A Brokering Framework for Assessing Legal Risks in Big Data and the Cloud

“Cloud computing” and “Big Data” are amongst the most hyped-up terms and buzzwords of the moment. After decades in which individuals and companies used to host their data and applications using their own IT infrastructure, the world has seen the stunning transformation of the Internet. Major shifts occurred when these infrastructures began to be outsourced to public Cloud providers to match commercial expectations. Storing, sharing and transferring data and databases over the Internet is convenient, yet legal risks cannot be eliminated. Legal risk is a fast-growing area of research and covers various aspects of law. Current studies and research on Cloud computing legal risk assessment have been, however, limited in scope and focused mainly on security and privacy aspects. There is little systematic research on the risks, threats and impact of the legal issues inherent to database rights and “ownership” rights of data. Database rights seem to be outdated and there is a significant gap in the scientific literature when it comes to the understanding of how to apply its provisions in the Big Data era. This means that we need a whole new framework for understanding, protecting and sharing data in the Cloud. The scheme we propose in this chapter is based on a risk assessment-brokering framework that works side by side with Service Level Agreements (SLAs). This proposed framework will provide better control for Cloud users and will go a long way to increase confidence and reinforce trust in Cloud computing transactions

ISO/IEC 27001: An empirical multi-method research

The adoption of digital technologies, the emergence of platform-based business models, and the switch to smart working practices are increasing the number of potential entry points in firms’ networks and therefore their potential vulnerabilities. However, despite the relevance of the issue, the managerial debate on the topic is still scant and several research gaps exist. Under this premise, this doctoral thesis touches on the following aspects. First, by discussing the issue with senior executives and information security experts, it highlights the most relevant information security challenges in the context of Industry 4.0. In doing this, it also shows where current approaches fail short, and what emerging practices are gaining relevance. Second, by conducting a systematic literature review, the thesis provides a comprehensive synthesis of the academic body of knowledge on ISO/IEC 27001 (i.e., the most renowned international management standard for information security and the fourth most widespread ISO certification) as well as it formulates a theory-based research agenda to inspire future studies at the intersection between information systems and managerial disciplines. Third, by resorting to Grey models, it investigates the current and future diffusion patterns of ISO/IEC 27001 in the six most important countries in terms of issued certificates. Fourth, by performing an event study complemented by an ordinary least squares regression on a dataset of 143 US-listed companies, the dissertation sheds light on the performance implications of ISO/IEC 27001 adoption as well as the role of some contextual factors in affecting the outcomes of the adoption. Overall, this doctoral thesis provides several contributions to both theory and practice. From a theoretical point of view, it highlights the need for managerial disciplines to start addressing information security-related aspects. Moreover, it demonstrates that investments in information security pay off also from a financial perspective. From a practical point of view, it shows the increasingly central role that ISO/IEC 27001 is likely to have in the years to come and it provides managers with evidence on the possible performance effects associated to its adoption.The adoption of digital technologies, the emergence of platform-based business models, and the switch to smart working practices are increasing the number of potential entry points in firms’ networks and therefore their potential vulnerabilities. However, despite the relevance of the issue, the managerial debate on the topic is still scant and several research gaps exist. Under this premise, this doctoral thesis touches on the following aspects. First, by discussing the issue with senior executives and information security experts, it highlights the most relevant information security challenges in the context of Industry 4.0. In doing this, it also shows where current approaches fail short, and what emerging practices are gaining relevance. Second, by conducting a systematic literature review, the thesis provides a comprehensive synthesis of the academic body of knowledge on ISO/IEC 27001 (i.e., the most renowned international management standard for information security and the fourth most widespread ISO certification) as well as it formulates a theory-based research agenda to inspire future studies at the intersection between information systems and managerial disciplines. Third, by resorting to Grey models, it investigates the current and future diffusion patterns of ISO/IEC 27001 in the six most important countries in terms of issued certificates. Fourth, by performing an event study complemented by an ordinary least squares regression on a dataset of 143 US-listed companies, the dissertation sheds light on the performance implications of ISO/IEC 27001 adoption as well as the role of some contextual factors in affecting the outcomes of the adoption. Overall, this doctoral thesis provides several contributions to both theory and practice. From a theoretical point of view, it highlights the need for managerial disciplines to start addressing information security-related aspects. Moreover, it demonstrates that investments in information security pay off also from a financial perspective. From a practical point of view, it shows the increasingly central role that ISO/IEC 27001 is likely to have in the years to come and it provides managers with evidence on the possible performance effects associated to its adoption

Supporting data-driven software development life-cycles with bug bounty programmes

