research-article

Transparency versus security: early analysis of antagonistic requirements

Authors:
Claudia Cappelli

PUC-Rio - Brazil

PUC-Rio - Brazil
View Profile

,
Herbet Cunha

PUC-Rio - Brazil

PUC-Rio - Brazil
View Profile

,
Bruno Gonzalez-Baixauli

Universidad de Valladolid - Spain

Universidad de Valladolid - Spain
View Profile

,
Julio Cesar Sampaio do Prado Leite

PUC-Rio - Brazil

PUC-Rio - Brazil
View Profile

SAC '10: Proceedings of the 2010 ACM Symposium on Applied ComputingMarch 2010Pages 298–305https://doi.org/10.1145/1774088.1774151

Published:22 March 2010Publication History

SAC '10: Proceedings of the 2010 ACM Symposium on Applied Computing

Pages 298–305

ABSTRACT

Information systems designers have been increasingly convinced about the importance of dealing with quality issues at early stages of development. Over the landscape of quality issues, several proposals have been published as to help with respect to security. On the other hand, designers do also need to care about other quality issues; for instance, transparency. Transparency is the quality of having open information to the public. At first, the general intuition is that security and transparency conflict, but how should designers deal with these antagonistic issues? Departing from the use of the Non-Functional Requirements Framework we propose a process, based on Personal Construct Theory, to perform early analysis of antagonistic design issues. Having early analysis of antagonistic quality issues makes it possible for informed decision to be taken early on during IS design. We use the election domain to illustrate the application of our proposal.

References

Holzner B., Holzner L., Transparency in Global Change: The Vanguard of the Open Society. University of Pittsburgh Press; 1 edition (2006).Google Scholar
Henriques A., Corporate Truth The Limits to Transparency, EARTHSCAN, UK (2007).Google Scholar
European Union - Data Protection, http://ec.europa.eu/justice_home/fsj/privacy/index_en.htm (2007).Google Scholar
Brazilian Law N° 9.507, 12 th, November 1997, http://www.planalto.gov.br/ccivil/Leis/L9507.htm (2007).Google Scholar
United States Department of Justice, http://www.usdoj.gov/oip/index.htmlGoogle Scholar
Cappelli, C., Oliveira, A. P., Leite, J. C. S. P, Exploring Business Process Transparency Concepts, RE 2007, IEEE Computer Society Press, pp. 389--390 (2007).Google Scholar
Bishop, M. Wagner, D., Risks of e-voting. Communications of ACM 50, 11, 120--120, http://doi.acm.org/10.1145/1297797.1297827 (2007). Google ScholarDigital Library
Camp L. J., Varieties of Software and their Implications for Effective Democratic Government. Proceedings of the British Academy, Vol. 135, pp. 183--185, 2006.Google Scholar
Matulevicius, R.; Mayer, N.; Mouratidis, H.;, Dubois, E.;, Heymans, P.; Genon, N. Adapting Secure Tropos for Security Risk Management in the Early Phases of Information Systems Development. CAiSE 2008: 541--555 Google ScholarDigital Library
Liu, L.; Yu. E.; Mylopoulos, J. Security and Privacy Requirements Analysis within a Social Setting. Proceedings of the International Conference on Requirements Engineering (RE'03). Monterey, California, September 2003. Pags. 151--161. Google ScholarDigital Library
R Prieto-Diaz, Requirements Engineering in the Information Assurance Domain: The Common Criteria Evaluation Process. In Perspectives on Software Requirements, 2004 - pages 139--168 Kluwer Academic PublishersGoogle ScholarCross Ref
Devanbu, P.; Stubblebine, S. Software Engineering for Security: a Roadmap. The Future of Software Engineering. Special volume of the proceedings of the 22nd International Conference on Software Engineering - ICSE 2000, (2000). Google ScholarDigital Library
CERT, http://www.cert.org/stats/cert_stats.html, (2007).Google Scholar
Cunha, H.; "Uso de estratégias orientadas a metas para modelagem de requisitos de segurança", Dissertação (Mestrado em Informática) - Departamento de Informática Pontifícia Universidade Católica do Rio de Janeiro, Rio de Janeiro - 2007 - 145 f.Google Scholar
Cysneiros, L. M.; Leite, J. C. S. P., Nonfunctional Requirements: From Elicitation to Conceptual Models. IEEE Trans. Software Eng. 30(5): 328--350 (2004). Google ScholarDigital Library
Barry Boehm, Hoh In, "Identifying Quality-Requirement Conflicts" IEEE Software, vol. 13, no. 2, pp. 25--35, Mar., 1996. Google ScholarDigital Library
Chung, L.; Nixon, B.; Yu, E.; Mylopoulos, J. Non-Functional Requirements in Software Engineering. Kluwer Academic Publishers. Boston/Dordrecht/London. 2000Google Scholar
Kelly, G. A., The Psychology of Personal Constructs. New York: Norton, 1955.Google Scholar
González-Baixauli, B., Laguna, M., Leite, J. C. S. P.: "Aplicación de la Teoría de Constructos Personales a la Elicitación de Requisitos" Revista IEEE América Latina Vol. 3(1), 2005. Avail. at http://www.ewh.ieee.org/reg/9/etrans/Google Scholar
Ford, K. M., Petry, F. E., Adams-Webber, J. R., and Chang, P. J.: "An Approach to Knowledge Acquisition Based on the Structure of Personal Construct Systems," IEEE Trans. Knowledge and Data Eng., 3(1), pp. 78--88. 1991. Google ScholarDigital Library
Gonzalez-Baixauli, B.; Leite, J. C. S. P.; Laguna, M. A., "Eliciting Non-Functional Requirements Interactions Using the Personal Construct Theory," Requirements Engineering, 14th IEEE International Conference, vol., no., pp. 347--348, 11--15 Sept. 2006 Google ScholarDigital Library
Giorgini, P., Mylopoulos, J., Nicchiarelli, E., and Sebastiani, R., "Reasoning with Goal Models," In: 21st Intl. Conference on Conceptual Modeling (ER 02), pp. 167--181. Google ScholarDigital Library
Leite, J. C. S. P.; Yu, Y.; Liu, L.; Yu, E.; Mylopoulos, J., Quality-Based Software Reuse. CAiSE 2005: 535--550 Google ScholarDigital Library
Mussbacher, G.; Whittle, J.; Amyot, D., Semantic-Based Interaction Detection in Aspect-Oriented Scenarios. 17^th IEEE Requirements Engineering Conference, IEEE Computer Society Press, pp. 203--212, 2009. Google ScholarDigital Library

