The Good, the Bad, and the (Un)Usable: A Rapid Literature Review on Privacy as Code
Privacy and security are central to the design of information systems endowed with sound data protection and cyber resilience capabilities. Still, developers often struggle to incorporate these properties into software projects as they either lack proper cybersecurity training or do not consider them a priority. Prior work has tried to support privacy and security engineering activities through threat modeling methods for scrutinizing flaws in system architectures. Moreover, several techniques for the automatic identification of vulnerabilities and the generation of secure code implementations have also been proposed in the current literature. Conversely, such as-code approaches seem under-investigated in the privacy domain, with little work elaborating on (i) the automatic detection of privacy properties in source code or (ii) the generation of privacy-friendly code. In this work, we seek to characterize the current research landscape of Privacy as Code (PaC) methods and tools by conducting a rapid literature review. Our results suggest that PaC research is in its infancy, especially regarding the performance evaluation and usability assessment of the existing approaches. Based on these findings, we outline and discuss prospective research directions concerning empirical studies with software practitioners, the curation of benchmark datasets, and the role of generative AI technologies.
Sun 27 AprDisplayed time zone: Eastern Time (US & Canada) change
16:00 - 17:30 | Responsible SE Session / Day 1 ClosingResearch Track at 210 Chair(s): Ronnie de Souza Santos University of Calgary | ||
16:00 15mTalk | Irresponsibility Killed the Cat: Software Accountability Concerns Research Track Aria Zegers Vrije Universiteit Amsterdam, Natalie Preciado Vrije Universiteit Amsterdam, Jan Duchnowski Vrije Universiteit Amsterdam, Fernanda Madeiral Universidade Federal de Pernambuco, Emitzá Guzmán Vrije Universiteit Amsterdam | ||
16:15 15mTalk | In Defence of Collaboration Ecosystems: Addressing Critical Collaboration Elements, Cognitive Biases, and the Role of Technology Research Track Larry Abdullai LUT University, Kseniia Perova LUT University, Jari Porras LUT University , Sanaul Haque LUT University, Ekaterina Albats LUT University, Stefanie Kunkel Research Institute for Sustainabiltiy (RIFS) Helmholtz Centre Potsdam | ||
16:30 10mTalk | Creative Problem-Solving: A Study with Blind and Low Vision Software Professionals Research Track Karina Kohl UFRGS, Yoonha Cha University of California, Irvine, Victoria Jackson University of California, Irvine, Rafael Prikladnicki School of Technology at PUCRS University, Andre van der Hoek University of California, Irvine, Stacy Branham University of California, Irvine Pre-print | ||
16:40 10mTalk | Towards debiasing code review support Research Track Tobias Jetzen University of Namur, Xavier Devroey University of Namur, Nicolas Matton University of Namur, Benoît Vanderose University of Namur Pre-print | ||
16:50 10mTalk | The Good, the Bad, and the (Un)Usable: A Rapid Literature Review on Privacy as Code Research Track Nicolás E. Díaz Ferreyra Hamburg University of Technology, Sirine Khelifi Hamburg University of Technology, Nalin Arachchilage RMIT University, Riccardo Scandariato Hamburg University of Technology Pre-print | ||
17:00 10mTalk | Inequity in Software Engineering: Looks that Matter Research Track Mary Sánchez-Gordón Østfold University College, Rahul Mohanani University of Jyväskylä, Ricardo Colomo-Palacios Universidad Politécnica de Madrid | ||
17:10 10mTalk | Lost in Transition: The Struggle of Women Returning to Software Engineering Research after Career Breaks Research Track Pre-print | ||
17:20 10mTalk | Day 1 Closing Research Track | ||