Paper Search Console

Home Search Page About Contact

Journal Title

Title of Journal: Requirements Eng

Search In Journal Title:

Abbravation: Requirements Engineering

Search In Journal Abbravation:

Publisher

Springer-Verlag

Search In Publisher:

DOI

10.1016/0370-2693(95)00955-k

Search In DOI:

ISSN

1432-010X

Search In ISSN:
Search In Title Of Papers:

A crossdomain empirical study and legal evaluatio

Authors: David G Gordon Travis D Breaux
Publish Date: 2013/04/04
Volume: 18, Issue: 2, Pages: 147-173
PDF Link

Abstract

Companies that own license or maintain personal information face a daunting number of privacy and security regulations Companies are subject to new regulations from one or more governing bodies when companies introduce new or existing products into a jurisdiction when regulations change or when data are transferred across political borders To address this problem we developed a framework called “requirements water marking” that business analysts can use to align and reconcile requirements from multiple jurisdictions municipalities provinces nations to produce a single high or low standard of care We evaluate the framework in two empirical case studies covering a subset of US data breach notification laws and medical record retention laws In these studies applying our framework reduced the number of requirements a company must comply with by 76  across 8 jurisdictions and 15  across 4 jurisdictions respectively We show how the framework surfaces critical requirements tradeoffs and potential regulatory conflicts that companies must address during the reconciliation process We summarize our results including surveys of information technology law experts to contextualize our empirical results in legal practiceWe thank the CMU Requirements Engineering Lab for participating in reviews of our research protocol and early drafts on this manuscript and we thank the International Association of Privacy Professionals IAPP for allowing us to recruit survey participants through their Global Privacy Summit This research was supported by the US Department of Homeland Security Grant Award 2006CS001000001 and HewlettPackard Labs Innovation Research Program Award CW267287The contextfree grammar for an early version of the LRSL is expressed here in the Extended Backus–Naur Form EBNF described in ISO/IEC 14977 1996E The term “string” consists of any combination of letters and digits the term “regex” is a regular expression and the term ref is a string Open image in new window

Keywords:

References

.
Search In Abstract Of Papers:
Other Papers In This Journal:
  1. On the role of semantics in automated requirements tracing
  2. A domain model of Web recommender systems based on usage mining and collaborative filtering
  3. Effect of personality type on structured tool comprehension performance
  4. The case against a positivist philosophy of requirements engineering
  5. Exploring how to use scenarios to discover requirements
  6. The effect of the number of concepts on the readability of schemas: an empirical study with data models
  7. Early failure prediction in feature request management systems: an extended study
  8. Eliciting security requirements and tracing them to design: an integration of Common Criteria, heuristics, and UMLsec
Search Result: