Perceptions of ICT Practitioners Regarding Software Privacy

During software development activities, it is important for Information and Communication Technology (ICT) practitioners to know and understand practices and guidelines regarding information privacy, as software requirements must comply with data privacy laws and members of development teams should know current legislation related to the protection of personal data. In order to gain a better understanding on how industry ICT practitioners perceive the practical relevance of software privacy and privacy requirements and how these professionals are implementing data privacy concepts, we conducted a survey with ICT practitioners from software development organizations to get an overview of how these professionals are implementing data privacy concepts during software design. We performed a systematic literature review to identify related works with software privacy and privacy requirements and what methodologies and techniques are used to specify them. In addition, we conducted a survey with ICT practitioners from different organizations. Findings revealed that ICT practitioners lack a comprehensive knowledge of software privacy and privacy requirements and the Brazilian General Data Protection Law (Lei Geral de Proteção de Dados Pessoais, LGPD, in Portuguese), nor they are able to work with the laws and guidelines governing data privacy. Organizations are demanded to define an approach to contextualize ICT practitioners with the importance of knowledge of software privacy and privacy requirements, as well as to address them during software development, since LGPD must change the way teams work, as a number of features and controls regarding consent, documentation, and privacy accountability will be required.

GPAS - Graphical Password Authentication System for Software Privacy Protection

Now daily's larger part of PC frameworks, passwords is the technique for decision for validating clients. A procedure by which a framework confirms the personality of a client is known as 'Confirmation'. Confirmation may likewise be summed up by saying that "to validate" signifies "to approve". Confirmation is the main line of resistance against trading off classification and uprightness. The most generally and normally utilized confirmation is conventional "Username" and "Secret phrase". For such verification by and large content (alphanumeric) is utilized. It is outstanding, in any case, that passwords are defenseless to assault: clients will in general pick passwords that are anything but difficult to recollect, and regularly this implies they are likewise simple for an assailant to get via hunting down hopeful passwords. Token and biometric based validation frameworks were presented as an option for those plans. Be that as it may, these plans are all around expensive. Consequently, Graphical plan was acquainted as a variety with the login/secret key plan. In this paper we investigate a way to deal with client confirmation that sums up the idea of a literary secret key and that, as a rule, improves the security of client verification over that given by printed passwords. In this proposed framework we have utilized another system for confirmation. It is a variety to the login/secret phrase plan utilizing graphical secret phrase utilized in a graphical way. We have presented a structure of our proposed Graphical Password Authentication System (GPAS), which is resistant to the basic assaults endured by other confirmation plans.