Ontology-Based Interactive Privacy Requirements Elicitation Method

No Thumbnail Available



Journal Title

Journal ISSN

Volume Title


Addis Ababa University


A major challenge in software engineering is to make users trust the software they use in their everyday activities. Trusting software depends on various elements, one of which is the protection of user privacy. Privacy is social, political, economic, technological and legal concepts that span across multiple discipline. Privacy requirements play a critical role in the personal information system. They should be considered since the early phases of system design. However, much of existing work on privacy requirements deals with them as security requirements, overlooking key aspects of privacy. Besides, privacy requirements are difficult to elicit, and manage due to the existence of immense challenges. Hence, there should be a systematic approach to elicit and manage privacy requirements. This thesis presents ontology-based interactive privacy requirements elicitation method that can help requirement engineers while eliciting privacy requirements in software development environment. It proposes core privacy ontology for privacy requirements engineering and an interactive privacy requirements elicitation method. We implemented the ontology, and developed an interactive environment (a tool) to facilitate the use of the ontology and to automate the method. The proposed ontology was evaluated by checking its completeness compared to other ontologies and its validity using competency questions. The results have demonstrated that the proposed ontology is complete and valid. Moreover, a controlled experiment was performed to evaluate usability of the ontology, the method and the tool. The results have demonstrated that the ontology covers the main privacy concepts, the method is efficient and easy to use, and the tool is friendly to use.



Privacy Ontology, Privacy Requirements, Requirements Elicitation, Requirements Engineering, Privacy by Design (Pbd)