{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,3]],"date-time":"2025-05-03T04:12:45Z","timestamp":1746245565477,"version":"3.40.4"},"publisher-location":"Cham","reference-count":59,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319067483"},{"type":"electronic","value":"9783319067490"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-06749-0_1","type":"book-chapter","created":{"date-parts":[[2014,5,15]],"date-time":"2014-05-15T00:43:14Z","timestamp":1400114594000},"page":"1-17","source":"Crossref","is-referenced-by-count":18,"title":["Privacy by Design: From Technologies to Architectures"],"prefix":"10.1007","author":[{"given":"Thibaud","family":"Antignac","sequence":"first","affiliation":[]},{"given":"Daniel","family":"Le M\u00e9tayer","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"Abadi, M., Fournet, C.: Mobile Values, New Names, and Secure Communication. In: Proceedings of the 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 104\u2013115 (2001)","DOI":"10.1145\/373243.360213"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Allen, R., Garlan, D.: Formalizing Architectural Connection. In: Proc. 16th Int\u2019l Conf. Software Eng. pp. 71\u201380 (May 1994)","DOI":"10.1109\/ICSE.1994.296767"},{"key":"1_CR3","doi-asserted-by":"crossref","unstructured":"Backes, M., D\u00fcrmuth, M., Karjoth, G.: Unification in privacy policy evaluation - translating EPAL into Prolog. In: POLICY, pp. 185\u2013188 (2004)","DOI":"10.1109\/POLICY.2004.1309165"},{"key":"1_CR4","unstructured":"Balasch, J., Rial, A., Troncoso, C., Preneel, B., Verbauwhede, I., Geuens, C.: PrETP: Privacy-preserving electronic toll pricing. In: USENIX Security Symposium, pp. 63\u201378 (2010)"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Barth, A., Datta, A., Mitchell, J.C., Nissenbaum, H.: Privacy and contextual integrity: Framework and applications. In: IEEE Symposium on Security and Privacy, pp. 184\u2013198 (2006)","DOI":"10.1109\/SP.2006.32"},{"key":"1_CR6","unstructured":"Bass, L., Clements, P., Kazman, R.: Software architecture in practice, 3rd edn. SEI Series in Software Engineering. Addison-Wesley (2013)"},{"key":"1_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"125","DOI":"10.1007\/978-3-642-17714-9_10","volume-title":"Information Systems Security","author":"M.Y. Becker","year":"2010","unstructured":"Becker, M.Y., Malkis, A., Bussard, L.: A practical generic privacy language. In: Jha, S., Mathuria, A. (eds.) ICISS 2010. LNCS, vol.\u00a06503, pp. 125\u2013139. Springer, Heidelberg (2010)"},{"key":"1_CR8","unstructured":"Booch, G., Jacobson, I., Rumbaugh, J.: The Unified Modeling Language Reference Manual, 2nd edn. Addison Wesley Professional (2004)"},{"issue":"2","key":"1_CR9","first-page":"123","volume":"3","author":"M.L. Damiani","year":"2010","unstructured":"Damiani, M.L., Bertino, E., Silvestri, C.: The probe framework for the personalized cloaking of private locations. Transactions on Data Privacy\u00a03(2), 123\u2013148 (2010)","journal-title":"Transactions on Data Privacy"},{"issue":"4","key":"1_CR10","doi-asserted-by":"crossref","first-page":"435","DOI":"10.3233\/JCS-2009-0340","volume":"17","author":"S. Delaune","year":"2009","unstructured":"Delaune, S., Kremer, S., Ryan, M.D.: Verifying Privacy-type Properties of Electronic Voting Protocols. Journal of Computer Security\u00a017(4), 435\u2013487 (2009)","journal-title":"Journal of Computer Security"},{"issue":"3","key":"1_CR11","doi-asserted-by":"publisher","first-page":"399","DOI":"10.1007\/BF03219914","volume":"61","author":"Y. Deswarte","year":"2006","unstructured":"Deswarte, Y., Melchor, C.A.: Current and future privacy enhancing technologies for the internet. Annals of Telecommunications\u00a061(3), 399\u2013417 (2006)","journal-title":"Annals of Telecommunications"},{"key":"1_CR12","unstructured":"G\u00fcrses, S.F., Troncoso, C., Diaz, C.: Engineering privacy by design. In: Computers, Privacy & Data Protection (2011)"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. Part II, LNCS, vol.