A growing number of organisations are utilising the skills of a global base of white-hat hackers in order to identify pre- and post-deployment vulnerabilities. Despite the widespread adoption of bug bounty programmes, there remain many uncertainties regarding the efficacy of this relatively novel security activity, especially when considering their adoption alongside existing software development lifecycles. This dissertation explores how bug bounty programmes can be used to support data-driven software development lifecycles. To achieve this outcome, the dissertation presents four distinct contributions. The first contribution concerns the usage of Crowdsourced Vulnerability Discovery (CVD) (of which bug bounty programmes are a part) within organisations. This includes the presentation of expert opinion pertaining to the benefits and shortcomings of existing approaches, and identification of the extent to which CVD programmes are used in software development lifecycles. The second contribution explores the benefits and drawbacks of hosting a programme on a bug bounty platform (a centralised repository of programmes operated by a third party). Empirical analysis of operating characteristics helps address concerns around the long-term viability of programme operation, and allows for a comparison to be made between the cost of expanding a security team and the cost of running a programme. The third contribution examines the extent to which participating in the search for vulnerabilities is a viable long-term strategy for hackers based on bug bounty platforms. The results demonstrate that participation is infeasible, even on a short-term basis, for significant numbers of hackers, highlighting the shortcomings of the current approach used by platforms. Building on the first three, the fourth contribution explores CVD programme policies, and the extent to which pertinent information, particularly in reference to legal constraints, is communicated to hackers. A systematic review reveals the commonplace elements that form current policy documents, enabling organisations to identify gaps within their own programme policies and form policies that are consistent with peers

Quality-driven Reuse of Model-based Software Architecture Elements

In software development, components are increasingly being reused, especially for the implementation of standard functionalities making software development more cost-efficient. At design time, however, it is often unclear which solution providing these functionalities fits the requirements of the software system. This work proposes a method and tool enabling software architects to automatically evaluate the effects on the quality attributes of software architectures when reusing features

