search menu icon-carat-right cmu-wordmark

Privacy Risk Assessment Case Studies in Support of SQUARE

July 2009 Special Report
Varokas Panusuwan, Prashanth Batlagundu Interviewer Nancy R. Mead

In this report, the authors describe enhancements to the SQUARE method for addressing privacy requirements.

Publisher:

Software Engineering Institute

CMU/SEI Report Number

CMU/SEI-2009-SR-017

Abstract

This report contributes to further development of the Security Quality Requirements Engineering (SQUARE) method to address privacy. Risk assessment is Step 4 in the standard SQUARE process. This report examines privacy definitions, privacy regulations, and risk assessment techniques for privacy. The risk assessment techniques are classified using a standard method, and promising techniques are applied to two case studies. The case study results are provided along with future plans for SQUARE for Privacy.