Islam, Shareeful and Mouratidis, Haralambos and Wager, Stefan (2010) ‘Towards a Framework to Elicit and Manage Security and Privacy Requirements from Laws and Regulations’, in Wieringa, Roel and Persson, Anne (eds.) Requirements Engineering: Foundation for Software Quality. 16th International Working Conference, REFSQ 2010. Essen, Germany, 30 June – 2July 2010. Springer, pp. 255-261. (Lecture Notes in Computer Science, 6182). (doi:10.1007/978-3-642-14192-8_23).
Use this permanent URL when citing or linking to this resource in ROAR.
[Context and motivation] The increasing demand of software systems to process and manage sensitive information has led to the need that software systems should comply with relevant laws and regulations, which enforce the privacy and other aspects of the stored information. [Question/problem] However, the task is challenging because concepts and terminology used for requirements engineering are mostly different to those used in the legal domain and there is a lack of appropriate modelling languages and techniques to support such activities. [Principal ideas/results] The legislation need to be analysed and align with the system requirements. [Contribution] This paper motivates the need to introduce a framework to assist the elicitation and management of security and privacy requirements from relevant legislation and it briefly presents the foundations of such a framework along with an example.
|Divisions:||Schools > Architecture Computing and Engineering, School of|
|Additional Information:||Citation: Islam, S., Mouratidis, H. and Wagner, S. (2010), 'Towards a Framework to Elicit and Manage Security and Privacy Requirements from Laws and Regulations', Lecture Notes in Computer Science, 6182/2010, pp. 255-261.|
|Date Deposited:||04 May 2012 16:06|
|Item Type:||Book Section|
|Creators:||Islam, Shareeful and Mouratidis, Haralambos and Wager, Stefan|
|Last Modified:||15 Oct 2012 12:06|
|Depositing User:||Mr Stephen Grace|