Detecting conflicts of interest

P. Giorgini; F. Massacci; J. Mylopoulos; N. Zannone

doi:10.1109/RE.2006.16

Detecting conflicts of interest

P. Giorgini, F. Massacci, J. Mylopoulos, N. Zannone

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

8 Citations (Scopus)

2 Downloads (Pure)

Abstract

System vulnerabilities are often caused by the presence of conflicts within the organization where the system-to-be will eventually operate. In particular, conflicts of interest are very harmful since actors can exploit their positions/ roles relative to the system for gaining personal advantage. Capturing and resolving such conflicts is a necessary condition for developing secure information systems. In this paper, we show how conflicts of interest can be formally detected during requirements analysis. This allows system designers to investigate the causes for which conflicts may occur in an organization. Thereby, they can better understand the organizational structure and so provide appropriate countermeasures to resolve or at least mitigate them.

Original language	English
Title of host publication	Proceedings 14th IEEE International Conference on Requirements Engineering (RE 2006), Minneapolis/St.Paul MN, USA, September 11-15, 2006)
Publisher	IEEE Computer Society
Pages	308-311
ISBN (Print)	0-7695-2555-5
DOIs	https://doi.org/10.1109/RE.2006.16
Publication status	Published - 2006

Access to Document

10.1109/RE.2006.16

Cite this

@inproceedings{e21ddc2c0f8a4c909f81234b35d036ed,

title = "Detecting conflicts of interest",

abstract = "System vulnerabilities are often caused by the presence of conflicts within the organization where the system-to-be will eventually operate. In particular, conflicts of interest are very harmful since actors can exploit their positions/ roles relative to the system for gaining personal advantage. Capturing and resolving such conflicts is a necessary condition for developing secure information systems. In this paper, we show how conflicts of interest can be formally detected during requirements analysis. This allows system designers to investigate the causes for which conflicts may occur in an organization. Thereby, they can better understand the organizational structure and so provide appropriate countermeasures to resolve or at least mitigate them.",

author = "P. Giorgini and F. Massacci and J. Mylopoulos and N. Zannone",

year = "2006",

doi = "10.1109/RE.2006.16",

language = "English",

isbn = "0-7695-2555-5",

pages = "308--311",

booktitle = "Proceedings 14th IEEE International Conference on Requirements Engineering (RE 2006), Minneapolis/St.Paul MN, USA, September 11-15, 2006)",

publisher = "IEEE Computer Society",

address = "United States",

}

Detecting conflicts of interest. / Giorgini, P.; Massacci, F.; Mylopoulos, J.; Zannone, N.

Proceedings 14th IEEE International Conference on Requirements Engineering (RE 2006), Minneapolis/St.Paul MN, USA, September 11-15, 2006). IEEE Computer Society, 2006. p. 308-311.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Detecting conflicts of interest

AU - Giorgini, P.

AU - Massacci, F.

AU - Mylopoulos, J.

AU - Zannone, N.

PY - 2006

Y1 - 2006

N2 - System vulnerabilities are often caused by the presence of conflicts within the organization where the system-to-be will eventually operate. In particular, conflicts of interest are very harmful since actors can exploit their positions/ roles relative to the system for gaining personal advantage. Capturing and resolving such conflicts is a necessary condition for developing secure information systems. In this paper, we show how conflicts of interest can be formally detected during requirements analysis. This allows system designers to investigate the causes for which conflicts may occur in an organization. Thereby, they can better understand the organizational structure and so provide appropriate countermeasures to resolve or at least mitigate them.

AB - System vulnerabilities are often caused by the presence of conflicts within the organization where the system-to-be will eventually operate. In particular, conflicts of interest are very harmful since actors can exploit their positions/ roles relative to the system for gaining personal advantage. Capturing and resolving such conflicts is a necessary condition for developing secure information systems. In this paper, we show how conflicts of interest can be formally detected during requirements analysis. This allows system designers to investigate the causes for which conflicts may occur in an organization. Thereby, they can better understand the organizational structure and so provide appropriate countermeasures to resolve or at least mitigate them.

U2 - 10.1109/RE.2006.16

DO - 10.1109/RE.2006.16

M3 - Conference contribution

SN - 0-7695-2555-5

SP - 308

EP - 311

BT - Proceedings 14th IEEE International Conference on Requirements Engineering (RE 2006), Minneapolis/St.Paul MN, USA, September 11-15, 2006)

PB - IEEE Computer Society

ER -

Detecting conflicts of interest

Abstract

Access to Document

Fingerprint

Cite this