Privacy Risk Assessment Case Studies in Support of SQUARE
July 2009 • Special Report
Varokas Panusuwan, Prashanth Batlagundu Interviewer Nancy R. Mead
In this report, the authors describe enhancements to the SQUARE method for addressing privacy requirements.
Software Engineering Institute
CMU/SEI Report Number
This report contributes to further development of the Security Quality Requirements Engineering (SQUARE) method to address privacy. Risk assessment is Step 4 in the standard SQUARE process. This report examines privacy definitions, privacy regulations, and risk assessment techniques for privacy. The risk assessment techniques are classified using a standard method, and promising techniques are applied to two case studies. The case study results are provided along with future plans for SQUARE for Privacy.