How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns
David Bourget (Western Ontario)
David Chalmers (ANU, NYU)
Rafael De Clercq
Ezio Di Nucci
Jack Alan Reynolds
Learn more about PhilPapers
Artificial Intelligence and Law 17 (1):1-30 (2009)
Laws set requirements that force organizations to assess the security and privacy of their IT systems and impose them to implement minimal precautionary security measures. Several IT solutions (e.g., Privacy Enhancing Technologies, Access Control Infrastructure, etc.) have been proposed to address security and privacy issues. However, understanding why, and when such solutions have to be adopted is often unanswered because the answer comes only from a broader perspective, accounting for legal and organizational issues. Security engineers and legal experts should analyze the business goals of a company and its organizational structure and derive from there the points where security and privacy problems may arise and which solutions best fit such (legal) problems. The paper investigates the methodological support for capturing security and privacy requirements of a concrete health care provider.
|Keywords||Security and privacy patterns Legal requirements Organization Pattern validation Healthcare|
|Categories||categorize this paper)|
Setup an account with your affiliations in order to access resources via your University's proxy server
Configure custom proxy (use this if your affiliation does not provide a proxy)
|Through your library|
References found in this work BETA
Trevor J. M. Bench-Capon & Giovanni Sartor (2003). A Model of Legal Reasoning with Cases Incorporating Theories and Values. Artificial Intelligence 150 (1-2):97-143.
G. H. von Wright (1951). Deontic Logic. Mind 60 (237):1-15.
G. H. von Wright (1951). I. Deontic Logic. Mind 60 (237):1-15.
Stig Kanger (1972). Law and Logic. Theoria 38 (3):105-132.
John-Jules Ch Meyer, Roel J. Wieringa & International Workshop on Deontic Logic in Computer Science (1993). Deontic Logic in Computer Science Normative System Specification.
Citations of this work BETA
No citations found.
Similar books and articles
Ferdinand David Schoeman (ed.) (1984). Philosophical Dimensions of Privacy: An Anthology. Cambridge University Press.
Dirk van Rooy & Jacques Bus (2010). Trust and Privacy in the Future Internet—a Research Perspective. Identity in the Information Society 3 (2):397-404.
Lothar Fritsch, Kristin Skeide Fuglerud & Ivar Solheim (2010). Towards Inclusive Identity Management. Identity in the Information Society 3 (3):515-538.
Krisana Kitiyadisai (2005). Privacy Rights and Protection: Foreign Values in Modern Thai Context. [REVIEW] Ethics and Information Technology 7 (1):17-26.
Thomas B. Hodel-Widmer (2006). Designing Databases That Enhance People's Privacy Without Hindering Organizations. Ethics and Information Technology 8 (1):3-15.
Paul B. Thompson (2001). Privacy, Secrecy and Security. Ethics and Information Technology 3 (1):13-19.
Matthias Assel, Stefan Wesner & Alexander Kipp (2009). A Security Framework for Dynamic Collaborative Working Environments. Identity in the Information Society 2 (2):171-187.
Added to index2009-01-28
Total downloads17 ( #203,566 of 1,789,901 )
Recent downloads (6 months)2 ( #317,270 of 1,789,901 )
How can I increase my downloads?