short-paper

A risk - aware framework for compliance goal-obstacle analysis

Authors:
Bendra Ojameruaye

University of Birmingham, United Kingdom

University of Birmingham, United Kingdom
View Profile

,
Rami Bahsoon

University of Birmingham, United Kingdom

University of Birmingham, United Kingdom
View Profile

SAC '15: Proceedings of the 30th Annual ACM Symposium on Applied ComputingApril 2015Pages 1401–1402https://doi.org/10.1145/2695664.2696053

Published:13 April 2015Publication History

SAC '15: Proceedings of the 30th Annual ACM Symposium on Applied Computing

Pages 1401–1402

ABSTRACT

Engineering regulatory compliance requirements is valuable during the software development process as they are necessary to reduce risk, improve security and help systems achieve their business goals. Existing methods for assessing compliance requirements are inadequate as they fail to consider the important aspects such as interdependency between goals, obstacles and agents. Poor goal and risk analysis during the requirement engineering phase often result in incomplete requirements and wrong estimation of risks. This paper presents a goal-oriented quantitative compliance analysis framework that considers these issues during the requirement analysis phase.

References

Bhattacharjee, J. et al. 2012. A two-phase quantitative methodology for enterprise information security risk analysis. Proceedings of the CUBE International Information Technology Conference on - CUBE '12. (2012), 809. Google ScholarDigital Library
Faniyi, F. et al. 2011. Evaluating security properties of architectures in unpredictable environments: A case for cloud. Proceedings - 9th Working IEEE/IFIP Conference on Software Architecture, WICSA 2011 127--136. 2011. Google ScholarDigital Library
Van Lamsweerde, a. and Letier, E. 2000. Handling obstacles in goal-oriented requirements engineering. IEEE Transactions on Software Engineering. 26, 10, 978--1005. 2000. Google ScholarDigital Library
Letier, E. et al. 2000. Handling obstacles in goal-oriented requirements engineering. IEEE Transactions on Software Engineering. 26, 10, 978--1005. 2000. Google ScholarDigital Library
Ojameruaye, B. and Bahsoon, R. Systematic elaboration of compliance requirements using compliance debt and portfolio theory. Lecture Notes in Computer Science including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics. 2014., 152--167. 2014.Google Scholar

Index Terms

A risk - aware framework for compliance goal-obstacle analysis
1. Software and its engineering

Recommendations

A probabilistic framework for goal-oriented risk analysis
RE '12: Proceedings of the 2012 IEEE 20th International Requirements Engineering Conference (RE)

Requirements completeness is among the most critical and difficult software engineering challenges. Missing requirements often result from poor risk analysis at requirements engineering time. Obstacle analysis is a goal-oriented form of risk analysis ...
Read More
Goal-driven risk assessment in requirements engineering

Risk analysis is traditionally considered a critical activity for the whole software system’s lifecycle. Risks are identified by considering technical aspects (e.g., failures of the system, unavailability of services, etc.) and handled by suitable ...
Read More
Assessing requirements-related risks through probabilistic goals and obstacles

Requirements completeness is among the most critical and difficult software engineering challenges. Missing requirements often result from poor risk analysis at requirements engineering time. Obstacle analysis is a goal-oriented form of risk analysis ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SAC '15: Proceedings of the 30th Annual ACM Symposium on Applied Computing
April 2015
2418 pages
ISBN:9781450331968
DOI:10.1145/2695664
Conference Chairs:
Roger L. Wainwright
University of Tulsa
,
Juan Manuel Corchado
University of Salamanca, Spain
,
Program Chairs:
Alessio Bechini
University of Pisa, Italy
,
Jiman Hong
Soongsil University, South Korea
Copyright © 2015 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 13 April 2015
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
goal analysis
goal-oriented requirements engineering for compliance
obstacle analysis
requirement analysis
risk assessment
Qualifiers
- short-paper
Conference

Acceptance Rates
SAC '15 Paper Acceptance Rate291of1,211submissions,24%Overall Acceptance Rate1,650of6,669submissions,25%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 1
  Total Citations
  View Citations
- 159
  Total Downloads
- Downloads (Last 12 months)7
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A risk - aware framework for compliance goal-obstacle analysis

SAC '15: Proceedings of the 30th Annual ACM Symposium on Applied Computing

ABSTRACT

References

Cited By

Index Terms

Recommendations

A probabilistic framework for goal-oriented risk analysis

Goal-driven risk assessment in requirements engineering

Assessing requirements-related risks through probabilistic goals and obstacles

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

A risk - aware framework for compliance goal-obstacle analysis

SAC '15: Proceedings of the 30th Annual ACM Symposium on Applied Computing

ABSTRACT

References

Cited By

Index Terms

Recommendations

A probabilistic framework for goal-oriented risk analysis

Goal-driven risk assessment in requirements engineering

Assessing requirements-related risks through probabilistic goals and obstacles

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media