Reasoning about Airport Security Regulations Using the Focal Environment

Delahaye, David; Étienne, Jean-Frédéric; Donzeau-Gouge, Véronique

doi:10.1109/isola.2006.25

Cited by 7 publications

(3 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Models have been proposed to represent rights, permissions and obligations [BA05] and acts of delegation and permission [MMZ08] and to manage traceability [BA07,GAP07]. Methods include a legal requirements acquisition method, including a technique to balance rights and obligations [BVA06], a method to identify hidden assumptions [DED06], and a requirements prioritization method based upon legal exceptions [BA08]. Frameworks have been proposed to manage traceability between goal models and legal documents [GAP07] and manage accountability and traceability through refinement and delegation [BAS08].…”

Section: Related Workmentioning

confidence: 99%

Legally “reasonable” security requirements: A 10-year FTC retrospective

Breaux¹,

Baumer²

2011

Computers & Security

View full text Add to dashboard Cite

Abstract. Growth in electronic commerce has enabled businesses to reduce costs and expand markets by deploying information technology through new and existing business practices. However, government laws and regulations require businesses to employ reasonable security measures to thwart risks associated with this technology. Because many security vulnerabilities are only discovered after attacker exploitation, regulators update their interpretation of reasonable security to stay current with emerging threats. With a focus on determining what businesses must do to comply with these changing interpretations of the law, we conducted an empirical, multi-case study to discover and measure the meaning and evolution of "reasonable" security by examining 19 regulatory enforcement actions by the U.S. Federal Trade Commission (FTC) over a 10 year period. The results reveal trends in FTC enforcement actions that are institutionalizing security knowledge as evidenced by 39 security requirements that mitigate 110 legal security vulnerabilities.

show abstract

Section: Related Workmentioning

confidence: 99%

Legally “reasonable” security requirements: A 10-year FTC retrospective

Breaux¹,

Baumer²

2011

Computers & Security

View full text Add to dashboard Cite

show abstract

“…To support model checking of regulations, Delahaye et al describe a method to identify hidden assumptions using the Focal environment [9]. Another challenge includes complex legal exceptions, which Breaux et al address with a requirements prioritization method based upon priority hierarchies [2].…”

Section: Related Workmentioning

confidence: 99%

Early Studies in Acquiring Evidentiary, Reusable Business Process Models for Legal Compliance

Breaux

Powers

2009

2009 Sixth International Conference on Information Technology: New Generations

View full text Add to dashboard Cite

show abstract

“…For this project, we used Focal to realize the formal models of two regulations, namely the international standard Annex 17 and the European directive Doc 2320. The formalization is described in [3], while the certification part is presented in [4]. Within the project, the purpose of the UML diagrams is twofold.…”

mentioning

confidence: 99%

A formal and sound transformation from Focal to UML: an application to airport security regulations

Delahaye

Étienne

Donzeau-Gouge

2008

Innovations Syst Softw Eng

Self Cite

View full text Add to dashboard Cite

We propose an automatic transformation of Focal specifications to UML class diagrams. The main motivation for this work lies within the framework of the EDEMOI project, which aims to integrate and apply several requirements engineering and formal methods techniques to analyze airport security regulations. The idea is to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities. The transformation is formally described and an implementation has been designed. We also show how the soundness of our approach can be achieved.

show abstract

Reasoning about Airport Security Regulations Using the Focal Environment

Cited by 7 publications

References 7 publications

Legally “reasonable” security requirements: A 10-year FTC retrospective

Legally “reasonable” security requirements: A 10-year FTC retrospective

Early Studies in Acquiring Evidentiary, Reusable Business Process Models for Legal Compliance

A formal and sound transformation from Focal to UML: an application to airport security regulations

Contact Info

Product

Resources

About