Nowadays, most enterprises collect, store, and manage personal information of customers to deliver their services. In such a setting, privacy has emerged as a key concern since companies often neglect or even misuse personal data. In response to multiple massive breaches of personal data, governments around the world have enacted laws and regulations for privacy protection. These laws dictate privacy requirements for any system that acquires and manages personal data. Unfortunately, these requirements are often incomplete and/or inaccurate as many RE practitioners are insufficiently versed with privacy requirements and how are they different from other requirements, such as security. To tackle this problem, we developed a comprehensive ontology for privacy requirements. In particular, the contributions of this work include the derivation of an ontology from a previously conducted systematic literature review, an implementation using an ontology definition tool (Protégé), a demonstration of its coverage through an extensive example on Ambient Assisted Living, and a validation through competency questions. Also, we evaluate the ontology against the common pitfalls for ontologies with the help of some software tools, lexical semantics experts, and privacy and security researchers. The ontology presented herein (COPri v.2) has been enhanced with extensions motivated by the feedback received from privacy and security experts.

COPri v.2 — A core ontology for privacy requirements / Gharib, Mohamad; Giorgini, Paolo; Mylopoulos, John. - In: DATA & KNOWLEDGE ENGINEERING. - ISSN 0169-023X. - STAMPA. - 133:(2021), pp. 101888.1-101888.20. [10.1016/j.datak.2021.101888]

COPri v.2 — A core ontology for privacy requirements

Gharib, Mohamad;Giorgini, Paolo;Mylopoulos, John
2021-01-01

Abstract

Nowadays, most enterprises collect, store, and manage personal information of customers to deliver their services. In such a setting, privacy has emerged as a key concern since companies often neglect or even misuse personal data. In response to multiple massive breaches of personal data, governments around the world have enacted laws and regulations for privacy protection. These laws dictate privacy requirements for any system that acquires and manages personal data. Unfortunately, these requirements are often incomplete and/or inaccurate as many RE practitioners are insufficiently versed with privacy requirements and how are they different from other requirements, such as security. To tackle this problem, we developed a comprehensive ontology for privacy requirements. In particular, the contributions of this work include the derivation of an ontology from a previously conducted systematic literature review, an implementation using an ontology definition tool (Protégé), a demonstration of its coverage through an extensive example on Ambient Assisted Living, and a validation through competency questions. Also, we evaluate the ontology against the common pitfalls for ontologies with the help of some software tools, lexical semantics experts, and privacy and security researchers. The ontology presented herein (COPri v.2) has been enhanced with extensions motivated by the feedback received from privacy and security experts.
2021
Gharib, Mohamad; Giorgini, Paolo; Mylopoulos, John
COPri v.2 — A core ontology for privacy requirements / Gharib, Mohamad; Giorgini, Paolo; Mylopoulos, John. - In: DATA & KNOWLEDGE ENGINEERING. - ISSN 0169-023X. - STAMPA. - 133:(2021), pp. 101888.1-101888.20. [10.1016/j.datak.2021.101888]
File in questo prodotto:
File Dimensione Formato  
1-s2.0-S0169023X2100015X-main.pdf

Solo gestori archivio

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.35 MB
Formato Adobe PDF
1.35 MB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/330940
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 15
  • ???jsp.display-item.citation.isi??? 14
social impact