Advanced Cloud Privacy Threat Modeling

Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system . This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design

Theory of Regulatory Compliance for Requirements Engineering

Regulatory compliance is increasingly being addressed in the practice of requirements engineering as a main stream concern. This paper points out a gap in the theoretical foundations of regulatory compliance, and presents a theory that states (i) what it means for requirements to be compliant, (ii) the compliance problem, i.e., the problem that the engineer should resolve in order to verify whether requirements are compliant, and (iii) testable hypotheses (predictions) about how compliance of requirements is verified. The theory is instantiated by presenting a requirements engineering framework that implements its principles, and is exemplified on a real-world case study.Comment: 16 page

Environmental Standards, Management Systems and the Illusion of Progress

This paper aims to specify the conceptual and operational limits of codified environmental management systems (EMSs). Taking technical standardization as a departure-point, it is argued that key shortcomings regarding the contribution of EMSs towards environmental performance improvement (and thus ecological sustainability) can be identified: First, there are limitations to the self-regulatory framework adopted by organizations. Second, there are problems inherent within the development of EMS from prior management systems approaches, mostly based on a narrow and limited definition of quality. Third, there are errors of implementation and associated certification which compound a lack of progress in environmental improvement and progress towards sustainability. The implications of these limitations are presented and it is demonstrated that they are compounded by an appearance of progress, when in reality, little is changing. The authors point out that this failure of system based self-regulation argues for a move to performance based regime, driven if necessary by regulation

Limits and opportunities of risk analysis application in railway systems

Risk Analysis is a collection of methods widely used in many industrial sectors. In the transport sector it has been particularly used for air transport applications. The reasons for this wide use are well-known: risk analysis allows to approach the safety theme in a stochastic - rather than deterministic - way, it forces to break down the system in sub-components, last but not least it allows a comparison between solutions with different costs, introducing de facto an element of economic feasibility of the project alternatives in the safety field. Apart from the United Kingdom, in Europe the application of this tool in the railway sector is relatively recent. In particular Directive 2004/49/EC (the "railway safety directive") provides for compulsory risk assessment in relation to the activities of railway Infrastructure Managers (IMs) and of Railway Undertakings (RUs). Nevertheless the peculiarity of the railway system - in which human, procedural, environmental and technological components have a continuous interchange and in which human responsibilities and technological functions often overlap - induced the EC to allow wide margins of subjectivity in the interpretation of risk assessment. When enacting Commission Regulation (EC) No 352/2009 which further regulates this subject, a risk assessment is considered positive also if the IM or RU declare to take safety measures widely used in normal practice. The paper shows the results of a structured comparative analysis of the rail sector and other industrial sectors, which illustrate the difficulties, but also the opportunities, of a transfer towards the railway system of the risk analysis methods currently in use for the other systems

Review and assessment of simplification measures in cohesion policy 2007-2013 : Report to policy department B: structural and cohesion policies

Simplification has been an ongoing feature of Cohesion policy reform debates since 1988, and the most recent simplification exercise responds to the economic crisis and involves measures for speeding up programme implementation. The study by John Bachtler and Carlos Mendez drew on an online survey of IQ-Net partners in May 2010 to assess their experience of individual simplification measures. The research also made extensive use of material from IQ-Net Review papers published over the past 18 months which have reported on the relevance and utility of the simplification exercise. The study found that these measures have been at least partially effective, with some programmes playing a major role in dealing with the crisis, through accelerated spending or special instruments. The longer term focus of attention is on how the current, administratively complex management and control system can be simplified while maintaining assurance on the regularity of spending