Developers’ mindset on self-adaptive privacy and its requirements for cloud computing environments | International Journal of Information Security
Skip to main content
Springer Nature Link
Log in

Developers’ mindset on self-adaptive privacy and its requirements for cloud computing environments

  • Survey
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Privacy design in cloud systems remains complex, with unclear processes and a mismatch between privacy engineering and cloud integration challenges. Developers play a pivotal yet underexplored role in this landscape. This study investigates developers’ perspectives on privacy, focusing on self-adaptive privacy in cloud environments. Through six(6) qualitative interviews with developers from Greece, Spain, and the UK, the study uncovers valuable insights into their challenges and perspectives, contributing to the establishment of actionable privacy goals and a taxonomy of self-adaptive privacy requirements. The findings underscore the need for clearer guidance and actionable insights for developers to enhance privacy practices in cloud development.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Data availibility

All research data have been anonymized. This study does not report any data.

References

  1. Takabi, H., Joshi, J.B., Ahn, G.J.: Security and privacy challenges in cloud computing environments. IEEE Security Privacy Magazine 8(6), 24 (2010). https://doi.org/10.1109/msp.2010.186

    Article  Google Scholar 

  2. Cook, A., Robinson, M., Ferrag, M.A., Maglaras, L.A., He, Y., Jones, K., Janicke, H.: Internet of cloud: security and privacy issues, pp. 271–301. Springer, Berlin (2018). https://doi.org/10.1007/978-3-319-73676-1_11

    Book  Google Scholar 

  3. Kaiser, C., Stocker, A., Festl, A., Petrovic, M., Papatheocharous, E., Wallberg, A., Ezquerro, G., Orbe, J., Szilagyi, T., Fellmann, M.: A vehicle telematics service for driving style detection: Implementation and privacy challenges. In: Proceedings of the 6th International Conference on Vehicle Technology and Intelligent Transport Systems (SCITEPRESS - Science and Technology Publications, 2020).https://doi.org/10.5220/0009329400290036

  4. Islam, S., Mouratidis, H., Weippl, E.R.: A Goal-Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud-Based System (IGI Global, 2013), pp. 97–122. https://doi.org/10.4018/978-1-4666-2125-1.ch006

  5. Poisel, R., Tjoa, S.: Discussion on the challenges and opportunities of cloud forensics, pp. 593–608. Springer, Berlin Heidelberg (2012). https://doi.org/10.1007/978-3-642-32498-7_45

    Book  Google Scholar 

  6. Razaque, A., Rizvi, S.S.: Triangular data privacy - preserving model for authenticating all key stakeholders in a cloud environment. Comput. Security 62, 328 (2016). https://doi.org/10.1016/j.cose.2016.08.006

    Article  Google Scholar 

  7. Omoronyia, I.: Reasoning with imprecise privacy preferences. In: Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering (ACM, 2016), FSE’16. https://doi.org/10.1145/2950290.2983982

  8. Kalloniatis, C.: Incorporating privacy in the design of cloud-based systems: a conceptual meta-model. Information Comput. Security 25(5), 614 (2017). https://doi.org/10.1108/ics-06-2016-0044

    Article  Google Scholar 

  9. Bennaceur, A., McCormick, C., GalÃin, J.G., Perera, C., Smith, A., Zisman, A., Nuseibeh, B.: Feed me, feed me: an exemplar for engineering adaptive software. In: Proceedings of the 11th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (ACM, 2016), ICSE’16. https://doi.org/10.1145/2897053.2897071

  10. Pearson, S.: Taking account of privacy when designing cloud computing services. In: 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing (IEEE, 2009). https://doi.org/10.1109/cloud.2009.5071532

  11. Kalloniatis, C., Mouratidis, H., Vassilis, M., Islam, S., Gritzalis, S., Kavakli, E.: Towards the design of secure and privacy-oriented information systems in the cloud: Identifying the major concepts. Comput. Standards Interfaces 36(4), 759 (2014). https://doi.org/10.1016/j.csi.2013.12.010

    Article  Google Scholar 

  12. Ibrahim, F.A.M., Hemayed, E.E.: Trusted cloud computing architectures for infrastructure as a service: Survey and systematic literature review. Comput. Security 82, 196 (2019). https://doi.org/10.1016/j.cose.2018.12.014

