Islam, Shareeful and Mouratidis, Haralambos and Wager, Stefan (2010) ‘Towards a Framework to Elicit and Manage Security and Privacy Requirements from Laws and Regulations’, in Wieringa, Roel and Persson, Anne (eds.) Requirements Engineering: Foundation for Software Quality. 16th International Working Conference, REFSQ 2010. Essen, Germany, 30 June – 2July 2010. Springer, pp. 255-261. (Lecture Notes in Computer Science, 6182). (doi:10.1007/978-3-642-14192-8_23).
8.pdf - Accepted Version
Available under License Creative Commons Attribution No Derivatives.
Download (42Kb) | Preview
[Context and motivation] The increasing demand of software systems to process and manage sensitive information has led to the need that software systems should comply with relevant laws and regulations, which enforce the privacy and other aspects of the stored information. [Question/problem] However, the task is challenging because concepts and terminology used for requirements engineering are mostly different to those used in the legal domain and there is a lack of appropriate modelling languages and techniques to support such activities. [Principal ideas/results] The legislation need to be analysed and align with the system requirements. [Contribution] This paper motivates the need to introduce a framework to assist the elicitation and management of security and privacy requirements from relevant legislation and it briefly presents the foundations of such a framework along with an example.
|Item Type:||Book Section|
|Additional Information:||Citation: Islam, S., Mouratidis, H. and Wagner, S. (2010), 'Towards a Framework to Elicit and Manage Security and Privacy Requirements from Laws and Regulations', Lecture Notes in Computer Science, 6182/2010, pp. 255-261.|
|Divisions:||Schools > Architecture Computing and Engineering, School of|
|Depositing User:||Mr Stephen Grace|
|Date Deposited:||04 May 2012 16:06|
|Last Modified:||15 Oct 2012 12:06|
Actions (login required)