Towards Detecting and Mitigating Conflicts for Privacy and Security Requirements

Alkubaisy, Duaa; Cox, Karl; Mouratidis, Haralambos

doi:10.1109/rcis.2019.8876999

Cited by 8 publications

(9 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors conducted thirteen interviews at six private companies and found nine personal factors that affect how software developers perceive and interpret privacy requirements. Alkubaisy et al [52] proposed a framework to identify and resolve conflicts between security and privacy requirements. The authors use patterns to describe the problem and propose a solution to each conflict encountered by the framework.…”

Section: Rq1 According To the Literature What Are The Methodologiementioning

confidence: 99%

Perceptions of ICT Practitioners Regarding Software Privacy

Canedo

Calazans

Masson

et al. 2020

Entropy

View full text Add to dashboard Cite

During software development activities, it is important for Information and Communication Technology (ICT) practitioners to know and understand practices and guidelines regarding information privacy, as software requirements must comply with data privacy laws and members of development teams should know current legislation related to the protection of personal data. In order to gain a better understanding on how industry ICT practitioners perceive the practical relevance of software privacy and privacy requirements and how these professionals are implementing data privacy concepts, we conducted a survey with ICT practitioners from software development organizations to get an overview of how these professionals are implementing data privacy concepts during software design. We performed a systematic literature review to identify related works with software privacy and privacy requirements and what methodologies and techniques are used to specify them. In addition, we conducted a survey with ICT practitioners from different organizations. Findings revealed that ICT practitioners lack a comprehensive knowledge of software privacy and privacy requirements and the Brazilian General Data Protection Law (Lei Geral de Proteção de Dados Pessoais, LGPD, in Portuguese), nor they are able to work with the laws and guidelines governing data privacy. Organizations are demanded to define an approach to contextualize ICT practitioners with the importance of knowledge of software privacy and privacy requirements, as well as to address them during software development, since LGPD must change the way teams work, as a number of features and controls regarding consent, documentation, and privacy accountability will be required.

show abstract

Section: Rq1 According To the Literature What Are The Methodologiementioning

confidence: 99%

Perceptions of ICT Practitioners Regarding Software Privacy

Canedo

Calazans

Masson

et al. 2020

Entropy

View full text Add to dashboard Cite

show abstract

“…Some of the steps are semi-automated, while others are manual steps, based on the analyst's point of view. First, the conflicts between requirements are identified, based on a matrix presented by a previous study (Alkubaisy, Cox & Mouratidis, 2019). Hence, we sort the requirements that could lead to a potential conflict.…”

Section: Evaluation Resultsmentioning

confidence: 99%

“…The authors have also cited the work of Alkubaisy, Cox and Mouratidis (2019), who investigate conflicts between security and privacy requirements.…”

Section: Table 23 Comparison Between Conflict Analysis Approachmentioning

confidence: 99%

A framework managing conflicts between security and privacy requirements

Alkubaisy

2017

2017 11th International Conference on Research Challenges in Information Science (RCIS)

Self Cite

View full text Add to dashboard Cite

show abstract

“…Nevertheless, the idea was considered a successful trial. Furthermore, Alkubaisy et al [14] analyzed the conflict detection between privacy and security requirements. In their approach they tried to simplify the detection by using patterns to describe the problem.…”

Section: Related Studymentioning

confidence: 99%

Requirements Engineering: Conflict Detection Automation Using Machine Learning

Elhassan¹,

Abaker²,

Abdelmaboud³

et al. 2022

Intelligent Automation &Amp; Soft Computing

View full text Add to dashboard Cite

The research community has well recognized the importance of requirement elicitation. Recent research has shown the continuous decreasing success rate of IS projects in the last five years due to the complexity of the requirement conflict refinement process. Requirement conflict is at the heart of requirement elicitation. It is also considered the prime reason for deciding the success or failure of the intended Information System (IS) project. This paper introduces the requirements conflict detection automation model based on the Mean shift clustering unsupervised machine learning model. It utilizes the advantages of Artificial Intelligence in detecting and classifying the requirement conflicts occurring in the requirement elicitation phase. An experiment of the proposed model was conducted, composed of 207 observations and 11 parameters. The results show that the correct detection accuracy for the (Conflicted Requirements, Partial Conflicted Requirements & Conflict Free Requirements). The proposed model findings provide a promising and effective detection process regarding requirements classification. The model validation process provides a performance comparison between the model output vs. the output produced by the requirement conflict verification phase, detailing the Standard Error (SE) measure of accuracy values and the detected clusters. The implications of this study could be used to promote the automatization of the requirement elicitation process. Thus, increasing the potentiality of enhancing the produced systems designs.

show abstract

Towards Detecting and Mitigating Conflicts for Privacy and Security Requirements

Cited by 8 publications

References 21 publications

Perceptions of ICT Practitioners Regarding Software Privacy

Perceptions of ICT Practitioners Regarding Software Privacy

A framework managing conflicts between security and privacy requirements

Requirements Engineering: Conflict Detection Automation Using Machine Learning

Contact Info

Product

Resources

About