275,216 research outputs found
Process business modeling of emerging security threats with BPMN extension
Effective and rational management of a company cannot take place without the use of information technologies. Additionally, according to specific security requirements to protect the IT system against different threats, the development of a security system is significant for the companies and their clients and satisfactory common cooperation. The BPMN (Business Process Model and Notation) can be used for this purpose; however, the basic version of BPMN and its current extensions do not support the service of security threats. For this reason, we propose to extend the BPMN to be possible to model the chosen security issues coming from company business processes. The paper deals with the selected aspects of security requirements modeling in terms of emerging threats on the example of existing extensions of business process modeling language and the proposition of BPMN extension for chosen security issues together with the definition of information security policy
Politika kalboje ir kalba politikoje. KorektiÅ”kos kalbos gairÄs Europos Parlamento vidaus ir iÅ”orÄs komunikacijai
The article discusses the key principles invoked and issues addressed while drafting the Lithuanian language version of the Glossary of Sensitive Language for Internal and External Communication of the European Parliament. As a first step, it offers a short overview of the three categories of terminology presented in the Glossary related to disability, LGBTQ+, and race, ethnicity and religion. Thereafter it touches upon the issues pertaining its use in the light of current societal trends, correct and clear language requirements, influence of foreign languages and human rights. The article argues that sensitive language is imperative in communication with disadvantaged groups continuously marred by prejudices, fears, and stereotypes. Based on this proposition the article emphasizes the importance of political correctness as personal stance. At the same time, it exemplifies limitations thereof that could be triggered by the language system itself.Straipsnyje apžvelgiami KorektiÅ”kos kalbos gairių Europos Parlamento vidaus ir iÅ”orÄs komunikacijai rengimo lietuvių kalba atspirties taÅ”kai ir problemos. Vartotinos ir vengtinos sÄ
vokos, kurios Å”iose gairÄse klasifikuojamos ÄÆ tris grupes, susijusias su negalia, LGBTQ+ bei rase, tautybe ir religija, aptariamos ne tik vartojimo tendencijų, taisyklingos kalbos reikalavimų ir kitų kalbų ÄÆtakos, bet ir žmogaus teisių kontekste. Straipsnyje laikomasi nuostatos, kad korektiÅ”ka kalba yra bÅ«tinybÄ komunikuojant su asmenimis, priklausanÄiais pažeidžiamoms visuomenÄs grupÄms, kurias iki Å”iol gaubia prietarai, baimÄs ir stereotipai. Viena vertus, akcentuojama politinio korektiÅ”kumo, kaip asmeninÄs laikysenos, svarba. Kita vertus, remiantis konkreÄiais pavyzdžiais brÄžiamos jo ribos, kurias neretai lemia ne kas kitas, kaip pati kalbos sistema
Arguing security: validating security requirements using structured argumentation
This paper proposes using both formal and structured informal arguments to show that an eventual realized system can satisfy its security requirements. These arguments, called 'satisfaction arguments', consist of two parts: a formal argument based upon claims about domain properties, and a set of informal arguments that justify the claims. Building on our earlier work on trust assumptions and security requirements, we show how using satisfaction arguments assists in clarifying how a system satisfies its security requirements, in the process identifying those properties of domains that are critical to the requirements
Incremental verification and synthesis of discrete-event systems guided by counter-examples
This article presents new approaches to system verification and synthesis based on subsystem verification and the novel combined use of counterexamples and heuristics to identify suitable subsystems incrementally. The scope of safety properties considered is limited to behavioral inclusion and controllability. The verification examples considered provide a comparison of the approaches presented with straightforward state exploration and an understanding of their applicability in an industrial context
Theory of Regulatory Compliance for Requirements Engineering
Regulatory compliance is increasingly being addressed in the practice of
requirements engineering as a main stream concern. This paper points out a gap
in the theoretical foundations of regulatory compliance, and presents a theory
that states (i) what it means for requirements to be compliant, (ii) the
compliance problem, i.e., the problem that the engineer should resolve in order
to verify whether requirements are compliant, and (iii) testable hypotheses
(predictions) about how compliance of requirements is verified. The theory is
instantiated by presenting a requirements engineering framework that implements
its principles, and is exemplified on a real-world case study.Comment: 16 page
- ā¦