Domain- and Quality-aware Requirements Engineering for Law-compliant Systems

Titel in deutscher Übersetzung: Domänen- und qualitätsgetriebene Anforderungserhebung für gesetzeskonforme Systeme Der bekannte Leitsatz in der Anforderungserhebung und -analyse besagt, dass es schwierig ist, das richtige System zu bauen, wenn man nicht weiß, was das 'Richtige' eigentlich ist. Es existieren überzeugende Belege, dass dieser Leitsatz die Notwendigkeit der Anforderungserhebung und -analyse exakt definiert und beschreibt. Zum Beispiel ergaben Studien, dass das Beheben von Defekten in einer Software, die bereits produktiv genutzt wird, bis zu 80 mal so teuer ist wie das frühzeitige Beheben der korrespondierenden Defekte in den Anforderungen. Generell hat es sich gezeigt, dass das Durchführen einer angemessenen Anforderungserhebung und -analyse ein wichtiger Erfolgsfaktor für Softwareentwicklungsprojekte ist. Während der Progression von den initialen Wünschen der beteiligten Interessensvertretern für ein zu entwickelndes System zu einer Spezifikation für eben dieses Systems müssen Anforderungsanalysten einen komplexen Entscheidungsprozess durchlaufen, der die initialen Wünsche in die Spezifikation überführt. Tatsächlich wird das Treffen von Entscheidungen als integraler Bestandteil der Anforderungsanalyse gesehen. In dieser Arbeit werden wir versuchen zu verstehen welche Aktivitäten und Information von Nöten sind, um eine fundierte Auswahl von Anforderungen vorzunehmen, welche Herausforderungen damit verbunden sind, wie eine ideale Lösung zur Anforderungswahl aussehen könnte und in welchen Bereichen der aktuelle Stand der Technik in Bezug auf diese ideale Lösung lückenhaft ist. Innerhalb dieser Arbeit werden wir die Informationen, die notwendig für eine fundierte Anforderungsauswahl sind, identifizieren, einen Prozess präsentieren, um diese notwendigen Informationen zu sammeln, die Herausforderungen herausstellen, die durch diesen Prozess und die damit verbundenen Aktivitäten adressiert werden und eine Auswahl von Methoden diskutieren, mit deren Hilfe man die Aktivitäten des Prozesses umsetzen kann. Die gesammelten Informationen werden dann für eine automatisierte Anforderungsauswahl verwendet. Für die Auswahl kommt ein Optimierungsmodell, das Teil des Beitrags dieser Arbeit ist, zum Einsatz. Da wir während der Erstellung dieser Arbeit zwei große Lücken im Stand der Technik bezüglich unseres Prozesses und der damit verbundenen Aktivitäten identifiziert haben, präsentieren wir darüber hinaus zwei neuartige Methoden für die Kontexterhebung und die Erhebung von rechtlichen Anforderungen, um diese Lücken zu schließen. Diese Methoden sind Teil des Hauptbeitrags dieser Arbeit. Unsere Lösung für der Erhebung des Kontext für ein zu entwickelndes System ermöglicht das Etablieren eines domänenspezifischen Kontextes unter Zuhilfenahme von Mustern für verschiedene Domänen. Diese Kontextmuster erlauben eine strukturierte Erhebung und Dokumentation aller relevanten Interessensvertreter und technischen Entitäten für ein zu entwickelndes System. Sowohl die Dokumentation in Form von grafischen Musterinstanzen und textuellen Vorlageninstanzen als auch die Methode zum Sammeln der notwendigen Informationen sind expliziter Bestandteil jedes Kontextmusters. Zusätzlich stellen wir auch Hilfsmittel für die Erstellung neuer Kontextmuster und das Erweitern der in dieser Arbeit präsentierten Kontextmustersprache zur Verfügung. Unsere Lösung für die Erhebung von rechtlichen Anforderungen basiert auch auf Mustern und stellt eine Methode bereit, welche es einem erlaubt, die relevanten Gesetze für ein zu erstellendes System, welches in Form der funktionalen Anforderungen bereits beschrieben sein muss, zu identifizieren und welche die bestehenden funktionalen Anforderungen mit den rechtlichen Anforderungen verknüpft. Diese Methode beruht auf der Zusammenarbeit zwischen Anforderungsanalysten und Rechtsexperten und schließt die Verständnislücke zwischen ihren verschiedenartigen Welten. Wir veranschaulichen unseren Prozess unter der Zuhilfenahme eines durchgehenden Beispiels aus dem Bereich der service-orientierten Architekturen. Zusätzlich präsentieren wir sowohl die Ergebnisse der Anwendung unseres Prozesses (bzw. Teilen davon) auf zwei reale Fälle aus den Bereichen von Smart Grids und Wahlsystemen, als auch alle anderen Ergebnisse der wissenschaftlichen Methoden, die wir genutzt haben, um unsere Lösung zu fundieren und validieren.The long known credo of requirements engineering states that it is challenging to build the right system if you do not know what right is. There is strong evidence that this credo exactly defines and describes the necessity of requirements engineering. Fixing a defect when it is already fielded is reported to be up to eighty times more expensive than fixing the corresponding requirements defects early on. In general, conducting sufficient requirements engineering has shown to be a crucial success factor for software development projects. Throughout the progression from initial stakeholders' wishes regarding the system-to-be to a specification for the system-to-be requirements engineers have to undergo a complex decision process for forming the actual plan connecting stakeholder wishes and the final specification. Indeed, decision making is considered to be an inherent part of requirements engineering. In this thesis, we try to understand which activities and information are needed for selecting requirements, which the challenges are, how an ideal solution for selecting requirements would look like, and where the current state of the art is deficient regarding the ideal solution. Within this thesis we identify the information necessary for an informed requirements selection, present a process in which one collects all the necessary information, highlight the challenges to be addressed by this process and its activities, and a selection of methods to conduct the activities of the process. All the collected information is then used for an automated requirements selection using an optimization model which is also part of the contribution of this thesis. As we identified two major gaps in the state of the art considering the proposed process and its activities, we also present two novel methods for context elicitation and for legal compliance requirements elicitation to fill the gaps as part of the main contribution. Our solution for context elicitation enables a domain-specific context establishment based on patterns for different domains. The context patterns allow a structured elicitation and documentation of relevant stakeholders and technical entities for a system-to-be. Both, the documentation in means of graphical pattern instances and textual template instances as well as the method for collecting the necessary information are explicitly given in each context pattern. Additionally, we also provide the means which are necessary to derive new context patterns and extend our context patterns language which is part of this thesis. Our solution for legal compliance requirements elicitation is a pattern-based and guided method which lets one identify the relevant laws for a system-to-be, which is described in means of functional requirements, and which intertwines the functional requirements with the according legal requirements. This method relies on the collaboration of requirements engineers and legal experts, and bridges the gap between their distinct worlds. Our process is exemplified using a running example in the domain of service oriented architectures. Additionally, the results of applying (parts of) the process to real life cases from the smart grid domain and voting system domain are presented, as well as all other results from the scientific means we took to ground and validate the proposed solutions