    Article  Google Scholar 

  13. Kalloniatis, C.: Increasing internet users trust in the cloud computing era: The role of privacy. J. Mass Commun. J. (2016). https://doi.org/10.4172/2165-7912.1000306

    Article  Google Scholar 

  14. Zubcoff, J., Garrigós, I., Casteleyn, S., Mazón, J.N., Aguilar, J.A., Gomariz-Castillo, F.: Evaluating different i*-based approaches for selecting functional requirements while balancing and optimizing non-functional requirements: A controlled experiment. Information Softw. Technol. 106, 68 (2019). https://doi.org/10.1016/j.infsof.2018.09.004

    Article  Google Scholar 

  15. Alhirabi, N., Rana, O., Perera, C.: Security and privacy requirements for the internet of things: a survey. ACM Trans. Internet Things 2(1), 1 (2021). https://doi.org/10.1145/3437537

    Article  Google Scholar 

  16. Shanaa, W., Spier, S., Tenbergen, B.: A case study into the development process of cyber physical systems. In: REFSQ Workshops (2017). https://api.semanticscholar.org/CorpusID:18845104

  17. Mbanaso, U.M., Chukwudebe, G.A.: Requirement analysis of iot security in distributed systems. In: 2017 IEEE 3rd International Conference on Electro-Technology for National Development (NIGERCON) (IEEE, 2017). https://doi.org/10.1109/nigercon.2017.8281945

  18. Li, T.: Privacy annotations: Designing privacy support for developers. In: Ph.D. thesis, Human-Computer Interaction Institute, Carnegie Mellon University (2023). http://reports-archive.adm.cs.cmu.edu/anon/hcii/CMU-HCII-22-107.pdf

  19. Namara, M., Sloan, H., Knijnenburg, B.P.: The effectiveness of adaptation methods in improving user engagement and privacy protection on social network sites. Proc. Privacy Enhancing Technol. 2022(1), 629 (2021). https://doi.org/10.2478/popets-2022-0031

    Article  Google Scholar 

  20. Sanchez, O.R., Torre, I., He, Y., Knijnenburg, B.P.: A recommendation approach for user privacy preferences in the fitness domain. User Modeli. User-Adapted Interaction 30(3), 513 (2019). https://doi.org/10.1007/s11257-019-09246-3

    Article  Google Scholar 

  21. Kitsiou, A., Pantelelis, M., Mavroeidi, A.G., Sideri, M., Simou, S., Vgena, A., Tzortzaki, E., Kalloniatis, C.: Self-adaptive privacy in cloud computing: An overview under an interdisciplinary spectrum. In: Proceedings of the 26th Pan-Hellenic Conference on Informatics (ACM, 2022), PCI 2022. https://doi.org/10.1145/3575879.3575968

  22. Kitsiou, A., Tzortzaki, E., Kalloniatis, C., Gritzalis, S.: Identifying privacy related requirements for the design of self-adaptive privacy protections schemes in social networks. Future Internet 13(2), 23 (2021). https://doi.org/10.3390/fi13020023

    Article  Google Scholar 

  23. Vu, X.S., Jiang, L.: Self-adaptive Privacy Concern Detection for User-Generated Content, pp. 153–167. Springer, Berlin (2023). https://doi.org/10.1007/978-3-031-23793-5_14

    Book  Google Scholar 

  24. Wong, R.Y., Mulligan, D.K., Van Wyk, E., Pierce, J., Chuang, J.: Eliciting values reflections by engaging privacy futures using design workbooks. In: Proceedings of the ACM on Human-Computer Interaction 1(CSCW), 1 (2017). https://doi.org/10.1145/3134746

  25. Collier, B., Stewart, J.: Privacy worlds: exploring values and design in the development of the tor anonymity network. Sci. Technol. Human Values 47(5), 910 (2021). https://doi.org/10.1177/01622439211039019

    Article  Google Scholar 

  26. Sanderson, C., Douglas, D., Lu, Q., Schleiger, E., Whittle, J., Lacey, J., Newnham, G., Hajkowicz, S., Robinson, C., Hansen, D.: Ai ethics principles in practice: Perspectives of designers and developers. IEEE Trans. Technol. Soc. 4(2), 171 (2023). https://doi.org/10.1109/tts.2023.3257303

