Abstract

Engineering privacy-friendly systems requires first assessing privacy threats and then selecting privacy-enhancing technologies (PETs) to mitigate the threats. While well-established methods such as LINDDUN support threat assessment, systematic approaches for PET selection remain underdeveloped. This paper presents our experience applying three such approaches to a realistic robotaxi use case. Although each method has been validated by its respective authors on simple use cases, we found that none could adequately support PET selection in our complex, real-world scenario. As a result, we also explored a pragmatic approach based on Hoepman’s privacy strategies. By analyzing the strengths and limitations of these approaches, we identify key challenges that PET selection methodologies should address and provide recommendations to guide the future development of such methodologies.

Date

2025

Authors

Ala’a Al-Momani, David Balenson, Christoph Bösch, Zoltán Ádám Mann, Sebastian Pape, Jonathan Petit

Book

European Symposium on Research in Computer Security

Pages

154-170

Publisher

Springer Nature Switzerland