\u00a04052, pp. 1\u201312. Springer, Heidelberg (2006)","DOI":"10.1007\/11787006_1"},{"issue":"1","key":"1_CR14","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1145\/1866739.1866758","volume":"54","author":"C. Dwork","year":"2011","unstructured":"Dwork, C.: A firm foundation for private data analysis. Commun. ACM\u00a054(1), 86\u201395 (2011)","journal-title":"Commun. ACM"},{"key":"1_CR15","unstructured":"E.C. European Commission. Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). inofficial consolidated version after LIBE Commitee vote provided by the rapporteur (October 22, 2013)"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Fagin, R., Halpern, J.Y., Moses, Y., Vardi, M.: Reasoning About Knowledge. A Bradford Book (January 9, 2004); 1st MIT Press Paperback edition","DOI":"10.7551\/mitpress\/5803.001.0001"},{"key":"1_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1007\/978-3-642-22444-7_15","volume-title":"Security and Trust Management","author":"F.D. Garcia","year":"2011","unstructured":"Garcia, F.D., Jacobs, B.: Privacy-friendly energy-metering via homomorphic encryption. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds.) STM 2010. LNCS, vol.\u00a06710, pp. 226\u2013238. Springer, Heidelberg (2011)"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Goldberg, I.: Privacy-enhancing technologies for the internet III: ten years later. In: Digital Privacy: Theory, Technologies, and Practices, pp. 84\u201389. TeX Users Group (December 2007)","DOI":"10.1201\/9781420052183.ch1"},{"issue":"7","key":"1_CR19","doi-asserted-by":"publisher","first-page":"769","DOI":"10.1002\/spe.1131","volume":"43","author":"M. Hafiz","year":"2013","unstructured":"Hafiz, M.: A Pattern Language for Developing Privacy Enhancing Technologies. Foftware Practice and Experience\u00a043(7), 769\u2013787 (2013)","journal-title":"Foftware Practice and Experience"},{"issue":"1","key":"1_CR20","doi-asserted-by":"publisher","first-page":"220","DOI":"10.1016\/j.artint.2010.04.009","volume":"175","author":"J.Y. Halpern","year":"2011","unstructured":"Halpern, J.Y., Pucella, R.: Dealing with logical omniscience: Expressiveness and pragmatics. Artif. Intell.\u00a0175(1), 220\u2013235 (2011)","journal-title":"Artif. Intell."},{"key":"1_CR21","doi-asserted-by":"crossref","unstructured":"Hoepman, J.-H.: Privacy Design Strategies. CoRR (2013)","DOI":"10.1007\/978-3-642-55415-5_38"},{"key":"1_CR22","doi-asserted-by":"crossref","unstructured":"H\u00f6fer, C., Petit, J., Schmidt, R., Kargl, F.: POPCORN: Privacy-preserving charging for e-mobility. In: Proceedings of the 2013 ACM Workshop on Security, Privacy & Dependability for Cyber Vehicles (CyCAR 2013), pp. 37\u201348. ACM, New York (2013)","DOI":"10.1145\/2517968.2517971"},{"issue":"4","key":"1_CR23","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1109\/32.385973","volume":"21","author":"P. Inverardi","year":"1995","unstructured":"Inverardi, P., Wolf, A.: Formal specification and analysis of software architectures using the chemical abstract machine model. IEEE Transactions on Software Engineering, Special Issue on Software Architectures \u00a021(4), 373\u2013386 (1995)","journal-title":"IEEE Transactions on Software Engineering"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Jafari, M., Fong, P.W.L., Safavi-Naini, R., Barker, K., Sheppard, N.P.: Towards defining semantic foundations for purpose-based privacy policies. In: CODASPY, pp. 213\u2013224 (2011)","DOI":"10.1145\/1943513.1943541"},{"key":"1_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"192","DOI":"10.1007\/978-3-642-22263-4_11","volume-title":"Privacy Enhancing Technologies","author":"M. Jawurek","year":"2011","unstructured":"Jawurek, M., Johns, M., Kerschbaum, F.: Plug-In Privacy for Smart Metering Billing. In: Fischer-H\u00fcbner, S., Hopper, N. (eds.) PETS 2011. LNCS, vol.\u00a06794, pp. 192\u2013210. Springer, Heidelberg (2011)"},{"key":"1_CR26","unstructured":"Jawurek, M., Kerschbaum, F., Danezis, G.: Privacy Technologies for Smart Grids - A Survey of Options. MSR-TR-2012-119 (November 2012)"},{"key":"1_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/978-3-642-01465-9_10","volume-title":"Formal Aspects in Security and Trust","author":"W. Jonge de","year":"2009","unstructured":"de Jonge, W., Jacobs, B.: Privacy-friendly electronic traffic pricing via commits. In: Degano, P., Guttman, J., Martinelli, F. (eds.) FAST 2008. LNCS, vol.\u00a05491, pp. 143\u2013161. Springer, Heidelberg (2009)"},{"key":"1_CR28","doi-asserted-by":"crossref","unstructured":"Kerschbaum, F.: Privacy-preserving computation. In: Preneel, B., Ikonomou, D. (eds.) APF 2012. LNCS, vol.\u00a08319, pp. 41\u201354. Springer, Heidelberg (2014)","DOI":"10.1007\/978-3-642-54069-1_3"},{"key":"1_CR29","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1016\/j.clsr.2008.01.006","volume":"4","author":"E. Kosta","year":"2008","unstructured":"Kosta, E., Zibuschka, J., Scherner, T., Dumortier, J.: Legal considerations on privacy-enhancing location based services using PRIME technology. Computer Law and Security Report\u00a04, 139\u2013146 (2008)","journal-title":"Computer Law and Security Report"},{"key":"1_CR30","doi-asserted-by":"publisher","first-page":"391","DOI":"10.1007\/s00779-008-0212-5","volume":"13","author":"J. Krumm","year":"2008","unstructured":"Krumm, J.: A survey of computational location privacy. Pers. Ubiquit. Comput.\u00a013, 391\u2013399 (2008)","journal-title":"Pers. Ubiquit. Comput."},{"key":"1_CR31","series-title":"LNCS","first-page":"18","volume-title":"APF 2014","author":"A. Kung","year":"2014","unstructured":"Kung, A.: PEARs: Privacy enhancing aRchitectures. In: Preneel, B., Ikonomou, D. (eds.) APF 2014. LNCS, vol.\u00a08450, pp. 18\u201330. Springer, Heidelberg (2014)"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"Langheinrich, M.: Privacy by design - principles of privacy-aware ubiquitous systems. In: Abowd, G.D., Brumitt, B., Shafer, S. (eds.) UbiComp 2001. LNCS, vol.\u00a02201, pp. 273\u2013291. Springer, Heidelberg (2001)","DOI":"10.1007\/3-540-45427-6_23"},{"key":"1_CR33","doi-asserted-by":"crossref","unstructured":"LeMay, M., Gross, G., Gunter, C.A., Garg, S.: Unified architecture for large-scale attested metering. In: HICSS, pp. 115\u2013124 (2007)","DOI":"10.1109\/HICSS.2007.586"},{"key":"1_CR34","doi-asserted-by":"crossref","unstructured":"Le M\u00e9tayer, D.: Software Architecture Styles As Graph Grammars. ACM SIGSOFT Software Eng. Notes (November 1996)","DOI":"10.1145\/239098.239105"},{"key":"1_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/978-3-642-01465-9_11","volume-title":"Formal Aspects in Security and Trust","author":"D. M\u00e9tayer Le","year":"2009","unstructured":"Le M\u00e9tayer, D.: A formal privacy management framework. In: Degano, P., Guttman, J., Martinelli, F. (eds.) FAST 2008. LNCS, vol.