    Article  Google Scholar 

  27. Hasson, T.: Examining Information Systems Developers’ Perceptions of Privacy (University of Haifa (Israel), 2014)

  28. Adams, D., Bah, A., Barwulor, C., Musaby, N., Pitkin, K., Redmiles, E.M.: Ethics emerging: the story of privacy and security perceptions in virtual reality. In: Fourteenth Symposium on Usable Privacy and Security (SOUPS 2018) (2018), pp. 427–442

  29. Hadar, I., Hasson, T., Ayalon, O., Toch, E., Birnhack, M., Sherman, S., Balissa, A.: Privacy by designers: software developers’ privacy mindset. Empirical Software Eng. 23(1), 259 (2017). https://doi.org/10.1007/s10664-017-9517-1

    Article  Google Scholar 

  30. Bednar, K., Spiekermann, S., Langheinrich, M.: Engineering privacy by design: Are engineers ready to live up to the challenge? Information Soc. 35(3), 122 (2019). https://doi.org/10.1080/01972243.2019.1583296

    Article  Google Scholar 

  31. Ervik, S.: Privacy by design applied in practice and the consequences for system developers (2019). https://doi.org/10.7275/z6fm-2e34

  32. Horstmann, S.A., Domiks, S., Gutfleisch, M., Tran, M., Acar, Y., Moonsamy, V., Naiakshina, A.: “those things are written by lawyers, and programmers are reading that.” mapping the communication gap between software developers and privacy experts. In: Proceedings on Privacy Enhancing Technologies 2024(1), 151 (2024). https://doi.org/10.56553/popets-2024-0010

  33. Ayalon, O., Toch, E., Hadar, I., Birnhack, M.: How developers make design decisions about users’ privacy: The place of professional communities and organizational climate. In: Companion of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing (ACM, 2017), CSCW ’17. https://doi.org/10.1145/3022198.3026326

  34. Mariana, P., Dayse, F., Mateus, C., Carla, S., Jéssyka, V., João, A., Tony, G.: On understanding how developers perceive and interpret privacy requirements research preview, pp. 116–123. Springer, Berlin (2020). https://doi.org/10.1007/978-3-030-44429-7_8

    Book  Google Scholar 

  35. Tahaei, M., Frik, A., Vaniea, K.: Privacy champions in software teams: Understanding their motivations, strategies, and challenges. In: Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems (ACM, 2021), CHI ’21. https://doi.org/10.1145/3411764.3445768

  36. Iwaya, L.H., Babar, M.A., Rashid, A.: Privacy engineering in the wild: understanding the practitioners’ mindset, organizational aspects, and current practices. IEEE Trans. Software Eng. 49(9), 4324 (2023). https://doi.org/10.1109/tse.2023.3290237

    Article  Google Scholar 

  37. Issari, P., Pourkos, M.: in Qualitative research methodology (Kallipos, Open Academic Publications, 2015), pp. 96–114. https://hdl.handle.net/11419/5821. (in Greek)

  38. Creswell, J.: Educational Research: Planning, Conducting, and Evaluating Quantitative and Qualitative Research. Educational Research: Planning, Conducting, and Evaluating Quantitative and Qualitative Research (Pearson, 2012). https://books.google.gr/books?id=1bk3YgEACAAJ

  39. Robson, C.: Real-world research: a means for social scientists and professional researchers. Gutenberg, Athens (2010)

    Google Scholar 

  40. Horton, J., Macve, R., Struyven, G.: Qualitative research: experiences in using semi-structured interviews, pp. 339–357. Elsevier, Amsterdam (2004). https://doi.org/10.1016/b978-008043972-3/50022-0

    Book  Google Scholar 

  41. Kitsiou, A., Tzortzaki, E., Kalloniatis, C., Gritzalis, S.: Self adaptive privacy in cloud computing environments: identifying the major socio-technical concepts, pp. 117–132. Springer, Berlin (2020). https://doi.org/10.1007/978-3-030-64330-0_8

    Book  Google Scholar 

  42. Kitsiou, A., Tzortzaki, E., Kalloniatis, C., Gritzalis, S.: Towards an integrated socio-technical approach for designing adaptive privacy aware services in cloud computing, pp. 9–32. Elsevier, Amsterdam (2020). https://doi.org/10.1016/b978-0-12-819204-7.00002-6

