Cloud Native Privacy Engineering through DevPrivOps
This addresses privacy engineering for cloud native systems, but it appears incremental as it builds on existing agile practices and privacy concepts.
The paper tackles the challenge of integrating privacy into cloud native systems by proposing DevPrivOps, a reference software development lifecycle that enhances agile methods, and shows it advances privacy by design and by default using latest technologies.
Cloud native information systems engineering enables scalable and resilient service infrastructures for all major online offerings. These are built following agile development practices. At the same time, a growing demand for privacy-friendly services is articulated by societal norms and policy through effective legislative frameworks. In this paper, we identify the conceptual dimensions of cloud native privacy engineering and propose an integrative approach to be addressed in practice to overcome the shortcomings of existing privacy enhancing technologies. Furthermore, we propose a reference software development lifecycle called DevPrivOps to enhance established agile development methods with respect to privacy. Altogether, we show that cloud native privacy engineering advances the state of the art of privacy by design and by default using latest technologies.