Abstract
Laws set requirements that force organizations to assess the security and privacy of their IT systems and impose them to implement minimal precautionary security measures. Several IT solutions (e.g., Privacy Enhancing Technologies, Access Control Infrastructure, etc.) have been proposed to address security and privacy issues. However, understanding why, and when such solutions have to be adopted is often unanswered because the answer comes only from a broader perspective, accounting for legal and organizational issues. Security engineers and legal experts should analyze the business goals of a company and its organizational structure and derive from there the points where security and privacy problems may arise and which solutions best fit such (legal) problems. The paper investigates the methodological support for capturing security and privacy requirements of a concrete health care provider.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
EU-IST-IP 6th Framework Programme—SERENITY 27587—http://www.serenity-project.org.
The consent of data subjects is defined as any freely given consent and informed indication of his wishes by which the data subject signifies his agreement to personal data to him being processed (Article 2, letter h).
Notice that the laws of the Member State may provide that the prohibition of processing sensible personal data is not lifted by the data subject’s giving his consent (Article 8, paragraph 2(a)).
This correspond to the “least privilege” principle proposed by Saltzer and Schroeder (1975).
SI* is read as “see star”.
Notice that the Data Owner may be different from the Data Subject.
Those mechanisms are strongly related to the specific application domain and their investigation falls outside the scope of the paper.
If the \({\mathsf{ Delegator}}\) is in a position of an employer and the \({\mathsf{Executor}}\) in a position of an employee, the proof of commitment may be used by the \({\mathsf{Delegator}}\) for claiming damages from the particular employee who failed to perform the task rather than releasing the \({\mathsf{Delegator}}\) from liability.
The tool is available at http://sesa.dit.unitn.it/sistar_tool/.
A detailed walkthrough and demonstration are accepted to be presented at Information and Communication Technologies ICT 2008. Online description is available at http://ec.europa.eu/information_society/events/cf/item-display.cfm?id=171.
References
Anderson RJ (1994) Why cryptosystems fail. CACM 37(11):32–40
Asnar Y, Bonato R, Giorgini P, Massacci F, Meduri V, Riccucci C, Saidane A (2007) Secure and dependable patterns in organizations: an empirical approach. In: Proceedings of RE’07. IEEE Press, Los Alamitos, pp 287–292
Asnar Y, Moretti R, Sebastianis M, Zannone N (2008) Risk as dependability metrics for the evaluation of business solutions: a model-driven approach. In: Proceedings of ARES’08. IEEE Press, Los Alamitos, pp 1240–1247
Basin D, Doser J, Lodderstedt T (2006) Model driven security: from UML models to access control infrastructures. TOSEM 15(1):39–91
Bench-Capon TJM, Sartor G (2003) A model of legal reasoning with cases incorporating theories and values. Artif Intell 150(1–2):97–143
Bench-Capon TJM, Robinson GO, Routen TW, Sergot MJ (1987) Logic programming for large scale applications in law: a formalisation of supplementary benefit legislation. In: Proceedings of ICAIL’87. ACM Press, New York, pp 190–198
Breaux TD, Antón AI (2008) Analyzing regulatory rules for privacy and security requirements. TSE 34(1):5–20
Breu R, Popp G, Alam M (2007) Model based development of access policies. STTT 9:457–470
Compagna L, El Khoury P, Massacci F, Thomas R, Zannone N (2007) How to capture, communicate, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach. In: Proceedings of ICAIL’07. ACM Press, New York, pp 149–154
Cuevas A, El Khoury P, Gomez L, Laube A (2008) Security patterns for capturing encryption-based access control to sensor data. In: Proceedings of SECURWARE’08. IEEE Press, Los Alamitos, pp 62–67
Dibbern J, Goles T, Hirschheim R, Jayatilaka B (2004) Information systems outsourcing: a survey and analysis of the literature. DATA BASE Adv Inf Syst 35(4):6–102
Dijkstra P, Prakken H, de Vey Mestdagh K (2007) An implementation of norm-based agent negotiation. In: Proceedings of the 11th international conference on artificial intelligence and law. ACM Press, New York, pp 167–175
European Commission (1995) Directive 95/46/ec on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Off J Eur Communities 281:31
European Commission (2007) Communication on the follow-up of the work programme for a better implementation of the data protection directive. http://ec.europa.eu/justice_home/fsj/privacy/docs/lawreport/com_2007_87_ f_en.pdf
Fernández EB, Pan R (2001) A pattern language for security models. In: Proceedings of PLoP’01
Fernández EB, Yuan X (2000) Semantic analysis patterns. In: Proceedings of ER’00, LNCS 1920. Springer-Verlag, Berlin, pp 183–195