    Book  Google Scholar 

  43. Babbie, E.R.: The practice of social research (Cengage AU, 2020)

  44. Delbru, R., Campinas, S., Tummarello, G.: Searching web data: An entity retrieval and high-performance indexing model. J. Web Semantics 10, 33 (2012). https://doi.org/10.1016/j.websem.2011.04.004

  45. Braun, V., Clarke, V.: Using thematic analysis in psychology. Qualitative Res. Psychol. 3(2), 77 (2006). https://doi.org/10.1191/1478088706qp063oa

    Article  Google Scholar 

  46. Mason, J.: Qualitative Researching. Sage Publications, London, Thousand Oaks and New Delhi (2002)

    Google Scholar 

  47. Vamvoukas, M.: Introduction to pshycopaidagogic research and methodology. Grigoris, Athens (2010). ((in Greek))

    Google Scholar 

  48. Tsiolis, G.: Methods and techniques of analysis in qualitative social research. Kritiki, Athens (2014). ((in Greek))

    Google Scholar 

  49. Stemler, S.: An overview of content analysis (University of Massachusetts Amherst, 2000). https://doi.org/10.7275/Z6FM-2E34

  50. Fairclough, N.: Critical discourse analysis. The critical study of language. Longman, London (1995)

    Google Scholar 

  51. Van Dijk, T.A.: Ideology: A multidisciplinary approach, Ideology pp. 1–384 (1998)

  52. Guizzardi, G., Wagner, G., Almeida, J.P.A., Guizzardi, R.: Towards ontological foundations for conceptual modeling: The unified foundational ontology (ufo) story. Appl. Ontol. 10, 259 (2015)

    Article  Google Scholar 

  53. Kutzner, K., Schoormann, T., Knackstedt, R.: Digital transformation in information systems research: a taxonomy-based approach to structure the field. In: European Conference on Information Systems (2018). https://api.semanticscholar.org/CorpusID:56149011

  54. Oberländer, A.M., Lösser, B., Rau, D.: Taxonomy research in information systems: a systematic assessment. In: 27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019, Stockholm and Uppsala, Sweden, June 8-14, 2019, ed. by J. vom Brocke, S. Gregor, O.M. 0001 (2019). https://aisel.aisnet.org/ecis2019_rp/144

  55. Nickerson, R.C., Varshney, U., Muntermann, J.: A method for taxonomy development and its application in information systems. Eur. J. Information Syst. 22, 336 (2013)

    Article  Google Scholar 

  56. Boteju, M., Ranbaduge, T., Vatsalan, D., Arachchilage, N.A.G.: Sok: Demystifying privacy enhancing technologies through the lens of software developers (2024). https://doi.org/10.48550/ARXIV.2401.00879

  57. Runeson, P., Höst, M.: Guidelines for conducting and reporting case study research in software engineering. Empirical Software Eng. 14(2), 131 (2008). https://doi.org/10.1007/s10664-008-9102-8

Download references

Funding

The research project was supported by the Hellenic Foundation for Research and Innovation(H.F.R.I.) under the ‘2nd Call for H.F.R.I. Research Projects to support Faculty Members & Researchers’ (Project Number: 2550).

figure a

Author information

Authors and Affiliations

  1. Privacy Engineering and Social Informatics Laboratory, Department of Cultural Technology and Communication, University of the Aegean, Mytilene, Greece

    Angeliki Kitsiou, Maria Sideri, Michail Pantelelis, Stavros Simou, Aikaterini–Georgia Mavroeidi, Katerina Vgena, Eleni Tzortzaki & Christos Kalloniatis

Authors
  1. Angeliki Kitsiou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maria Sideri
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michail Pantelelis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Stavros Simou
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Aikaterini–Georgia Mavroeidi
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Katerina Vgena
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Eleni Tzortzaki
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Christos Kalloniatis
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

M.S., K.M., E.T. and K.V. contributed on writing of the original draft and the visualization of the work. M.P. and S.S. contributed in the research elaboration and the analysis of the work. A.K. contributed in the conceptualization of the idea as well as in supervision and writing-review and editing, and C.K. contributed in the supervision and writing-review and editing of the paper. All authors have read and agreed to the published version of the manuscript.

Corresponding author

Correspondence to Angeliki Kitsiou.

Ethics declarations

Conflict of interest

The authors declare no Conflict of interest.

