Towards regulatory compliance: Extracting rights and obligations to align requirements with regulations

Proceedings of the IEEE International Conference on Requirements Engineering

Volumn , Issue , 2006, Pages 49-58

  Breaux, Travis D ^a   Vail, Matthew W ^a   Antón, Annie I ^a  

^a North Carolina State University

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER SOFTWARE; ERROR ANALYSIS; MATHEMATICAL MODELS; PARAMETERIZATION; REQUIREMENTS ENGINEERING;

COMPLIANCE OFFICERS; RIGHTS AND OBLIGATIONS; STAKEHOLDERS;

REGULATORY COMPLIANCE;

EID: 38149018837     PISSN: 1090705X     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/RE.2006.68     Document Type: Conference Paper

References (28)

1. A.I. Antón, J.B. Earp, C. Potts and T.A. Alspaugh. "The Role of Policy and Privacy Values in Requirements Engineering," IEEE 5th Int'l Symp. on Reqs. Engr. (RE'01), Toronto, Canada, pp. 138-145, 27-31, 2001.
2. A.I. Antón, C. Potts, "The Use of Goals to Surface Requirements for Evolving Systems." Int'l Conf. on Soft. Engr., Kyoto, Japan, pp. 157-166, 1998.
3. T.D. Breaux, A.I. Antón, "Deriving Semantic Models from Privacy Policies." IEEE 6th Workshop on Policies for Distributed Systems and Networks, Stockholm, Sweden, pp. 67-76, 2005.
4. T.D. Breaux, A.I. Antón, "Analyzing Goal Semantics for Rights, Permissions, and Obligations." IEEE 13th Req'ts. Engr. Conf, Paris, France, pp. 177-186, 2005.
5. T.D. Breaux, A.I. Antón, "Mining Rule Semantics to Understand Legislative Compliance." ACM Workshop on Privacy in Electronic Society, Alexandria, Virginia, USA, pp. 51-54, 2005.
6. T.D. Breaux, A.I. Antón, "Generating Compliance Monitors from Regulations." CSC NCSU Technical Report #TR-2006-09, Raleigh, NC, March 2006.
7. T.J.M. Bench-Capon, G.O. Robinson, T.W. Routen, M.J. Sergot, "Logic Programming For Large Scale Applications in Law: A Formalization of Supplementary Benefit Legislation" 1st Int'l Conf. on AI and Law, Boston, MA, USA, pp. 190-198, 1987.
8. G. Boella, L. van der Torre, "Permissions and Obligations in Hierarchical Normative Systems." 9th Int'l Conf. on AI and Law, Scotland, UK, pp. 109-118, 2003.
9. P. Darke and G. Shanks. "Stakeholder Viewpoints in Requirements Definition: A Framework for Understanding Viewpoint Development Approaches." Requirements Engineering, 1(2) pp. 88-105, 1996.
10. Ernst & Young, Global Information Security Survey 2005: Report on the Widening Gap, 2005.
11. rd Int'l Conf. on Soft. Engr. Toronto, Ontario, Canada, pp. 411-420, 2001.
12. B.C. Glaser and A.L. Strauss, The Discovery of Grounded Theory, Aldine Publishing Co., 1967.
13. P. Giorgini, F. Massacci, J. Mylopoulos, N. Zannone. "Modeling Security Requirements Through Ownership, Permission and Delegation." IEEE 13th Req'ts. Engr. Conf, Paris, France, pp. 167-176, 2005.
14. Health Insurance Portability and Accountability Act, USC H.R. 3103-168, April 2000.
15. Fact Sheet: Protecting the Privacy of Patients' Health Information, U.S. Department of Health and Human Services, Washington D.C., April 14, 2003.
16. J.F. Horty. Deontic logic as founded in nonmonotonic logic. Annals of Mathematics and Artificial Intelligence, v. 9, pp. 69-91, 1993.
17. John F. Horty. Agency and Deontic Logic, Oxford University Press, 2001
18. "Standards for Privacy of Individually Identifiable Health Information." 45 CFR Part 160, Part 164 Subpart E. In Federal Register, vol. 68, no. 34, February 20, 2003, pp. 8334-8381
19. R. Kowalski, "The Treatment of Negation in Logic Programs for Representing Legislation." 2nd Int'l Conf. on AI and Law, Vancouver, BC, Canada, pp.11-15, 1989.
20. S. Kerrigan, K.H. Law, "Logic-based Regulation Compliance- Assistance." 9th Int'l Conf. on Artificial Intelligence and Law, Scotland, UK, pp. 126-135, 2003.
21. A. van Lamsweerde, R. Darimont, E. Letier, "Managing Conflicts in Goal-Driven Requirements Engineering." IEEE Trans, on Soft. Engr. 24(11), pp. 908-926, 1998.
22. th ACM Symp. on Foundations of Soft. Engr., Charleston, SC, USA, pp. 119-128, 2002.
23. Medical Privacy - National Standards to Protect the Privacy of Personal Health Information. Office for Civil Rights, US Department of Health and Human Services. 2000. http://www.hhs.gov/ocr/hipaa/finalreg.html.
24. th Int'l Conf. Soft. Engr. Baltimore, MD, USA, pp. 187-196, 1993.
25. W.N. Robinson, S.D. Pawlowski, V. Volkov, "Requirements Interaction Management." ACM Comp. Surv. 35(2), pp.132-190, 2003.
26. M.J. Sergot, A.S. Kamble, K.K. Bajaj, "Indian Central Civil Service Pension Rules: A Case Study in Logic Programming Applied to Regulations." 3rd Int'l Conf. on AI and Law, Oxford, England, pp. 118-127, 1991.
27. D.M. Sherman, "A Prolog Model of the Income Tax Act of Canada." 1st Int'l Conf. on AI and Law, Boston, MA, USA, pp. 127-136, 1987.
28. I. Sommerville, P. Sawyer, "Viewpoints: Principles, Problems and a Practical Approach to Requirements Engineering." Annals Soft. Eng. 3(0), pp. 101-130, 1997.