{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,20]],"date-time":"2026-02-20T11:48:41Z","timestamp":1771588121917,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,4,8]],"date-time":"2019-04-08T00:00:00Z","timestamp":1554681600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100010648","name":"KU Leuven","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100010648","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,4,8]]},"DOI":"10.1145\/3297280.3297595","type":"proceedings-article","created":{"date-parts":[[2019,5,1]],"date-time":"2019-05-01T12:18:47Z","timestamp":1556713127000},"page":"1512-1515","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["A comparison of system description models for data protection by design"],"prefix":"10.1145","author":[{"given":"Pierre","family":"Dewitte","sequence":"first","affiliation":[{"name":"imec-CiTiP, KU Leuven"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kim","family":"Wuyts","sequence":"additional","affiliation":[{"name":"imec-DistriNet, KU Leuven"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Laurens","family":"Sion","sequence":"additional","affiliation":[{"name":"imec-DistriNet, KU Leuven"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dimitri","family":"Van Landuyt","sequence":"additional","affiliation":[{"name":"imec-DistriNet, KU Leuven"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ivo","family":"Emanuilov","sequence":"additional","affiliation":[{"name":"imec-CiTiP, KU Leuven"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peggy","family":"Valcke","sequence":"additional","affiliation":[{"name":"imec-CiTiP, KU Leuven"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wouter","family":"Joosen","sequence":"additional","affiliation":[{"name":"imec-DistriNet, KU Leuven"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2019,4,8]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Agencia Espa\u00f1ola de protecci\u00f3n de datos (AEPD). 2018. Gu\u00eda pr\u00e1ctica para las Evaluaciones de Impacto en la Protecci\u00f3n de los datos sujetas al RGPD. https:\/\/iapp.org\/media\/pdf\/resource_center\/Guia_EvaluacionesImpacto.pdf"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3167132.3167256"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3122823"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3167132.3167288"},{"key":"e_1_3_2_1_5_1","volume-title":"Alexandr Garaga, Ronald Leenes, Rodney Mhungu, Siani Pearson, Chris Reed, Anderson Santana de Oliveira, Dimitra Stefanatou, Katerina Tetrimida, and Asma Vranaki.","author":"Alnemr Rehab","year":"2016","unstructured":"Rehab Alnemr, Erdal Cayirci, Lorenzo Dalla Corte, Alexandr Garaga, Ronald Leenes, Rodney Mhungu, Siani Pearson, Chris Reed, Anderson Santana de Oliveira, Dimitra Stefanatou, Katerina Tetrimida, and Asma Vranaki. 2016. A Data Protection Impact Assessment Methodology for Cloud. In Privacy Technologies and Policy. Springer."},{"key":"e_1_3_2_1_6_1","volume-title":"A privacy-aware conceptual model for handling personal data. 9952 LNCS","author":"Antignac Thibaud","year":"2016","unstructured":"Thibaud Antignac, Riccardo Scandariato, and Gerardo Schneider. 2016. A privacy-aware conceptual model for handling personal data. 9952 LNCS (2016)."},{"key":"e_1_3_2_1_7_1","unstructured":"Article 29 Data Protection Working Party. 2017. Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is \"likely to result in a high risk\" for the purposes of Regulation 2016\/679 (WP248 rev.01). (2017)."},{"key":"e_1_3_2_1_8_1","unstructured":"Authorit\u00e9 de Protection des Donn\u00e9es (APD). 2018. Mod\u00e8le de registre des activit\u00e9s de traitement. https:\/\/www.autoriteprotectiondonnees.be\/canevas-de-registre-des-activites-de-traitement"},{"key":"e_1_3_2_1_9_1","unstructured":"Authorit\u00e9 de Protection des Donn\u00e9es (APD). 2018. Recommandation n\u00b0 01\/2018 du 28 f\u00e9vrier 2018 concernant l'analyse d'impact relative \u00e0 la protection des donn\u00e9es et la consultation pr\u00e9alable. https:\/\/www.autoriteprotectiondonnees.be\/sites\/privacycommission\/files\/documents\/recommandation_01_2018.pdf"},{"key":"e_1_3_2_1_10_1","volume-title":"Privacy Technologies and Policy","author":"Bieker Felix","unstructured":"Felix Bieker, Michael Friedewald, Marit Hansen, Hannah Obersteller, and Martin Rost. 2016. A Process for Data Protection Impact Assessment Under the European General Data Protection Regulation. In Privacy Technologies and Policy. Springer."