Index Terms

Transparency versus security: early analysis of antagonistic requirements
1. Software and its engineering
  1. Software creation and management
    1. Software development process management
      1. Software development methods

Recommendations

iStar Goal Model to Z Formal Model Translation and Model Checking of CBTC Moving Block Interlocking System
The reliability and safety of complex software systems are provided by extracting safety requirements from regulations and operational environments and later specifying these requirements precisely. At the early stage, these extracted safety requirements ...
Read More
Transparency and Accountability After 2015: e-Parliament for Citizens' Engagement in the Ghanaian Environment
ICEGOV '15-16: Proceedings of the 9th International Conference on Theory and Practice of Electronic Governance

Beyond providing information, Information and Communication Technology (ICT) really contributes to citizens' participation to public debate. With the use of ICT, Civil societies have played a big role especially in the areas of training, research, ...
Read More
Using internet to promote the transparency and fight corruption: Latin American transparency portals
ICEGOV '10: Proceedings of the 4th International Conference on Theory and Practice of Electronic Governance

The right to social control of the government refers to the monitoring of the formulation of policies and initiatives of government by citizens and their social organizations. This category of rights creates conditions for the establishment of relations ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SAC '10: Proceedings of the 2010 ACM Symposium on Applied Computing
March 2010
2712 pages
ISBN:9781605586397
DOI:10.1145/1774088
Conference Chairs:
Sung Y. Shin
South Dakota State University
,
Sascha Ossowski
University Rey Juan Carlos, Spain
,
Michael Schumacher
University of Applied Sciences Western Switzerland, Switzerland
,
Program Chairs:
Mathew J. Palakal
Indiana University Purdue University
,
Chih-Cheng Hung
Southern Polytechnic State University
Copyright © 2010 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 22 March 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
antagonistic requirements
early requirements
security
transparency
Qualifiers
- research-article
Conference

Acceptance Rates
SAC '10 Paper Acceptance Rate364of1,353submissions,27%Overall Acceptance Rate1,650of6,669submissions,25%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 12
  Total Citations
  View Citations
- 338
  Total Downloads
- Downloads (Last 12 months)10
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Transparency versus security: early analysis of antagonistic requirements

SAC '10: Proceedings of the 2010 ACM Symposium on Applied Computing

ABSTRACT

References

Cited By

Index Terms

Recommendations

iStar Goal Model to Z Formal Model Translation and Model Checking of CBTC Moving Block Interlocking System

Transparency and Accountability After 2015: e-Parliament for Citizens' Engagement in the Ghanaian Environment

Using internet to promote the transparency and fight corruption: Latin American transparency portals