DistriNet Research Group 

KU Leuven

Dept. Computer Science 

Celestijnenlaan 200A (postbox 2402) 

200A B-3001 Heverlee BELGIUM 

  • White Facebook Icon
  • White Twitter Icon

© 2020  DistriNet KU Leuven

What is LINDDUN?

LINDDUN is a privacy threat modeling methodology that supports analysts in systematically eliciting and mitigating privacy threats in software architectures.

LINDDUN provides support to guide you through the threat modeling process in a structured way.

In addition, LINDDUN provides privacy knowledge support to enable also non-privacy experts to reason about privacy threats. LINDDUN is a mnemonic for the privacy threat categories it supports:

LINDDUN privacy engineering

Systematic elicitation and mitigation of privacy threats in software systems

Privacy is becoming a key issue in today's s digital world. Not only is awareness growing among consumers, GDPR enforces the implementation of Privacy-by-Design and Privacy-by-Default paradigms to be embedded within the software development lifecycle. But how should you execute a thorough privacy assessment of your software system?

 
 

LINDDUN

LINDDUN was created to provide support for a thorough, systematic privacy threat assessment. It will guide you through each step and ensures exhaustive coverage and documentation of the privacy threat modeling process, and includes an extensive knowledge base of potential privacy threats.

LINDDUN GO

Recently, LINDDUN GO has been added. As it gives you a quick start to privacy threat modeling, it is perfect for those who are getting started with threat modeling or for those who are looking for a more light-weight approach.

 

Why use LINDDUN?

Threat-based

You need to know what can go wrong in order to assess its risk and fix it.

Systematic methodology

A thorough privacy assessment can only be guaranteed by a systematic execution of a step-by-step method that guides you through the analysis.

Knowledge support

Privacy is a complex matter. A repository documenting expert privacy knowledge on common threats and suggested solutions is indispensible.

 

What's new?

I’m a paragraph. Double click here or click Edit Text to add some text of your own or to change the font. This is the place for you to tell your site visitors a little bit about you and your services.

 

References

What experts are saying

 "The LINDDUN methodology broadly shares the principles of the CNIL method but it puts forward a more systematic approach based on data flow diagrams and privacy threat tree patterns." 

"LINDDUN is, in many ways, one of the most serious and thought-provoking approaches to privacy threat modeling, and those seriously interested in privacy should take a look at it."

Adam Shostack. 
Threat Modeling. Designing for Security. Wiley, 2014.

"A privacy threat framework was defined by KU Leuven that led to the LINDDUN methodology."

ISO27550

on privacy engineering, 2019

Annex C also summarize LINDDUN's threats elicitation process and mitigation strategies

 "Another example of a privacy engineering methodology, in this particular case stressing the risk analysis dimension, is the LINDDUN approach developed at Leuven University" 

EDPS. 

Preliminary opinion on privacy by design, May 2018