},{"key":"e_1_3_2_1_11_1","unstructured":"Commission Nationale de l'Informatique et des Libert\u00e9s. 2018. Privacy Impact Assessment (PIA). https:\/\/www.cnil.fr\/en\/privacy-impact-assessment-pia"},{"key":"e_1_3_2_1_12_1","unstructured":"Commission Nationale de l'Informatique et des Libert\u00e9s. 2018. The open source PIA software helps to carry out data protection impact assesment. https:\/\/www.cnil.fr\/en\/open-source-pia-software-helps-carry-out-data-protection-impact-assesment"},{"key":"e_1_3_2_1_13_1","volume-title":"Microsoft Threat Modeling Tool","author":"Microsoft Corporation","year":"2016","unstructured":"Microsoft Corporation. 2016. Microsoft Threat Modeling Tool 2016. https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=49168"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.5555\/1102012"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00766-010-0115-7"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5555\/3059279.3059284"},{"key":"e_1_3_2_1_17_1","first-page":"119","article-title":"Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016","author":"Union European","year":"2016","unstructured":"European Union. 2016. Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016. OJ L 119, 04.05.2016, p. 1--88. Official Journal of the European Union 59, L 119 (may 2016), 1--88.","journal-title":"OJ"},{"key":"e_1_3_2_1_18_1","volume-title":"Polyzos","author":"Fotiou Nikos","year":"2014","unstructured":"Nikos Fotiou, Somaya Arianfar, Mikko S\u00e4rel\u00e4, and George C. Polyzos. 2014. A Framework for Privacy Analysis of ICN Architectures. In Privacy Technologies and Policy. Springer International Publishing, Cham, 117--132."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.clsr.2017.12.003"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","unstructured":"Michael Howard and Steve Lipner. 2006. The Security Development Lifecycle.","DOI":"10.5555\/1202957"},{"key":"e_1_3_2_1_21_1","volume-title":"Writing Secure Code","author":"Howard Michael","unstructured":"Michael Howard and Steve Lipner. 2009. Writing Secure Code, Second Edition."},{"key":"e_1_3_2_1_22_1","unstructured":"International Commissioner's Office (ICO). 2018. How do we carry out a DPIA? https:\/\/ico.org.uk\/for-organisations\/guide-to-the-general-data-protection-regulation-gdpr\/data-protection-impact-assessments-dpias\/how-do-we-carry-out-a-dpia\/"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/52.469759"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1057\/ejis.2013.18"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","unstructured":"Ian Oliver. 2014. Privacy engineering: A dataflow and ontological approach.","DOI":"10.5555\/2686009"},{"key":"e_1_3_2_1_26_1","unstructured":"Mushfiqur Rahman. 2017. A Petri Nets Semantics for Privacy-Aware Data Flow Diagrams. (2017)."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.5555\/2829295"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3194707.3194710"},{"key":"e_1_3_2_1_29_1","unstructured":"Unabh\u00e4ngiges Landeszentrum f\u00fcr Datenschutz (ULD). 2017. The Standard Data Protection Model: A concept for inspection and consultation on the basis of unified protection goals. https:\/\/www.datenschutzzentrum.de\/uploads\/sdm\/SDM-Methodology_V1.0.pdf"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1080\/13511610.2013.761748"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1080\/01972243.2013.825687"}],"event":{"name":"SAC '19: The 34th ACM\/SIGAPP Symposium on Applied Computing","location":"Limassol Cyprus","acronym":"SAC '19","sponsor":["SIGAPP ACM Special Interest Group on Applied Computing"]},"container-title":["Proceedings of the 34th ACM\/SIGAPP Symposium on Applied Computing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3297280.3297595","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3297280.3297595","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:54:20Z","timestamp":1750204460000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3297280.3297595"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,4,8]]},"references-count":31,"alternative-id":["10.1145\/3297280.3297595","10.1145\/3297280"],"URL":"https:\/\/doi.org\/10.1145\/3297280.3297595","relation":{},"subject":[],"published":{"date-parts":[[2019,4,8]]},"assertion":[{"value":"2019-04-08","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}