Pris Tool: A Case Tool For Privacy-Oriented Requirements Engineering

PriS is a security and privacy requirements engineering method which aims on incorporating privacy requirements early in the system development process. Specifically, PriS provides a set of concepts for modelling privacy requirements in the organisation domain and a systematic way-of-working for translating these requirements into system models. In this paper we present the PriS conceptual framework and a case tool that assist PriS way of working the PriS-Tool. Specifically, PriS-Tool assist developers by offering design capabilities of the organization’s goal-process model, helps them to monitor the impact of privacy requirements on organisation’s goals and processes, suggests them a set of implementation techniques for the realization of the privacy related processes and offers guidance throughout this process

Towards a Unified Meta-Model for Goal Oriented Modelling

Goal oriented modelling (GOM) is one of the most prominent and widely accepted techniques in information systems research. Since the early 1990’s, a large number of GOM approaches have been proposed aiming to a better alignment between business strategy and the behaviour of supporting systems. Different GOM approaches focus on different activities in the early stages of system development and propose a variety of strategies for reasoning about goals. A number of researchers have stressed the advantages of integrating different GOM techniques, especially in the context of modern global business environments. This is evidenced in the increasing number of publications in this area. However as each GOM language (even versions of the same language) comes with its own syntactic and semantic singularities, such integration requires a number of complicated transformations which is a major obstacle to model and tool interoperability, and prevent wider adoption by practitioners. In order to provide a unified view of GOM, one needs a common understanding of GOM concepts, their semantics and deployment. To this end, this paper proposes a language independent meta-model based on the analysis of eight GOM languages. Generic concepts were identified and a robust semantic definition among these concepts was built in a unified meta-model. We claim that the unified GOM meta-model could help in a) analysing existing goal models in order to provide insights regarding different goal modelling perspectives b) identify semantic similarities / overlaps between existing GOM techniques c) provide the basis for a reference model for GOM

ONTOLOGY DRIVEN ACCESS TO MUSEUM INFORMATION

Cultural Heritage documents deal with objects/artifacts and the people that created, owned, used, or (re)discovered them. Their fates are intertwined in unique and complex stories forming a cumulative body of knowledge, often fragmented across large online document collections. While our collective memory has explicitly documented these stories, the heterogeneity and distribution of the available sources creates islands of information that can only be implicitly connected by a limited, expert audience. This paper presents a semantically consistent framework for the online presence of Cultural Heritage document collections, set upon a participatory centre stage and supported by a shared knowledge model, the CIDOC CRM ontology. In this framework, Cultural Heritage document contributors are peer-to-peer network nodes that beneÞ t from: a schema-based network topology; a transparent, self-organised, self-optimised network infrastructure; knowledge-rich document processing modules which analyse and classify each contribution, capture the notion of time and the unfolding of events spanning a single or multiple documents, and establish meaning connectivity over the entire collection. Overall, this framework assists a scholarly audience with the exploration of online distributed Cultural Heritage document collections, and offers an informed tap into the collective memory scattered therein. Cultural Heritage documents deal with objects/ artifacts and the people that created, owned, used, or (re)discovered them. Their fates are intertwined in unique and complex stories forming a cumulative body of knowledge, often fragmented across online document collections. While our collective memory has explicitly documented these stories, the heterogeneity of the available sources creates islands of information that can only be implicitly connected by a limited, expert audience. This paper presents a semantically consistent framework for the online presence of Cultural Heritage document collections, set upon a participatory centre stage and supported by a shared knowledge model. In this framework, Cultural Heritage document contributors beneÞ t from knowledgerich document processing modules which analyse and classify each contribution, capture the notion of time and the unfolding of events spanning a single or multiple documents, and establish meaning connectivity over the entire collection. Overall, this framework assists a scholarly audience with the exploration of online Cultural Heritage document collections, and offers an informed tap into the collective memory scattered therein

Privacy as an Integral Part of the Implementation of Cloud Solutions

Bridging the gap between design and implementation stages has been a major concern of designers, analysts and developers of information systems (ISs) and a major aspiration of a number of IS engineering approaches. Cloud computing exacerbates the strain on traditional IS engineering approaches that service-oriented computing has started. At the same time, recent research has argued about the importance of security and privacy in a cloud environment and highlighted a number of security and privacy challenges that are not present in traditional environments and need special attention when implementing or migrating ISs into a cloud environment. This paper contributes to this direction. Specifically, it presents a number of privacy-related cloud properties that analysts need to consider when designing privacy-aware systems in a cloud environment. Also it indicates a number of implementation techniques that can assist developers in assuring the respective properties

Towards the design of secure and privacy-oriented Information systems in the cloud: Identifying the major concepts

Cloud computing is without a doubt one of the most significant innovations presented in the global technological map. This new generation of technology has the potential to positively change our lives since on the one hand it provides capabilities that make our digital lives much easier, than before, while on the other hand it assists developers in creating services that can be disseminated easier and faster, than before, and with significantly less cost. However, one of the major research challenges for the successful deployment of cloud services is a clear understanding of security and privacy issues on a cloud environment, since the cloud architecture has dissimilarities comparing to the traditional distributed systems. Such differences might introduce new threats and require different treatment of security and privacy issues. Nevertheless, current security and privacy requirements engineering techniques and methodologies have not been developed with cloud computing in mind and fail to capture the unique characteristics of such domain. It is therefore important to understand security and privacy within the context of cloud computing and identify relevant security and privacy properties and threats that will support techniques and methodologies aimed to analyze and design secure cloud based systems. The contribution of this paper to the literature is two-fold. Firstly, it provides a clear linkage between a set of critical cloud computing areas with security and privacy threats and properties. Secondly, it introduces a number of requirements for analysis and design methodologies to consider for security and privacy concerns in the cloud

Towards specification of a software architecture for cross-sectoral big data applications

The proliferation of Big Data applications puts pressure on improving and optimizing the handling of diverse datasets across different domains. Among several challenges, major difficulties arise in data-sensitive domains like banking, telecommunications, etc., where strict regulations make very difficult to upload and experiment with real data on external cloud resources. In addition, most Big Data research and development efforts aim to address the needs of IT experts, while Big Data analytics tools remain unavailable to non-expert users to a large extent. In this paper, we report on the work-in-progress carried out in the context of the H2020 project I-BiDaaS (Industrial-Driven Big Data as a Self-service Solution) which aims to address the above challenges. The project will design and develop a novel architecture stack that can be easily configured and adjusted to address cross-sectoral needs, helping to resolve data privacy barriers in sensitive domains, and at the same time being usable by non-experts. This paper discusses and motivates the need for Big Data as a self-service, reviews the relevant literature, and identifies gaps with respect to the challenges described above. We then present the I-BiDaaS paradigm for Big Data as a self-service, position it in the context of existing references, and report on initial work towards the conceptual specification of the I-BiDaaS software architecture.This work is supported by the IBiDaaS project, funded by the European Commission under Grant Agreement No. 780787.Peer ReviewedPostprint (author's final draft

Capability Modeling with Application on Large-scale Sports Events

The motivation for the work presented in this paper is based on the need for the design of services that meet the challenges of alignment, agility and sustainability in relation to dynamically changing enterprise requirements. Using the planning for the staging of large-scale sports events as the motivating example, the paper introduces the challenges to stakeholders involved in this process and advocates a capability-oriented approach for successfully addressing these challenges. The key concepts to this approach are presented together with the key design process steps