Stratified Modelling and Analysis of Confidentiality Requirements

In this paper we present a method for modelling and analyzing confidentiality requirements based on requirements stratification. Stakeholders with varying data usage concerns have confidentiality and privacy requirements, and these stakeholders are often in different jurisdictions, for example, nati...

Full description

Saved in:
Bibliographic Details
Main Authors: Onabajo, A., Weber-Jahnke, J.H.
Format: Conference Proceeding
Language:English
Subjects:
Computer science
Data privacy
Data security
Health and safety
Information security
Iterative methods
Legislation
Local government
Medical services
Programming
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In this paper we present a method for modelling and analyzing confidentiality requirements based on requirements stratification. Stakeholders with varying data usage concerns have confidentiality and privacy requirements, and these stakeholders are often in different jurisdictions, for example, national, provincial and local authorities. In addition, customers, such as patient groups and individual patients, have important confidentiality concerns which should be considered in the requirement engineering process. Our approach provides a method to model and analyze the interactions of the different requirements with their inherent stratified relationship and supports the iterative specification and analysis of the requirements. We report on a preliminary evaluation of the method with a case study in the health care domain. Our results show that our method is suitable to express most case study requirements in their natural stratification order, but it also uncovered important limitations. Nevertheless, our method was effective in detecting a potential incompleteness in the subject requirements set.
ISSN:1530-1605
2572-6862
DOI:10.1109/HICSS.2008.414