Architecture for user-controlled e-privacy
Proceedings of the 2003 ACM symposium on Applied computing
Eliciting confidentiality requirements in practice
CASCON '05 Proceedings of the 2005 conference of the Centre for Advanced Studies on Collaborative research
Requirements change: Fears dictate the must haves; desires the won't haves
Journal of Systems and Software
Hi-index | 0.00 |
Abstract: Diverse uses of information technology (IT)i n organizations affect privacy. Developers of electronic commerce, database management, security mechanisms, telecommunication and collaborative systems should be aware of these effects and acknowledge the need for early privacy planning during the requirements definition activity. Public concerns about the collection of personal information by consumer-based Web sites have led most organizations running such sites to establish and publish privacy policies. However, these policies often fail to align with prevalent societal values on one hand and the operational functioning of web-based applications on the other. Assuming that such misalignments stem from imperfect appreciation of consequences and not an intent t o deceive, we discuss concepts, tools and techniques to help requirements engineers and IT policy makers bring policies and system requirements into better alignment. Our objective is to encourage RE researchers and practitioners to adopt a more holistic view of application and system specification, in which a system or application is seen as an engine of policy enforcement and values attainment.