Compliance with Ethical Standards

All procedures performed in studies involving human participants were in accordance with the ethical standards of the University of the Aegean institutional research committee. Informed consent was obtained from all individual participants involved in the study.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Apendix: Interview guide

Apendix: Interview guide

In this appendix we outline the interview layout we followed for our research. The main objective is to define software developers’representations regarding the technical requirements and the related info needed. We intend to reveal the developers perspective for privacy requirements regarding privacy into CCEs. Each section summarizes the concept to be discussed to reveal the interviewee’ s awareness of the subject as well as how this is utilized in their day to day job. Interviews were conducted by two interviewers, with social and technical background respectively.

1.1 Introduction

This interview is entitled: An Integrated Socio-technical approach for Self Adaptive Privacy Requirements Identification within Cloud Computing Environments (Cloud-InSPiRe) and is part of the Hellenic Foundation for Research and Innovation funded project Cloud-InSPiRe.

This project proposes that an interdisciplinary socio- technical approach should be followed, indicating a three-layered (social, software, infrastructure) requirements’ examination within CCEs in order for the self adaptive privacy related requirements to be identified.

Self-Adaptive privacy aims at protecting users’privacy, through the development of holistic user models that pay attention to their socio-contextual and technological frames of action.

1.2 Interview sections

  1. 1.

    Introduction

  2. 2.

    Self description and duties

  3. 3.

    Infrastructure Aspects

  4. 4.

    Software Aspects

  5. 5.

    Further discussion

1.2.1 Introduction

Description of the purpose of this interview, how it will be used, and interviewee consent.

  1. 1.

    The interview will be recorded.

  2. 2.

    Anonymity will be preserved.

1.2.2 Self description and duties

This section aims to identify educational and professional background of the interviewee and the context of the organizations they work for:

  1. 1.

    who is the interviewee

  2. 2.

    educational background

  3. 3.

    professional experience

  4. 4.

    current position and employment

  5. 5.

    description of current employer

  6. 6.

    duties within current employment

1.2.3 Infrastructure aspects

Previous literature has shown the failure of CCEs’ provided privacy features, resulting in the dissatisfaction of both social and privacy technical requirements. The privacy risks are introduced as the main concept that should be examined. Privacy risks derive from the CCEs’ technical features and the resources that support users’privacy preferences and software deployment.

  1. 1.

    Which type of cloud is being actively used and for what purpose (IaaS, PaaS, SaaS, Public, Private, Hybrid)

    1. (a)

      Identity management

    2. (b)

      Databases

    3. (c)

      Queues and Event Stores

    4. (d)

      Networking

    5. (e)

      Virtual Machines and Containers

    6. (f)

      Backups

  2. 2.

    Do you focus on trust and transparency to develop a policy approach or a framework in cloud environments (refer to 4 below)

  3. 3.

    Do you take under consideration the trust, transparency, isolation and other requirements concerning privacy (e.g. Isolation, Provenanceability, Traceabillity, Interveanability, CSA Accountability, Anonymity, Pseudonymity, Unlinkability, Undetectability and Unobservability) in the applications you use. For example cloud providers use some properties (data isolation if you use VMs, accountability for the users, anonymity...). Do you use any of them or do you feel is mandatory for the providers to have any of them in the platforms you use (refer to item 4 below)? What about in relation to cloud providers and third parties?

  4. 4.

    SLA between users and providers, services SLA, ISO 27001

  5. 5.

    What is the interoperability with other systems? (Discuss if the network infrastructure can meet the basic interoperable expectations and functionalities concerning security, privacy, and reliability (that emerge every time and to follow the seven ‘ Laws of Identity’, which include user consents for their identification, system’s provision of the minimum PII for a transaction, and high levels of reliability between the user and the system))

1.2.4 Software aspects

In the project we are discussing we want to examine the process (in theoretical manner) on how to implement a system that privacy preferences are adaptive. It is a research question and we already know that the companies cannot implement it due to the fact it is a new and difficult concept but we want to talk with software developments and engineers to hear what they think about the idea and to see the range of the applications they use so far in order to understand companies’awareness. In this context and since we already know that you use the cloud and have a number of applications on it, we want to have a conversation to have your point of view on our system.

PbD is taking under consideration data protection through the technology design. That means it should be integrated in the technology when created, at the early stages of the design process. Do you take any measures for this?