\u00a05491, pp. 162\u2013176. Springer, Heidelberg (2009)"},{"key":"1_CR36","doi-asserted-by":"crossref","unstructured":"Le M\u00e9tayer, D.: Privacy by design: A matter of choice. In: Data Protection in a Profiled World, pp. 323\u2013334. Springer (2010)","DOI":"10.1007\/978-90-481-8865-9_20"},{"key":"1_CR37","doi-asserted-by":"crossref","unstructured":"Le M\u00e9tayer, D.: Privacy by design: a formal framework for the analysis of architectural choices. In: CODASPY 2013, pp. 95\u2013104 (2013)","DOI":"10.1145\/2435349.2435361"},{"key":"1_CR38","unstructured":"Li, N., Yu, T., Ant\u00f3n, A.I.: A semantics based approach to privacy languages. Comput. Syst. Sci. Eng.\u00a021(5) (2006)"},{"key":"1_CR39","unstructured":"Li, N., Qardaji, W.H., Su, D.: Provably private data anonymization: Or, k-anonymity meets differential privacy. CoRR, abs\/1101.2604 (2011)"},{"key":"1_CR40","doi-asserted-by":"crossref","unstructured":"Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-diversity: Privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data\u00a01(1), Article 3 (March 2007)","DOI":"10.1145\/1217299.1217302"},{"issue":"9","key":"1_CR41","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1145\/1810891.1810916","volume":"53","author":"F. McSherry","year":"2010","unstructured":"McSherry, F.: Privacy integrated queries: an extensible platform for privacy-preserving data analysis. Commun. ACM\u00a053(9), 89\u201397 (2010)","journal-title":"Commun. ACM"},{"key":"1_CR42","doi-asserted-by":"publisher","first-page":"627","DOI":"10.1145\/1557019.1557090","volume-title":"Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD 2009)","author":"F. McSherry","year":"2009","unstructured":"McSherry, F., Mironov, I.: Differentially private recommender systems: building privacy into the net. In: Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD 2009), pp. 627\u2013636. ACM, New York (2009)"},{"key":"1_CR43","doi-asserted-by":"crossref","unstructured":"McSherry, F., Talwar, K.: Mechanism design via differential privacy. In: FOCS, pp. 94\u2013103 (2007)","DOI":"10.1109\/FOCS.2007.66"},{"key":"1_CR44","series-title":"LNBIP","doi-asserted-by":"publisher","first-page":"455","DOI":"10.1007\/978-3-642-38490-5_41","volume-title":"Advanced Information Systems Engineering Workshops","author":"V. Manousakis","year":"2013","unstructured":"Manousakis, V., Kalloniatis, C., Kavakli, E., Gritzalis, S.: Privacy in the Cloud: Bridging the Gap between Design and Implementation. In: Franch, X., Soffer, P. (eds.) CAiSE Workshops 2013. LNBIP, vol.\u00a0148, pp. 455\u2013465. Springer, Heidelberg (2013)"},{"key":"1_CR45","doi-asserted-by":"crossref","unstructured":"May, M.J., Gunter, C.A., Lee, I.: Privacy APIs: Access control techniques to analyze and verify legal privacy policies. In: CSFW, pp. 85\u201397 (2006)","DOI":"10.1109\/CSFW.2006.24"},{"key":"1_CR46","unstructured":"Mulligan, D.K., King, J.: Bridging the Gap between Privacy and Design. University of Pennsylvania Journal of Constitutional Law\u00a04(14) (2012)"},{"key":"1_CR47","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1007\/978-3-642-20769-3_23","volume":"352","author":"S. Pearson","year":"2011","unstructured":"Pearson, S., Benameur, A.: A Decision Support System for Design for Privacy. Privacy and Identity, IFIP AICT\u00a0352, 283\u2013296 (2011)","journal-title":"Privacy and Identity, IFIP AICT"},{"key":"1_CR48","doi-asserted-by":"crossref","unstructured":"Perry, D.E., Wolf, A.L.: Foundations for the study of software