Mining rule semantics to understand legislative compliance
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Proceedings of the 12th ACM symposium on Access control models and technologies
Semantic parameterization: A process for modeling domain descriptions
ACM Transactions on Software Engineering and Methodology (TOSEM)
A Formal Privacy Management Framework
Formal Aspects in Security and Trust
Enforcing purpose of use via workflows
Proceedings of the 8th ACM workshop on Privacy in the electronic society
Identifying Commitment-Based Software Requirements to Thwart Unfair and Deceptive Practices
RELAW '09 Proceedings of the 2009 Second International Workshop on Requirements Engineering and Law
Towards defining semantic foundations for purpose-based privacy policies
Proceedings of the first ACM conference on Data and application security and privacy
A framework to support alignment of secure software engineering with legal regulations
Software and Systems Modeling (SoSyM)
Hi-index | 0.00 |
Natural language policies describe interactions between and across organizations, third-parties and individuals. However, current policy languages are limited in their ability to collectively describe interactions across these parties. Goals from requirements engineering are useful for distilling natural language policy statements into structured descriptions of these interactions; however, they are limited in that they are not easy to compare with one another despite sharing common semantic features. In this paper, we propose a process called semantic parameterization that in conjunction with goal analysis supports the derivation of semantic models from privacy policy documents. We present example semantic models that enable comparing policy statements and discuss corresponding limitations identified in existing policy languages. The semantic models are described by a context-free grammar (CFG) that has been validated within the context of the most frequently expressed goals in over 100 website privacy policy documents. The CFG is supported by a qualitative and quantitative policy analysis tool.