Octopus UNIVERSITY of THE AEGEAN

Σύστημα Καταγραφής και ανάδειξης ερευνητικού έργου μελών ΔΕΠ
English
Log in

Journal

Authors: Kalloniatis C., Belsis P., Gritzalis S.
Title: A Soft Computing approach for Privacy Requirements Engineering
Journal: Journal of Applied Soft Computing
Volume: 11
Number: 7
Pages: 4341-4348
Year: 2011
Publisher: Elsevier
To appear: No
Link: http://www.sciencedirect.com/science/article/pii/S156849461000270X/pdfft?md5=de7febd4182f6216929512db11b9b3b7&pid=1-s2.0-S156849461000270X-main.pdf
ISI: Yes
Impact Factor: 2.612
File name:
Abstract: Soft computing continuously gains interest in many fields of academic and industrial domain; among the most notable characteristics for using soft computing methodological tools is the ability to handle with vague and imprecise data in decision making processes. Similar conditions are often encountered in requirements engineering. In this paper, we introduce the PriS approach, a security and privacy requirements engineering framework which aims at incorporating privacy requirements early in the system development process. Specifically, PriS provides a set of concepts for modelling privacy requirements in the organisation domain and a systematic way-of-working for translating these requirements into system models. The conceptual model of PriS uses a goal hierarchy structure. Every privacy requirement is either applied or not on every goal. To this end every privacy requirement is a variable that can take two values [0,1] on every goal meaning that the requirements constraints the goal (value 1) or not (value 0). Following this way of working PriS ends up suggesting a number of implementation techniques based on the privacy requirements constraining the respective goals. Taking into account that the mapping of privacy variables to a crisp set consisting of two values [0,1] is constraining, we extend also the PriS framework so as to be able to address the degree of participation of every privacy requirement towards achieving the generic goal of privacy. Therefore, we propose a fuzzification of privacy variables that maps the expression of the degree of participation of each privacy variable to the [0,1] interval. We also present a mathematical framework that allows the concurrent management of combined independent preferences towards the necessity of a privacy measure; among the advantages of the presented extended framework is the scalability of the approach in such a way that the results are not limited by the number of independent opinions or by the number of factors considered while reasoning for a specific selection of privacy measures.