Privacy Threat Modeling for Emerging BiobankClouds
- Resource Type
- Authors
- Erwin Laure; Åke Edlund; Jan-Eric Litton; Jane Reichel; Anna-Sara Lind; Ali Gholami
- Source
- EUSPN/ICTH
- Subject
- Information privacy
requirement analysis
Privacy by Design
Computer science
Big data
Juridik
Legislation
Cloud computing
threat modeling
Requirements elicitation
Computer security
computer.software_genre
Data Protection Directive
Data Protection Act 1998
data security
General Environmental Science
business.industry
Administrative law
cloud computing
Threat model
General Earth and Planetary Sciences
Data protection biobanking
business
computer
Law
privacy-preservation
- Language
- ISSN
- 1877-0509
There is an increased amount of data produced by next generation sequencing (NGS) machines which demand scalable storage and analysis of genomic data. In order to cope with this huge amount of information, many biobanks are interested in cloud computing capabilities such as on-demand elasticity of computing power and storage capacity. There are several security and privacy requirements mandated by personal data protection legislation which hinder biobanks from migrating big data generated by the NGS machines. This paper describes the privacy requirements of platform-as-service BiobankClouds according to the European Data Protection Directive (DPD). It identifies several key privacy threats which leave BiobankClouds vulnerable to an attack. This study benefits health-care application designers in the requirement elicitation cycle when building privacy-preserving BiobankCloud platforms.