, J., Nardone, R.: Security modelling and formal verification of survivability properties: application to cyber-physical systems. J. Syst. Softw. 171, 110746 (2021)

    Article  Google Scholar 

  21. Torre, D., Alférez, M., Soltana, G., Sabetzadeh, M., Briand, L.C.: Modeling data protection and privacy: application and experience with gdpr. Softw. Syst. Model. 20, 2071–2087 (2021)

    Article  Google Scholar 

  22. Pullonen, P., Tom, J., Matuleviius, R., Toots, A.: Privacy-enhanced bpmn: enabling data privacy analysis in business processes models. Softw. Syst. Model. 18(6), 3235–3264 (2019)

    Article  Google Scholar 

  23. Mazeika, D., Butleris, R.: Integrating security requirements engineering into mbse: profile and guidelines. Secur. Commun. Netw. 2020, 5137625–1513762512 (2020)

    Article  Google Scholar 

  24. van Lamsweerde, A.: Engineering requirements for system reliability and security. NATO Secur. Through Sci. Ser. D-Inf. Commun. Secur. 9, 196 (2007)

    MATH  Google Scholar 

  25. Rouland, Q., Hamid, B., Bodeveix, J.-P., Filali, M.: A formal methods approach to security requirements specification and verification. In: 2019 24th International Conference on Engineering of Complex Computer Systems (ICECCS), 236–241 (2019)

  26. Hale, M.L., Gamble, R.F.: Semantic hierarchies for extracting, modeling, and connecting compliance requirements in information security control standards. Requir. Eng. 24, 365–402 (2017)

    Article  Google Scholar 

  27. Ghezzi, C., Menghi, C., Sharifloo, A.M., Spoletini, P.: On requirement verification for evolving statecharts specifications. Requir. Eng. 19(3), 231–255 (2014)

    Article  Google Scholar 

  28. Voigt, P., Von dem Bussche, A.: The eu general data protection regulation (gdpr). A Practical Guide, 1st Ed., Cham: Springer International Publishing 10, 3152676 (2017)

  29. Solanas, A., Patsakis, C., Conti, M., Vlachos, I.S., Ramos, V., Falcone, F., Postolache, O.A., Pérez-Martínez, P.A., Pietro, R.D., Perrea, D.N., Martínez-Ballesté, A.: Smart health: a context-aware health paradigm within smart cities. IEEE Commun. Magazine 52, 74–81 (2014)

    Article  Google Scholar 

  30. de Fuentes, J.M., González-Manzano, L., Solanas, A., Veseli, F.: Attribute-based credentials for privacy-aware smart health services in iot-based smart cities. Computer 51, 44–53 (2018)

    Article  Google Scholar 

  31. Kavallieratos, G., Gkioulos, V., Katsikas, S.K.: Threat analysis in dynamic environments: The case of the smart home. In: 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), pp. 234–240 (2019). IEEE

  32. Ieee standard for application technical specification of blockchain-based e-commerce transaction evidence collecting. In: IEEE Std 3802-2022, 1–24 (2022). https://doi.org/10.1109/IEEESTD.2022.9745865

  33. MBIPV. available at https://github.com/YETONG1219/MBIPV (2021)

  34. Parker, L., Halter, V., Karliychuk, T., Grundy, Q.: How private is your mental health app data? an empirical study of mental health app privacy policies and practices. Int. J. law Psychiatry 64, 198–204 (2019)

    Article  Google Scholar 

  35. Tangari, G., Ikram, M., Ijaz, K., Kaafar, M.A., Berkovsky, S.: Mobile health and privacy: cross sectional study. Bmj 373 (2021)

  36. Ismagilova, E., Hughes, L., Rana, N.P., Dwivedi, Y.K.: Security, privacy and risks within smart cities: literature review and development of a smart city interaction framework. Inf. Syst. Front. 24(2), 393–414 (2020)

    Article  Google Scholar 

  37. Kitchin, R., Dodge, M.: The (in) security of smart cities: Vulnerabilities, risks, mitigation, and prevention. Journal of Urban Technology, 47–65 (2020)

  38. Vitunskaite, M., He, Y., Brandstetter, T., Janicke, H.: Smart cities and cyber security: are we there yet? a comparative study on the role of standards, third party risk management and security ownership. Comput. Secur. 83, 313–331 (2019)