  1. 1.

    What Kind of products do you develop? Products with non-sensitive data or products with sensitive and personal information?

  2. 2.

    What is your software development process? Are you using an agile methodology or something else (DevOps deployment, Waterfall development, Rapid application development)?

  3. 3.

    (Once you have this development process) how do you overview your junior developers so that they follow the processes? Do you contact code reviews and approve when we write code, is there anyone to review the code-check control, pull requests or automatically (are you using any tools to search for vulnerabilities, security issues, etc.), audit source code?

  4. 4.

    Do you have a mechanism, tools or processes to support and protect personal identified information-PII (authorization, audit, restrictions, backups)? How do you handle them? If so did or do you have any issues

  5. 5.

    Do you have any problems in relation to the methodologies you use for privacy?

  6. 6.

    Who sets the requirements especially regarding privacy (is it a process in the company, set by the development)?

  7. 7.

    Are you aware of any methodologies such as: LINDDUN, SQUARE, PriS, RBAC, Secure Tropos, PriS, STRAP, i* method, EPICUREAN,COPri, extended version of PriS?

  8. 8.

    Do you follow security advisories (do you use monitoring, do you have a development process to explain the steps in order to include a security advisory)?

  9. 9.

    Do you take under consideration the users’privacy needs? Depending on the users’preferences is there any system or technology that take under consideration users’privacy requirements or is there a recommendation system to select information by the users for their privacy references they want? This applies to any project you have (wherever applicable).

  10. 10.

    Do you provide to users adequate opportunities to express preferences and give feedback in relation to the justification and the findings of privacy settings adjustment?

  11. 11.

    Do you offer to users with the possibility of selective information disclosure, by providing the context and the control level over the information they want to reveal? (by performing: a) monitoring, b) analysis, c) design d) implementation, utilizing framework models-identifying user’ s environment and interconnections as well as their role in the system- and behavioral models, in order to identify features to control, detect threats before data disclosure and calculate users’benefit in comparison to data disclosure cost).

  12. 12.

    In order for users to utilize their services, which information disclosures are required due to the system’s privacy settings? Do you take under consideration users’social characteristics, aspects and needs and if not would you tell us what can be done?

  13. 13.

    Do you know what is GDPR? Do you handle information according to GDPR?

  14. 14.

    We have noticed that privacy references are related with the compliance. If you develop and provide services to consumers you will have a number of issues. Do you believe that this kind of system we are trying to develop ensures the compliance? On our point of view we believe the compliance is ensured. How do you cope the compliance with present technologies? Do you believe this system will be useful to you or can be assisted?

  15. 15.

    How do they handle the unwanted access to personal information, the over-collection of personal information, the unapproved secondary use of personal information, as well as the errors that are made regarding the collection of personal information which constitute faces of the online privacy issues?

  16. 16.

    Have they applied any form of self-adaptive privacy solutions?

1.2.5 Further discussion

  1. 1.

    Ideally what would make their job easier regarding privacy requirements

  2. 2.

    Did they have any privacy incidents and how easy it was to respond

  3. 3.

    Social identity (the feeling of belonging to an online community and the identification of self-concept within it, main characteristics of the social identity are (1) multiplicity and (2) intersectionality)

  4. 4.

    Discuss whether social identity indicates how users define their behavior, based on social attributes that express their self-inclusive social categories and their personal idiosyncratic attitudes

  5. 5.

    Discuss whether social capital or identity affects the balance among users’social interaction and privacy needs, indicating why users are willing to disclose personal information within CCEs.

  6. 6.

    Discuss whether privacy is not just a personal matter, which depends on users’options, but it constitutes a social dynamic and ongoing process, by which users balance among their social needs and their needs for privacy

  7. 7.

    Discuss that users’social norms reflect also the reciprocal arrangements of the community they belong, depending on their specific context

  8. 8.

    Discuss individuals’right to remain anonymous and untraceable.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kitsiou, A., Sideri, M., Pantelelis, M. et al. Developers’ mindset on self-adaptive privacy and its requirements for cloud computing environments. Int. J. Inf. Secur. 24, 38 (2025). https://doi.org/10.1007/s10207-024-00943-8

Download citation

  • Published:

  • DOI: https://doi.org/10.1007/s10207-024-00943-8

Keywords

Search

Navigation