|
| 1 | += LINDDUN |
| 2 | +:categories: testing-quality |
| 3 | +:roles: software-architect, software-developer, qa-engineer, business-analyst, consultant, devops-engineer |
| 4 | +:related: owasp-top-10, regulated-environment |
| 5 | +:proponents: Kim Wuyts, Riccardo Scandariato, Wouter Joosen |
| 6 | +:tags: privacy, threat-modeling, privacy-engineering, GDPR, data-protection, threat-analysis, privacy-by-design |
| 7 | +:tier: 3 |
| 8 | + |
| 9 | +[%collapsible] |
| 10 | +==== |
| 11 | +Full Name:: LINDDUN Privacy Threat Modeling Framework |
| 12 | + |
| 13 | +Also known as:: LINDDUN GO, Privacy Threat Modeling, Privacy STRIDE |
| 14 | + |
| 15 | +[discrete] |
| 16 | +== *Core Concepts*: |
| 17 | + |
| 18 | +Linkability:: Attacker can link two items of interest (e.g., data items, messages, or actions) without knowing the identity of the data subject |
| 19 | + |
| 20 | +Identifiability:: Attacker can identify a data subject from a set of data subjects through items of interest |
| 21 | + |
| 22 | +Non-repudiation:: Data subject cannot deny having performed an action or having sent a message; system logs become a liability |
| 23 | + |
| 24 | +Detectability:: Attacker can deduce the existence or absence of a data item or communication, even without access to its content |
| 25 | + |
| 26 | +Disclosure of Information:: Unauthorized exposure of data to a party without the data subject's consent; classical confidentiality breach from a privacy perspective |
| 27 | + |
| 28 | +Unawareness:: Data subjects are not sufficiently informed about the collection, processing, storage, and sharing of their personal data; violates transparency principles |
| 29 | + |
| 30 | +Non-compliance:: System does not comply with privacy legislation, regulations, or organizational privacy policies (e.g., GDPR, CCPA, HIPAA) |
| 31 | + |
| 32 | +Key Proponents:: Kim Wuyts, Riccardo Scandariato, Wouter Joosen (KU Leuven / DistriNet Research Group, published 2014) |
| 33 | + |
| 34 | +[discrete] |
| 35 | +== *When to Use*: |
| 36 | + |
| 37 | +* Conducting privacy threat modeling during the design or architecture phase |
| 38 | +* Performing privacy impact assessments (PIA) or data protection impact assessments (DPIA) |
| 39 | +* Identifying privacy risks in systems that handle personal data |
| 40 | +* Evaluating compliance with GDPR, CCPA, HIPAA, and other privacy regulations |
| 41 | +* Integrating Privacy by Design into the software development lifecycle |
| 42 | +* Training development teams on privacy engineering concepts |
| 43 | + |
| 44 | +[discrete] |
| 45 | +== *Related Anchors*: |
| 46 | + |
| 47 | +* <<owasp-top-10,OWASP Top 10>> |
| 48 | +* <<regulated-environment,Regulated Environment>> |
| 49 | +==== |
0 commit comments