Software requirements, rights, permissions, obligations, and the operational functionality of policy enforcing systems are often misaligned. Our goal is to develop tools and techniques that help requirements engineers and policy makers bring policies and system requirements into better alignment. Goals from requirements engineering are useful for distilling natural language policy statements into structured descriptions of these interactions; however, they are limited in that they are not easy to compare with one another despite sharing common semantic features. In this paper, we describe a process called semantic parameterization that we use to derive semantic models from goals mined from privacy policy documents. We present example semant...
A common misstep in the development of security and privacy solutions is the failure to keep the dem...
Abstract—Businesses and organizations in jurisdictions around the world are required by law to provi...
There are several right expression languages (RELs) for the information model of data or content pro...
Natural language policies describe interactions between and across organizations, third-parties and ...
Organizations in privacy-regulated industries (e.g. healthcare and financial institutions) face sign...
We define a semantic model for purpose, based on which purpose-based privacy policies can be meaning...
Government regulations increasingly require mobile and web-based application (app) companies to stan...
Policy rules define what behavior is desired in a softwarebased system, they do not describe the cor...
The extensive data collection performed by the Internet of Things (IoT) devices can put users at ris...
Regulators, policy makers, and consumers are interested in proactively identifying services with acc...
Privacy policies are the locus where consequences concerning privacy and personal data are produced,...
Privacy policies often place requirements on the purposes for which a governed entity may use person...
This paper describes a method for requirements elicitation based on goals for electronic commerce sy...
Abstract-- Privacy has recently become a prominent issue in the context of electronic commerce Web s...
Abstract—We describe a new paradigm for articulating need-to-protect and need-to-share policies that...
A common misstep in the development of security and privacy solutions is the failure to keep the dem...
Abstract—Businesses and organizations in jurisdictions around the world are required by law to provi...
There are several right expression languages (RELs) for the information model of data or content pro...
Natural language policies describe interactions between and across organizations, third-parties and ...
Organizations in privacy-regulated industries (e.g. healthcare and financial institutions) face sign...
We define a semantic model for purpose, based on which purpose-based privacy policies can be meaning...
Government regulations increasingly require mobile and web-based application (app) companies to stan...
Policy rules define what behavior is desired in a softwarebased system, they do not describe the cor...
The extensive data collection performed by the Internet of Things (IoT) devices can put users at ris...
Regulators, policy makers, and consumers are interested in proactively identifying services with acc...
Privacy policies are the locus where consequences concerning privacy and personal data are produced,...
Privacy policies often place requirements on the purposes for which a governed entity may use person...
This paper describes a method for requirements elicitation based on goals for electronic commerce sy...
Abstract-- Privacy has recently become a prominent issue in the context of electronic commerce Web s...
Abstract—We describe a new paradigm for articulating need-to-protect and need-to-share policies that...
A common misstep in the development of security and privacy solutions is the failure to keep the dem...
Abstract—Businesses and organizations in jurisdictions around the world are required by law to provi...
There are several right expression languages (RELs) for the information model of data or content pro...