Nowadays, most enterprises collect, store, and manage personal information of customers to deliver their services. In such a setting, privacy has emerged as a key concern since companies often neglect or even misuse personal data. In response to multiple massive breaches of personal data, governments around the world have enacted laws and regulations for privacy protection. These laws dictate privacy requirements for any system that acquires and manages personal data. Unfortunately, these requirements are often incomplete and/or inaccurate as many RE practitioners are insufficiently versed with privacy requirements and how are they different from other requirements, such as security. To tackle this problem, we developed a comprehensive ontology for privacy requirements. In particular, the contributions of this work include the derivation of an ontology from a previously conducted systematic literature review, an implementation using an ontology definition tool (Protégé), a demonstration of its coverage through an extensive example on Ambient Assisted Living, and a validation through competency questions. Also, we evaluate the ontology against the common pitfalls for ontologies with the help of some software tools, lexical semantics experts, and privacy and security researchers. The ontology presented herein (COPri v.2) has been enhanced with extensions motivated by the feedback received from privacy and security experts.
COPri v.2 — A core ontology for privacy requirements / Gharib, Mohamad; Giorgini, Paolo; Mylopoulos, John. - In: DATA & KNOWLEDGE ENGINEERING. - ISSN 0169-023X. - STAMPA. - 133:(2021), pp. 10188801-10188820. [10.1016/j.datak.2021.101888]
COPri v.2 — A core ontology for privacy requirements
Gharib, Mohamad;Giorgini, Paolo;Mylopoulos, John
2021-01-01
Abstract
Nowadays, most enterprises collect, store, and manage personal information of customers to deliver their services. In such a setting, privacy has emerged as a key concern since companies often neglect or even misuse personal data. In response to multiple massive breaches of personal data, governments around the world have enacted laws and regulations for privacy protection. These laws dictate privacy requirements for any system that acquires and manages personal data. Unfortunately, these requirements are often incomplete and/or inaccurate as many RE practitioners are insufficiently versed with privacy requirements and how are they different from other requirements, such as security. To tackle this problem, we developed a comprehensive ontology for privacy requirements. In particular, the contributions of this work include the derivation of an ontology from a previously conducted systematic literature review, an implementation using an ontology definition tool (Protégé), a demonstration of its coverage through an extensive example on Ambient Assisted Living, and a validation through competency questions. Also, we evaluate the ontology against the common pitfalls for ontologies with the help of some software tools, lexical semantics experts, and privacy and security researchers. The ontology presented herein (COPri v.2) has been enhanced with extensions motivated by the feedback received from privacy and security experts.| File | Dimensione | Formato | |
|---|---|---|---|
|
COPriV2.pdf
accesso aperto
Tipologia:
Pre-print non referato (Non-refereed preprint)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
647.77 kB
Formato
Adobe PDF
|
647.77 kB | Adobe PDF | Visualizza/Apri |
|
1-s2.0-S0169023X2100015X-main.pdf
Solo gestori archivio
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.35 MB
Formato
Adobe PDF
|
1.35 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
