Privacy by Design: On the Conformance Between Protocols and Architectures
This addresses the challenge of ensuring privacy compliance in system design for developers and architects, but it is incremental as it builds on existing formal methods.
The paper tackles the problem of verifying whether a concrete protocol conforms to a high-level privacy architecture, using formal methods to provide a systematic answer.
In systems design, we generally distinguish the architecture and the protocol levels. In the context of privacy by design, in the first case, we talk about privacy architectures, which define the privacy goals and the main features of the system at high level. In the latter case, we consider the underlying concrete protocols and privacy enhancing technologies that implement the architectures. In this paper, we address the question that whether a given protocol conforms to a privacy architecture and provide the answer based on formal methods. We propose a process algebra variant to define protocols and reason about privacy properties, as well as a mapping procedure from protocols to architectures that are defined in a high-level architecture language.