Fernández EB, Yuan X (2007) Securing analysis patterns. In: Proceedings of ACM southeast regional conference. ACM Press, New York, pp 288–293
Fernández EB, Ballesteros J, Desouza-Doucet AC, Larrondo-Petrie MM (2007) Security patterns for physical access control systems. In: Proceedings of DBSec’07, LNCS 4602. Springer-Verlag, Berlin, pp 259–274
Gamma E, Helm R, Johnson R, Vlissides J (1994) Design patterns: elements of reusable object-oriented software. Addison-Wesley, MA
Giorgini P, Massacci F, Zannone N (2005) Security and trust requirements engineering. In: FOSAD 2004/2005, LNCS 3655. Springer-Verlag, Berlin, pp 237–272
Guarda P, Zannone N (2008) Towards the development of privacy-aware systems. Inf Softw Technol (to appear)
Hofeld WN (1913) Fundamental legal conceptions as applied to judicial reasoning. Yale Law J 23:16–59
IBM (2003) Introduction to business security patterns. IBM White Paper
ISO (2000) Quality management systems: requirements. ISO 9001:2000
ISO/IEC (2005a) Code of practice for information security management. ISO/IEC 17799:2005
ISO/IEC (2005b) Information technology—security techniques—evaluation criteria for IT. ISO/IEC 15408:2005
Kanger S (1972) Law and logic. Theoria 38(3):105–132
Kienzle DM, Elder MC (2002) Security patterns for web application development. Final technical report, University of Virginia. http://www.scrypt.net/∼celer/securitypatterns/final%20report.pdf
Kowalski RA, Sergot MJ (1985) Computer representation of the law. In: Proceedings of IJCAI’05. Morgan Kaufmann, San Fransisco, pp 1269–1270
Lamport L (1994) How to write a long formula. Formal Asp Comput 6(5):580–584
Leone N, Pfeifer G, Faber W, Eiter T, Gottlob G, Perri S, Scarcello F (2006) The DLV system for knowledge representation and reasoning. TOCL 7(3):499–562
Mally E (1926) Grundgesetze des Sollens: Elemente der Logik des Willens. Leuschner & Lubensky, Graz
Massacci F, Zannone N (2008) A model-driven approach for the specification and analysis of access control policies. In: Proceedings of IS’08, LNCS 5332, On the move to meaningful internet systems: OTM 2008 [book]. Springer, Berlin, pp 1087–1103
Massacci F, Prest M, Zannone N (2005) Using a security requirements engineering methodology in practice: the compliance with the Italian data protection legislation. CSI 27(5):445–455
Massacci F, Mylopoulos J, Zannone N (2007) An ontology for secure socio-technical systems. In: Handbook of ontologies for business interaction. The IDEA Group, Hershey, pp 188–207
Meyer JJC, Wieringa RJ (eds) (1994) Deontic logic in computer science: normative system specification. Wiley, NY
Mouratidis H, Weiss M, Giorgini P (2005) Security patterns meet agent oriented software engineering: a complementary solution for developing secure information systems. In: Proceedings of ER’05, LNCS 3716. Springer-Verlag, Berlin, pp 225–240
Room S (2007) Data protection & compliance in context. BCS
Saltzer JH, Schroeder MD (1975) The protection of information in computer systems. Proc IEEE 63(9):1278–1308
Samarati P, di Vimercati SDC (2001) Access control: policies, models, and mechanisms. In: FOSAD 2001/2002, LNCS 2946. Springer-Verlag, Berlin, pp 137–196
Sanchez-Cid F, Muñoz A, El Khoury P, Compagna L (2007) XACML as a security and dependability (S&D) pattern for access control in AmI environments. In: Proceedings of AmI.d07. Springer, Berlin, pp 143–155
Schumacher M (2003) Security engineering with patterns: origins, theoretical models, and new applications. Springer-Verlag, Berlin
von Wright GH (1951) Deontic logic. Mind 60:1–15
Wahlgren P (1992) Automation of legal reasoning: a study on artificial intelligence. Kluwer Law and Taxation Publishers, The Netherlands
World Health Organization (1994) A declaration on the promotion of patients’ rights in Europe. http://www.who.int/genomics/public/eu_declaration1994.pdf
Yoder J, Barcalow J (1997) Architectural patterns for enabling application security. In: Proceedings of PLoP’97
Yoshioka N, Honiden S, Finkelstein A (2004) Security patterns: a method for constructing secure and efficient inter-company coordination systems. In: Proceedings of EDOC’04. IEEE Press, Los Alamitos, pp 84–97
Zeni N, Kiyavitskaya N, Cordy JR, Mich L, Mylopoulos J (2008) Annotating regulations using cerno: an application to italian documents—extended abstract. In: Proceedings of ARES’08. IEEE Press, Los Alamitos, pp 1437–1442
Acknowledgements
This work was partially funded by the projects IST-FP6-IP-SERENITY, IST-FP7-IP-MASTER, and FIRB-TOCAI. We want to express our gratitude to all members of the SERENITY project for their feedback and useful scientific discussions. We would also like to thank the anonymous reviewers for their constructive comments that helped to improve the quality of the paper.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Compagna, L., El Khoury, P., Krausová, A. et al. How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns. Artif Intell Law 17, 1–30 (2009). https://doi.org/10.1007/s10506-008-9067-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10506-008-9067-3