{"title":"持续需求:以GDPR为例","authors":"Ze Shi Li, Colin M. Werner, Neil A. Ernst","doi":"10.1109/REW.2019.00031","DOIUrl":null,"url":null,"abstract":"Recently, a stringent set of privacy regulations, the General Data Protection Regulation (GDPR), was enacted in the European Union, which can be considered a privacy non-functional requirement (NFR). As a result, an organization that collects or processes data from European citizens must adhere to the GDPR. Previous studies have shown that compliance to the GDPR poses a number of challenges, which we have confirmed in our own research. In this paper, we describe our ongoing research collaboration with a startup organization that is adopting the GDPR. In addition, during the course of our research, we found that our industry collaborator, practices continuous integration (CI) like many other organizations. The number of organizations adopting CI has increased since Fowler first published his definition of CI. As such, another aspect of our current research is exploring the effects of CI on privacy NFRs and other NFRs. Finally, we describe a design science approach to iteratively learn about industry challenges in GDPR compliance, NFRs in the context of CI, as well as our ongoing work creating a tool to potentially mitigate observed GDPR compliance challenges.","PeriodicalId":166923,"journal":{"name":"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Continuous Requirements: An Example Using GDPR\",\"authors\":\"Ze Shi Li, Colin M. Werner, Neil A. Ernst\",\"doi\":\"10.1109/REW.2019.00031\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, a stringent set of privacy regulations, the General Data Protection Regulation (GDPR), was enacted in the European Union, which can be considered a privacy non-functional requirement (NFR). As a result, an organization that collects or processes data from European citizens must adhere to the GDPR. Previous studies have shown that compliance to the GDPR poses a number of challenges, which we have confirmed in our own research. In this paper, we describe our ongoing research collaboration with a startup organization that is adopting the GDPR. In addition, during the course of our research, we found that our industry collaborator, practices continuous integration (CI) like many other organizations. The number of organizations adopting CI has increased since Fowler first published his definition of CI. As such, another aspect of our current research is exploring the effects of CI on privacy NFRs and other NFRs. Finally, we describe a design science approach to iteratively learn about industry challenges in GDPR compliance, NFRs in the context of CI, as well as our ongoing work creating a tool to potentially mitigate observed GDPR compliance challenges.\",\"PeriodicalId\":166923,\"journal\":{\"name\":\"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)\",\"volume\":\"17 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/REW.2019.00031\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/REW.2019.00031","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Recently, a stringent set of privacy regulations, the General Data Protection Regulation (GDPR), was enacted in the European Union, which can be considered a privacy non-functional requirement (NFR). As a result, an organization that collects or processes data from European citizens must adhere to the GDPR. Previous studies have shown that compliance to the GDPR poses a number of challenges, which we have confirmed in our own research. In this paper, we describe our ongoing research collaboration with a startup organization that is adopting the GDPR. In addition, during the course of our research, we found that our industry collaborator, practices continuous integration (CI) like many other organizations. The number of organizations adopting CI has increased since Fowler first published his definition of CI. As such, another aspect of our current research is exploring the effects of CI on privacy NFRs and other NFRs. Finally, we describe a design science approach to iteratively learn about industry challenges in GDPR compliance, NFRs in the context of CI, as well as our ongoing work creating a tool to potentially mitigate observed GDPR compliance challenges.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