    Article  Google Scholar 

  39. Alhanahnah, M., Stevens, C., Bagheri, H.: Scalable analysis of interaction threats in iot systems. In: Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 272–285 (2020)

  40. Edu, J.S., Such, J.M., Suarez-Tangil, G.: Smart home personal assistants: a security and privacy review. ACM Comput. Surv. (CSUR) 53(6), 1–36 (2020)

    Article  Google Scholar 

  41. Fang, L., Yin, C., Zhu, J., Ge, C., Tanveer, M., Jolfaei, A., Cao, Z.: Privacy protection for medical data sharing in smart healthcare. ACM Trans. Multimed. Comput. Commun. Appl. (TOMM) 16(3s), 1–18 (2020)

    Article  Google Scholar 

  42. Xu, S., Yang, G., Mu, Y., Liu, X.: A secure iot cloud storage system with fine-grained access control and decryption key exposure resistance. Future Gener. Comput. Syst. 97, 284–294 (2019)

    Article  Google Scholar 

  43. Ali, S., Elgharabawy, M., Duchaussoy, Q., Mannan, M., Youssef, A.: Parental controls: safer internet solutions or new pitfalls? IEEE Secur. Privacy 19(6), 36–46 (2021)

    Article  Google Scholar 

  44. Frustaci, M., Pace, P., Aloi, G., Fortino, G.: Evaluating critical security issues of the iot world: present and future challenges. IEEE Internet of Things J. 5(4), 2483–2495 (2017)

    Article  Google Scholar 

  45. Hu, X., Zhuang, Y.: Phrima: a permission-based hybrid risk management framework for android apps. Comput. Secur. 94, 101791 (2020)

    Article  Google Scholar 

  46. Zahoor, S.M.Z.M.: A systematic analysis of big data security framework established on encryption. Journal homepage: www.ijrpr.com ISSN 2582, 7421

  47. Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)

    Article  Google Scholar 

  48. Kumar, S., Shanker, R., Verma, S.: Context aware dynamic permission model: a retrospect of privacy and security in android system. In: 2018 International Conference on Intelligent Circuits and Systems (ICICS), pp. 324–329 (2018). IEEE

  49. Goutam, S., Enck, W., Reaves, B.: Hestia: simple least privilege network policies for smart homes. In: Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, pp. 215–220 (2019)

  50. Eclipse Papyrus. https://www.eclipse.org/papyrus (accessed 25 December 2021)

  51. Ravi, Yadav, S., Jindal, R., Anand, S.: A study on comparison of uml and er diagram. (2020)

  52. NuSMV. https://nusmv.fbk.eu/index.html (accessed 18 November 2021)

  53. Celik, Z.B., Mcdaniel, P., Tan, G.: Soteria: Automated iot safety and security analysis. In: USENIX Annual Technical Conference (2018)

  54. dom4j. https://dom4j.github.io (accessed 29 April 2022)

  55. Zhao, Y., Yang, Z., Xie, J.: Formal semantics of uml state diagram and automatic verification based on kripke structure. In: 2009 Canadian Conference on Electrical and Computer Engineering, 974–978 (2009)

  56. Wohlin, C., Runeson, P., Höst, M., Ohlsson, M.C., Regnell, B., Wesslén, A.: Experimentation in software engineering: an introduction. (2000)

  57. Turner, M., Kitchenham, B., Brereton, P., Charters, S., Budgen, D.: Does the technology acceptance model predict actual use? a systematic literature review. Inf. Softw. Technol. 52(5), 463–479 (2010)

    Article  Google Scholar 

Download references

Acknowledgements

This work is supported by the National Natural Science Foundation of China (General Program) under Grant No. 61572253.

Author information

Author notes

  1. Tong Ye and Gongzhe Qiao contributed equally to this study.

Authors and Affiliations

  1. College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, 29 Jiangjun Ave, Nanjing, 211100, Jiangsu, China

    Tong Ye, Yi Zhuang & Gongzhe Qiao

Authors
  1. Tong Ye
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yi Zhuang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gongzhe Qiao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yi Zhuang.

Additional information

Communicated by Ana Moreira.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ye, T., Zhuang, Y. & Qiao, G. MBIPV: a model-based approach for identifying privacy violations from software requirements. Softw Syst Model 22, 1251–1280 (2023). https://doi.org/10.1007/s10270-022-01072-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10270-022-01072-3

Keywords

Search

Navigation