architecture. ACM SIGSOFT Software Eng. Notes (October 1992)","DOI":"10.1145\/141874.141884"},{"key":"1_CR49","unstructured":"Popa, R.A., Balakrishnan, H., Blumberg, A.J.: Vpriv: Protecting privacy in location-based vehicular services. In: USENIX Security Symposium, pp. 335\u2013350 (2009)"},{"key":"1_CR50","doi-asserted-by":"crossref","unstructured":"Poullet, Y.: About the e-privacy directive, towards a third generation of data protection legislations. In: Data Protection in a Profile World, pp. 3\u201329. Springer (2010)","DOI":"10.1007\/978-90-481-8865-9_1"},{"issue":"2","key":"1_CR51","doi-asserted-by":"publisher","first-page":"287","DOI":"10.1093\/logcom\/exi078","volume":"16","author":"R. Pucella","year":"2006","unstructured":"Pucella, R.: Deductive Algorithmic Knowledge. Journal of Logic and Computation\u00a016(2), 287\u2013309 (2006)","journal-title":"Journal of Logic and Computation"},{"key":"1_CR52","doi-asserted-by":"crossref","unstructured":"Rezgui, A., Bouguettaya, A., Eltoweissy, M.Y.: Privacy on the web: facts, challenges, and solutions. In: IEEE Security and Privacy, pp. 40\u201349 (2003)","DOI":"10.1109\/MSECP.2003.1253567"},{"key":"1_CR53","doi-asserted-by":"crossref","unstructured":"Rial, A., Danezis, G.: Privacy-preserving smart metering. In: Proceedings of the 2011 ACM Workshop on Privacy in the Electronic Society, WPES 2011. ACM (2011)","DOI":"10.1145\/2046556.2046564"},{"key":"1_CR54","doi-asserted-by":"crossref","unstructured":"Shaw, M., Clements, P.: The Golden Age of Software Architecture: A Comprehensive Survey. In: Research Report CMU-ISRI-06-101. Carnegie Mellon University (2006)","DOI":"10.21236\/ADA494322"},{"key":"1_CR55","doi-asserted-by":"crossref","unstructured":"Spiekermann, S., Cranor, L.F.: Engineering Privacy. IEEE Transactions on Software Engineering\u00a035(1) (2009)","DOI":"10.1109\/TSE.2008.88"},{"issue":"5","key":"1_CR56","doi-asserted-by":"publisher","first-page":"557","DOI":"10.1142\/S0218488502001648","volume":"10","author":"L. Sweeney","year":"2002","unstructured":"Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems\u00a010(5), 557\u2013570 (2002)","journal-title":"International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems"},{"key":"1_CR57","doi-asserted-by":"crossref","unstructured":"Tschantz, M.C., Kaynar, D.K., Datta, A.: Formal verification of differential privacy for interactive systems. CoRR, abs\/1101.2819 (2011)","DOI":"10.1016\/j.entcs.2011.09.015"},{"key":"1_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-05089-3_1","volume-title":"FM 2009: Formal Methods","author":"M.C. Tschantz","year":"2009","unstructured":"Tschantz, M.C., Wing, J.M.: Formal methods for privacy. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol.\u00a05850, pp. 1\u201315. Springer, Heidelberg (2009)"},{"key":"1_CR59","doi-asserted-by":"crossref","unstructured":"Yu, T., Li, N., Ant\u00f3n, A.I.: A formal semantics for P3P. In: In Proceedings of the 2004 Workshop on Secure Web Service (SWS 2004), pp. 1\u20138 (2004)","DOI":"10.1145\/1111348.1111349"}],"container-title":["Lecture Notes in Computer Science","Privacy Technologies and Policy"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-06749-0_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,2]],"date-time":"2025-05-02T22:43:38Z","timestamp":1746225818000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-06749-0_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319067483","9783319067490"],"references-count":59,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-06749-0_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2014]]}}}