Privacy Threat Knowledge Support
Reasoning about privacy issues in software systems
Before you can start reasoning about potential privacy threats in software systems, you need to understand what privacy is all about. Enter LINDDUN.
LINDDUN provides privacy knowledge support to help you reason about privacy concerns in a systematic and structured way. This knowledge is structured according to the 7 main threat types captured in the acronym LINDDUN. These concepts help you investigate a wide range of complex privacy design issues.
The detailed threat knowledge can be consulted in various forms catered towards different audiences.
PRIVACY THREAT KNOWLEDGE SUPPORT
LINDDUN’s threat knowledge base consists of a comprehensive and detailed description of key privacy threat characteristics, enriched with practical information: key examples, elicitation questions, impact information, elicitation criteria for various elicitation methods… It’s the foundation upon which all LINDDUN methods build to support a variety of threat modeling approaches with varying degrees of thoroughness and comprehensiveness.
The knowledge is available here in various forms, targeted to various users.
Go to the LINDDUN version release history page.
Privacy threat types
Overview of the 7 LINDDUN privacy threat types to investigate a wide range of complex privacy design issues.
Privacy threat trees
Privacy threat trees to use as part of a systematic threat elicitation exercise.
Web catalog
Online web catalog to browse the privacy threat knowledge.
Card deck
Privacy threat card deck to investigate potential privacy concerns, as used in LINDDUN GO.
Threat tree booklet
PDF report describing the LINDDUN threat type characteristics and relevant examples.
Structured threat knowledge representations
Structured machine-readable formats (JSON, csv…)
LINDDUN sources & tooling
Internal source files for modifying and recreating LINDDUN artifacts
METHODS
Take advantage of the different LINDDUN methods that support a variety of threat modeling styles with varying degrees of thoroughness and comprehensiveness.