Privacy protection is a growing concern in the marketplace. Yet, privacy requirements and mechanisms are usually retro-fitted into a pre-existing design which may not be able to accommodate them due to potential conflicts with functional requirements. We propose a procedure for automatically extracting privacy requirements from databases supporting access control mechanisms for personal data (hereafter Hippocratic databases) and representing them in the Secure Tropos framework where tools are available for checking the correctness and consistency of privacy requirements. The procedure is illustrated with a case study. © World Scientific Publishing Company.
From Hippocratic Databases to Secure Tropos: A Computer-Aided Re-engineering Approach
Massacci, Fabio;Mylopoulos, Ioannis;Zannone, Nicola
2007-01-01
Abstract
Privacy protection is a growing concern in the marketplace. Yet, privacy requirements and mechanisms are usually retro-fitted into a pre-existing design which may not be able to accommodate them due to potential conflicts with functional requirements. We propose a procedure for automatically extracting privacy requirements from databases supporting access control mechanisms for personal data (hereafter Hippocratic databases) and representing them in the Secure Tropos framework where tools are available for checking the correctness and consistency of privacy requirements. The procedure is illustrated with a case study. © World Scientific Publishing Company.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
