发布求助
文献互助 智能选刊 最新文献

2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)最新文献

筛选
英文 中文
Welcome from the Organizers 主办方的欢迎
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/ESPRE.2018.00005
Kristian Beckers, Shamal Faily, Seok-Won Lee, N. Mead
{"title":"Welcome from the Organizers","authors":"Kristian Beckers, Shamal Faily, Seok-Won Lee, N. Mead","doi":"10.1109/ESPRE.2018.00005","DOIUrl":"https://doi.org/10.1109/ESPRE.2018.00005","url":null,"abstract":"","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129627174","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Assessing System of Systems Security Risk and Requirements with OASoSIS 用OASoSIS评估系统安全风险和需求
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/ESPRE.2018.00009
Duncan Ki-Aries, Shamal Faily, H. Dogan, Christopher Williams
{"title":"Assessing System of Systems Security Risk and Requirements with OASoSIS","authors":"Duncan Ki-Aries, Shamal Faily, H. Dogan, Christopher Williams","doi":"10.1109/ESPRE.2018.00009","DOIUrl":"https://doi.org/10.1109/ESPRE.2018.00009","url":null,"abstract":"When independent systems come together as a System of Systems (SoS) to achieve a new purpose, dealing with requirements conflicts across systems becomes a challenge. Moreover, assessing and modelling security risk for independent systems and the SoS as a whole is challenged by a gap in related research and approaches within the SoSs domain. In this paper, we present an approach for bridging SoS and Requirements Engineering by identifying aligning SoSs concepts to assess and model security risk and requirements. We introduce our OASoSIS approach modifying OCTAVE Allegro for SoSs using CAIRIS (Computer Aided Integration of Requirements and Information Security) with a medical evacuation (MEDEVAC) SoS exemplar for Security Requirements Engineering tool-support.","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"138 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131455362","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
The Importance of Empathy for Analyzing Privacy Requirements 移情对分析隐私要求的重要性
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/ESPRE.2018.00008
M. Levy, I. Hadar
{"title":"The Importance of Empathy for Analyzing Privacy Requirements","authors":"M. Levy, I. Hadar","doi":"10.1109/ESPRE.2018.00008","DOIUrl":"https://doi.org/10.1109/ESPRE.2018.00008","url":null,"abstract":"Empathy is the first step of the design thinking (DT) paradigm, which has recently gained interest among software development organizations, leveraging the design and innovation processes for better meeting the required end-user experience. The DT paradigm places the customer needs up-front and emphasizes facilitating empathy with users, observing their behavior, and drawing conclusions about what people want and need. In this paper we analyze, through the lens of DT, findings of former research studies which indicated that by and large, software developers are not minded to privacy requirements. Our analysis demonstrates that the absence of empathy leads to neglecting important privacy concerns when designing software systems. Following this analysis, we posit that the empathy step, as manifested in the DT paradigm, is a necessary component of requirements engineering for unveiling and addressing the type of requirements that are at high risk of being overlooked. Employing empathy techniques and tools provided by the DT paradigm can foster empathy practices and skills of software engineers, who often do not practice empathy in their professional work.","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121936552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Privacy Consistency Analyzer for Android Applications 隐私一致性分析器的Android应用程序
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/ESPRE.2018.00011
Sayan Maitra, Bohyun Suh, S. Ghanavati
{"title":"Privacy Consistency Analyzer for Android Applications","authors":"Sayan Maitra, Bohyun Suh, S. Ghanavati","doi":"10.1109/ESPRE.2018.00011","DOIUrl":"https://doi.org/10.1109/ESPRE.2018.00011","url":null,"abstract":"Recent studies show that many Android applications either do not have a privacy policy in place or there are some inconsistencies between their application and the corresponding privacy policies. In this paper, we propose a new Privacy Consistency framework and its tool-support which aims to detect the inconsistencies between the Android applications and their privacy policies. We have evaluated our framework on 54 Android applications and have identified several mismatches and inconsistencies. Our Privacy Consistency framework serves as the first step towards a better understanding of permissions and the risks associated with them.","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124196842","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
[Title page iii] [标题页iii]
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/espre.2018.00002
{"title":"[Title page iii]","authors":"","doi":"10.1109/espre.2018.00002","DOIUrl":"https://doi.org/10.1109/espre.2018.00002","url":null,"abstract":"","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129104623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
[Copyright notice] (版权)
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/espre.2018.00003
{"title":"[Copyright notice]","authors":"","doi":"10.1109/espre.2018.00003","DOIUrl":"https://doi.org/10.1109/espre.2018.00003","url":null,"abstract":"","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115524739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
ESPRE'18 Organization
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/espre.2018.00006
{"title":"ESPRE'18 Organization","authors":"","doi":"10.1109/espre.2018.00006","DOIUrl":"https://doi.org/10.1109/espre.2018.00006","url":null,"abstract":"","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122913315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
[Title page i] [标题页i]
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/espre.2018.00001
{"title":"[Title page i]","authors":"","doi":"10.1109/espre.2018.00001","DOIUrl":"https://doi.org/10.1109/espre.2018.00001","url":null,"abstract":"","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123214638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Tool-Supporting Data Protection Impact Assessments with CAIRIS 工具支持的数据保护影响评估与CAIRIS
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/ESPRE.2018.00010
Joshua Coles, Shamal Faily, Duncan Ki-Aries
{"title":"Tool-Supporting Data Protection Impact Assessments with CAIRIS","authors":"Joshua Coles, Shamal Faily, Duncan Ki-Aries","doi":"10.1109/ESPRE.2018.00010","DOIUrl":"https://doi.org/10.1109/ESPRE.2018.00010","url":null,"abstract":"The General Data Protection Regulation (GDPR) encourages the use of Data Protection Impact Assessments (DPIAs) to integrate privacy into organisations' activities and practices from early design onwards. To date, however, there has been little prescription about how Security & Privacy Requirements Engineering processes map to the necessary activities of a DPIA, and how these activities can be tool-supported. To address this problem, we present a tool-supported process for undertaking DPIAs using existing Requirements Engineering approaches and the CAIRIS platform. We illustrate this process using a real-world case study example where it was used to elicit privacy risks for a prototype medical application to support chemotherapy treatment.","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"107 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125093317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Towards the Design of Usable Privacy by Design Methodologies 从设计方法看可用隐私的设计
2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) Pub Date : 2018-08-01 DOI: 10.1109/ESPRE.2018.00007
Argyri Pattakou, Aikaterini-Georgia Mavroeidi, Vasiliki Diamantopoulou, Christos Kalloniatis, S. Gritzalis
{"title":"Towards the Design of Usable Privacy by Design Methodologies","authors":"Argyri Pattakou, Aikaterini-Georgia Mavroeidi, Vasiliki Diamantopoulou, Christos Kalloniatis, S. Gritzalis","doi":"10.1109/ESPRE.2018.00007","DOIUrl":"https://doi.org/10.1109/ESPRE.2018.00007","url":null,"abstract":"As privacy engineering gains much attention, recently literature records a number of methodologies that support software designers to model privacy – aware systems starting from the early stages of the software lifecycle until the late design stages prior to implementation. However, in order for these methodologies to be used and applied successfully from system engineers, it is important to be developed following a number of existing usability criteria for increasing designers' acceptance and performance. In this paper, we, initially, identify the set of usability criteria presented in the respective literature and examine how the existing privacy requirement engineering methodologies conform with these usability criteria. The results show that most methodologies conform with a number of criteria but still there are opportunities for further improvements.","PeriodicalId":418713,"journal":{"name":"2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE)","volume":"98 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123193976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信