How to capture, model, and verify the knowledge of legal, security, and privacy experts: A pattern-based approach

L. Compagna, P. El Khoury, F. Massacci, R. Thomas, N. Zannone

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    33 Citations (Scopus)
    2 Downloads (Pure)

    Abstract

    Laws set requirements that force organizations to assess the security and privacy of their IT systems and impose the adoption of the implementation of minimal precautionary security measures. Several frameworks have been proposed to deal with thii issue. For instance, purpose-based access control is normally considered a good solution for meeting the requirements of privacy legislation. Yet, understanding why, how, and when such solutions to security and privacy problems have to be deployed is often unanswered. In this paper, we look at the problem from a broader perspective, accounting for legal and organizational issues. Security engineers and legal experts should be able to start from the organizational model and derive from there the points where security and privacy problems may arise and determine which solutions best fit the (legal) problems that they face. In particular, we investigate the methodology needed to capture security and privacy requirements for a Health Care Centre using a smart items infrastructure.
    Original languageEnglish
    Title of host publicationProceedings of the 11th international conference on Artificial intelligence and law (ICAIL 2007) 4-8 June 2007, Stanford, California, USA
    Place of PublicationNew York, New York
    PublisherAssociation for Computing Machinery, Inc
    Pages149-153
    ISBN (Print)978-1-59593-680-6
    Publication statusPublished - 2007
    Eventconference; ICAIL 2007, Stanford, California, USA; 2007-06-04; 2007-06-08 -
    Duration: 4 Jun 20078 Jun 2007

    Conference

    Conferenceconference; ICAIL 2007, Stanford, California, USA; 2007-06-04; 2007-06-08
    Period4/06/078/06/07
    OtherICAIL 2007, Stanford, California, USA

    Fingerprint Dive into the research topics of 'How to capture, model, and verify the knowledge of legal, security, and privacy experts: A pattern-based approach'. Together they form a unique fingerprint.

    Cite this