Ontologies for Privacy Requirements Engineering: A Systematic Literature Review
This work aims to improve privacy requirements engineering for software developers, but it is incremental as it builds on existing literature to propose an ontology.
The paper addresses the problem of privacy requirements being treated as a subset of security requirements, leading to overlooked key aspects, by conducting a systematic literature review to identify concepts and relations for capturing privacy requirements and proposing a novel privacy ontology for software engineers.
Privacy has been frequently identified as a main concern for system developers while dealing with/managing personal information. Despite this, most existing work on privacy requirements deals with them as a special case of security requirements. Therefore, key aspects of privacy are, usually, overlooked. In this context, wrong design decisions might be made due to insufficient understanding of privacy concerns. In this paper, we address this problem with a systematic literature review whose main purpose is to identify the main concepts/relations for capturing privacy requirements. In addition, the identified concepts/relations are further analyzed to propose a novel privacy ontology to be used by software engineers when dealing with privacy requirements.