Computer-Aided Privacy Requirements Elicitation Technique
作者: Seiya Miyazaki , Nancy Mead , Justin Zhan
关键词: Computer security 、 Software development 、 Privacy laws of the United States 、 Privacy software 、 Service provider 、 Privacy by Design 、 Requirements engineering 、 Computer science 、 Information privacy 、 Requirements elicitation
摘要: The legislative penalties and economic for privacy violations are more serious a service provider these days. In spite of demonstrating that it is willing able to protect the information, developing privacy-compliant system faces two challenges; technical complexities legal complexities. this paper, we propose computer-aided requirements elicitation technique (PRET) helps software developers elicit efficiently in early stages development. goal PRET tool accelerate process prevent leaks by using general database derived from laws empirical requirements. We also show results integrating with security quality engineering (SQUARE) methodology provide evidence efficacy resultant tool.
sci-hub.se 参考文章(10)
Steve McConnell, From the Editor - An Ounce of Prevention. IEEE Software. ,vol. 18, ,(2001)
Jonathan D Moffett, Charles B Haley, Bashar Nuseibeh, Core Security Requirements Artefacts ,(2004)
Constance L. Heitmeyer, Software Cost Reduction Encyclopedia of Software Engineering. ,(2002) , 10.1002/0471028959.SOF307
Nancy Mead, Gary McGraw, Julia Allen, Robert Ellison, Sean Barnum, Software Security Engineering: A Guide for Project Managers ,(2004)
Carolyn Brodie, Clare-Marie Karat, John Karat, Jinjuan Feng, Usable security and privacy: a case study of developing privacy management tools symposium on usable privacy and security. pp. 35- 43 ,(2005) , 10.1145/1073001.1073005
Y. Murakami, Privacy issues in the ubiquitous information society and law in Japan systems, man and cybernetics. ,vol. 6, pp. 5645- 5650 ,(2004) , 10.1109/ICSMC.2004.1401093
Nancy R. Mead, Ted Stehney, Security quality requirements engineering (SQUARE) methodology ACM SIGSOFT Software Engineering Notes. ,vol. 30, pp. 1- 7 ,(2005) , 10.1145/1082983.1083214
S. McConnell, An ounce of prevention IEEE Software. ,vol. 18, pp. 5- 7 ,(2001) , 10.1109/MS.2001.922718
N.R. Mead, E.D. Hough, Security Requirements Engineering for Software Systems: Case Studies in Support of Software Engineering Education conference on software engineering education and training. pp. 149- 158 ,(2006) , 10.1109/CSEET.2006.30
Murakami, Legal issues for realizing ubiquitous information society society of instrument and control engineers of japan. ,vol. 2, pp. 1751- 1755 ,(2004)