Title :
Computer-Aided Privacy Requirements Elicitation Technique
Author :
Miyazaki, Seiya ; Mead, Nancy ; Zhan, Justin
Abstract :
The legislative penalties and economic penalties for privacy violations are more serious for a service provider these days. In spite of demonstrating that it is willing and able to protect the privacy of information, a service provider developing a privacy-compliant system faces two challenges; technical complexities and legal complexities. In this paper, we propose a computer-aided privacy requirements elicitation technique (PRET) that helps software developers elicit privacy requirements more efficiently in the early stages of software development. The goal of the PRET tool is to accelerate the elicitation process and prevent privacy requirements leaks by using a general privacy requirements database derived from privacy laws and empirical privacy requirements. We also show the results of integrating the PRET tool with the security quality requirements engineering (SQUARE) methodology and provide evidence of the efficacy of the resultant tool.
Keywords :
security of data; computer-aided privacy requirements; economic penalties; elicitation technique; legal complexities; legislative penalties; privacy violations; privacy-compliant system; security quality requirements engineering; software development; technical complexities; Acceleration; Costs; Data privacy; Guidelines; Information security; Law; Legal factors; Legislation; Programming; Protection;
Conference_Titel :
Asia-Pacific Services Computing Conference, 2008. APSCC '08. IEEE
Conference_Location :
Yilan
Print_ISBN :
978-0-7695-3473-2
Electronic_ISBN :
978-0-7695-3473-2
DOI :
10.1109/APSCC.2008.263
