ICAIL '87 Proceedings of the 1st international conference on Artificial intelligence and law
Deontic logic in computer science: normative system specification
Deontic logic in computer science: normative system specification
Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Communications of the ACM
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
A model of legal reasoning with cases incorporating theories and values
Artificial Intelligence - Special issue on AI and law
Security Patterns: A Method for Constructing Secure and Efficient Inter-Company Coordination Systems
EDOC '04 Proceedings of the Enterprise Distributed Object Computing Conference, Eighth IEEE International
Information systems outsourcing: a survey and analysis of the literature
ACM SIGMIS Database
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
The DLV system for knowledge representation and reasoning
ACM Transactions on Computational Logic (TOCL)
Data Protection and Compliance in Context
Data Protection and Compliance in Context
ACM-SE 45 Proceedings of the 45th annual southeast regional conference
Proceedings of the 11th international conference on Artificial intelligence and law
An implementation of norm-based agent negotiation
Proceedings of the 11th international conference on Artificial intelligence and law
Model based development of access policies
International Journal on Software Tools for Technology Transfer (STTT)
Analyzing Regulatory Rules for Privacy and Security Requirements
IEEE Transactions on Software Engineering
Annotating Regulations Using Cerno: An Application to Italian Documents - Extended Abstract
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Risk as Dependability Metrics for the Evaluation of Business Solutions: A Model-driven Approach
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Security Patterns for Capturing Encryption-Based Access Control to Sensor Data
SECURWARE '08 Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies
Towards the development of privacy-aware systems
Information and Software Technology
Computer Standards & Interfaces
Security patterns for physical access control systems
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Security and trust requirements engineering
Foundations of Security Analysis and Design III
ER'05 Proceedings of the 24th international conference on Conceptual Modeling
How to capture and use legal patterns in IT
Proceedings of the 12th International Conference on Artificial Intelligence and Law
A systematic review of security requirements engineering
Computer Standards & Interfaces
Security requirements engineering framework for software product lines
Information and Software Technology
A method for security governance, risk, and compliance (GRC): a goal-process approach
Foundations of security analysis and design VI
Evaluation of the Pattern-based method for Secure Development (PbSD): A controlled experiment
Information and Software Technology
Organizational Patterns for Security and Dependability: From Design to Application
International Journal of Secure Software Engineering
Hi-index | 0.00 |
Laws set requirements that force organizations to assess the security and privacy of their IT systems and impose them to implement minimal precautionary security measures. Several IT solutions (e.g., Privacy Enhancing Technologies, Access Control Infrastructure, etc.) have been proposed to address security and privacy issues. However, understanding why, and when such solutions have to be adopted is often unanswered because the answer comes only from a broader perspective, accounting for legal and organizational issues. Security engineers and legal experts should analyze the business goals of a company and its organizational structure and derive from there the points where security and privacy problems may arise and which solutions best fit such (legal) problems. The paper investigates the methodological support for capturing security and privacy requirement of a concrete health care provider.