Lightweight privacy threat modeling using LINDDUN

Track:Threat Model
When:Mon PM-2
OrganizersSteven Wierckx Steven Wierckx , Kim Wuyts Kim Wuyts
ParticipantsDaniel Kefer Daniel Kefer , Dinis Cruz Dinis Cruz , Florian Buetow Florian Buetow , Jim Newman Jim Newman , Martin Rock-Evans Martin Rock-Evans , Phil Winstanley Phil Winstanley , Sean Siford Sean Siford , Steven van der Baan Steven van der Baan , Tony Richards Tony Richards , Yan Kravchenko Yan Kravchenko , Zuhal Vargun Zuhal Vargun
Remote ParticipantsAvi Douglen Avi Douglen , Luis Servin Luis Servin , Senen Garcia Senen Garcia , Vinod Anandan Vinod Anandan


Privacy by design is important; it is even required by EU data protection legislation. It however goes beyond the quick fixes that are typically associated with it (e.g. consent for newsletters) and requires a thorough analysis upfront of potential privacy issues in the system. LINDDUN privacy threat modeling can aid the analyst in this process to systematically elicit and mitigate privacy threats in software architectures.


This session will be twofold. First, we will highlight the differences between privacy and security threat modeling, introduce privacy properties and provide an overview of the LINDDUN threat modeling framework. Second, we will dive into the ongoing LINDDUN privacy threat modeling research, including the lightweight application of LINDDUN.


Input for a lightweight application of privacy threat modeling

Register as participant

To register as participant add Lightweight privacy threat modeling using LINDDUN to either:

  1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
  2. or the participants metadata field from this git session page

Back to list of all Working Sessions