scholarly journals Security and privacy requirements analysis within a social setting

2004 ◽  
Author(s):  
L. Liu ◽  
E. Yu ◽  
J. Mylopoulos
Keyword(s):  
Requirements Analysis ◽  
Security And Privacy ◽  
Social Setting ◽  
Privacy Requirements

scholarly journals Security and Privacy Requirements for Electronic Consent

2021 ◽  
Vol 20 (2) ◽  
pp. 1-24
Author(s):  
Stef Verreydt ◽  
Koen Yskout ◽  
Wouter Joosen
Keyword(s):  
Security And Privacy ◽  
Inclusion Criteria ◽  
Comprehensive Overview ◽  
Privacy And Security ◽  
Pubmed Central ◽  
Privacy Requirements ◽  
Development Lifecycle ◽  
Main Challenge ◽  
Security Challenges ◽  
Server Systems

Electronic consent (e-consent) has the potential to solve many paper-based consent approaches. Existing approaches, however, face challenges regarding privacy and security. This literature review aims to provide an overview of privacy and security challenges and requirements proposed by papers discussing e-consent implementations, as well as the manner in which state-of-the-art solutions address them. We conducted a systematic literature search using ACM Digital Library, IEEE Xplore, and PubMed Central. We included papers providing comprehensive discussions of one or more technical aspects of e-consent systems. Thirty-one papers met our inclusion criteria. Two distinct topics were identified, the first being discussions of e-consent representations and the second being implementations of e-consent in data sharing systems. The main challenge for e-consent representations is gathering the requirements for a “valid” consent. For the implementation papers, many provided some requirements but none provided a comprehensive overview. Blockchain is identified as a solution to transparency and trust issues in traditional client-server systems, but several challenges hinder it from being applied in practice. E-consent has the potential to grant data subjects control over their data. However, there is no agreed-upon set of security and privacy requirements that must be addressed by an e-consent platform. Therefore, security- and privacy-by-design techniques should be an essential part of the development lifecycle for such a platform.

A HIPAA Security and Privacy Compliance Audit and Risk Assessment Mitigation Approach

2021 ◽  
Vol 3 (2) ◽  
pp. 28-45
Author(s):  
Young B. Choi ◽  
Christopher E. Williams
Keyword(s):  
Healthcare System ◽  
Information Assurance ◽  
Healthcare Providers ◽  
Security And Privacy ◽  
Privacy Requirements ◽  
Security Controls ◽  
The Us ◽  
Compliance Audit ◽  
And Control ◽  
Health Laws

Data breaches have a profound effect on businesses associated with industries like the US healthcare system. This task extends more pressure on healthcare providers as they continue to gain unprecedented access to patient data, as the US healthcare system integrates further into the digital realm. Pressure has also led to the creation of the Health Insurance Portability and Accountability Act, Omnibus Rule, and Health Information Technology for Economic and Clinical Health laws. The Defense Information Systems Agency also develops and maintains security technical implementation guides that are consistent with DoD cybersecurity policies, standards, architectures, security controls, and validation procedures. The objective is to design a network (physician's office) in order to meet the complexity standards and unpredictable measures posed by attackers. Additionally, the network must adhere to HIPAA security and privacy requirements required by law. Successful implantation of network design will articulate comprehension requirements of information assurance security and control.

Designing Secure and Privacy-Aware Information Systems

2017 ◽  
Vol 8 (2) ◽  
pp. 1-25
Author(s):  
Christos Kalloniatis ◽  
Argyri Pattakou ◽  
Evangelia Kavakli ◽  
Stefanos Gritzalis
Keyword(s):  
Information Systems ◽  
Personal Information ◽  
Research Area ◽  
Security And Privacy ◽  
Software Systems ◽  
Economic Relationships ◽  
Analysis And Design ◽  
Privacy Requirements ◽  
Systems Analysis And Design ◽  
User Data

Pervasiveness of information systems is well underway, redefining our social and economic relationships. This technological revolution has generated enormous capabilities, but also enabled the creation of new vulnerabilities and threats. A major challenge in the field of information systems is therefore, to ensure the trustworthiness of the underlying technologies that make possible the generation, collection, storage, processing and transmission of user data at rates more intensive than ever before. Trust in information systems depends on different aspects, one of which is the security of user's data. Data security is referred as the protection of user's data from corruption and unauthorized access. Another important aspect of trust is the protection of user's privacy. Protecting privacy is about complying with user's desires when it comes to handling personal information. Without security to guarantee data protection, appropriate uses of that data cannot be realized. This implies that security and privacy issues are inherently intertwined and should be viewed synergistically. The aim of this paper is to elevate modern practices for ensuring security and privacy during software systems analysis and design. To this end, the basic security and privacy requirements that should be considered are introduced. Additionally, a number of well known methods in the research area of requirements engineering which focus on eliciting and modeling security and privacy requirements are described. Finally, a comparative analysis between these methods is presented.

