Analysing and Extending Privacy Patterns with Architectural Context

Privacy is now an increasingly important software quality. Software architects and developers should consider privacy from the early stages of system design to prevent privacy breaches. Both industry and academia have proposed privacy patterns as reusable design solutions to address common privacy problems. However, from the system development perspective, the existing privacy patterns do not provide architectural context to assist software design for privacy. More specifically, the current privacy patterns lack proper analysis with regards to privacy properties - the well-established software traits relating to privacy (e.g., unlinkability, identifiability). Furthermore, the impacts of privacy patterns on other quality attributes such as performance are yet to be investigated. Our paper aims to provide guidance to software architects and developers for considering privacy patterns, by adding new perspectives to the existing privacy patterns. First, we provide a new structural and interaction view of the patterns by relating privacy regulation contexts. Then, we analyse the patterns in architectural contexts and map available privacy-preserving techniques for implementing each privacy pattern. We also give an analysis of privacy patterns with regard to their impact on privacy properties, and the trade-off between privacy and other quality attributes.