scholarly journals Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

IEEE Access ◽  
2020 ◽  
Vol 8 ◽  
pp. 76541-76567 ◽  
Author(s):  
Muktar Yahuza ◽  
Mohd Yamani Idna Bin Idris ◽  
Ainuddin Wahid Bin Abdul Wahab ◽  
Anthony T. S. Ho ◽  
Suleman Khan ◽  
...  
Keyword(s):  
Systematic Review ◽  
State Of The Art ◽  
Edge Computing ◽  
Security And Privacy ◽  
Future Research ◽  
Research Opportunities ◽  
Privacy Requirements

scholarly journals Assurance of Security and Privacy Requirements for Cloud Deployment Models

2018 ◽  
Vol 6 (2) ◽  
pp. 387-400 ◽  
Author(s):  
Shareeful Islam ◽  
Moussa Ouedraogo ◽  
Christos Kalloniatis ◽  
Haralambos Mouratidis ◽  
Stefanos Gritzalis
Keyword(s):  
Security And Privacy ◽  
Privacy Requirements

Model Based Process to Support Security and Privacy Requirements Engineering

2012 ◽  
Vol 3 (3) ◽  
pp. 1-22 ◽  
Author(s):  
Shareeful Islam ◽  
Haralambos Mouratidis ◽  
Christos Kalloniatis ◽  
Aleksandar Hudic ◽  
Lorenz Zechner
Keyword(s):  
Requirements Engineering ◽  
Security And Privacy ◽  
Software Systems ◽  
Continuous Change ◽  
Privacy Requirements ◽  
Model Based ◽  
Systems Research ◽  
Implementation Techniques ◽  
Voting System ◽  
Eu Project

Software systems are becoming more complex, interconnected and liable to adopt continuous change and evolution. It’s necessary to develop appropriate methods and techniques to ensure security and privacy of such systems. Research efforts that aim to ensure security and privacy of software systems are distinguished through two main categories: (1) the development of requirements engineering methods, and (2) implementation techniques. Approaches that fall in the first category usually aim to address either security or privacy in an implicit way, with emphasis on the security aspects by developing methods to elicit and analyse security (and privacy) requirements. Works that fall in the latter categories focus specifically on the later stages of the development process irrespective of the organisational context in which the system will be incorporated. This work introduces a model-based process for security and privacy requirements engineering. In particular, the authors’ work includes activities which support to identify and analyse security and privacy requirements for the software system. Their purpose process combines concepts from two well-known requirements engineering methods, Secure Tropos and PriS. A real case study from the EU project E-vote, i.e., an Internet based voting system, is employed to demonstrate the applicability of the approach.

scholarly journals Mobile Government Applications Based on Security and Privacy: A Literature Review

2018 ◽  
Vol 7 (4.1) ◽  
pp. 51
Author(s):  
Ala'a Saeb Al-Sherideh ◽  
Roesnita Ismail ◽  
Fauziah Abdul Wahid ◽  
Norasikin Fabil ◽  
Waidah Ismail
Keyword(s):  
Literature Review ◽  
Mobile Applications ◽  
Public Services ◽  
Security Requirements ◽  
Security And Privacy ◽  
Privacy And Security ◽  
The Public ◽  
Privacy Requirements ◽  
Security Issues ◽  
The Government

Mobile applications available in anytime and from anywhere. The utilizing of mobile governmental applications is significant to reduce the efforts and time that are required to accomplish the public services by citizens. The main challenges that face the acceptance and adoption of mobile governmental applications are the privacy and security issues. The users, who do not trust the security of mobile governmental applications, may reject the use of these applications which discourages the government to adopt the mobile services. This study focuses in investigating the security and privacy requirements of mobile government applications. Many related works are reviewed and discussed to understand the important security requirements of mobile government applications. The main results indicate that effective privacy and security of mobile government applications should be assured so as to enhance the level of adopting and using these applications. The security requirements involve many considerations such as the hardware characteristics, software characteristics, and communication characteristics. This article mainly gives better understanding of security requirements of mobile government applications.   

Sign in / Sign up

Export Citation Format

Share Document