Regulatory Compliance

14,000,000 Leading Edge Experts on the ideXlab platform

Scan Science and Technology

Contact Leading Edge Experts & Companies

Scan Science and Technology

Contact Leading Edge Experts & Companies

The Experts below are selected from a list of 360 Experts worldwide ranked by ideXlab platform

John Mylopoulos - One of the best experts on this subject based on the ideXlab platform.

  • GaiusT: supporting the extraction of rights and obligations for Regulatory Compliance
    Requirements Engineering, 2015
    Co-Authors: Nicola Zeni, Nadzeya Kiyavitskaya, Luisa Mich, James R. Cordy, John Mylopoulos
    Abstract:

    Ensuring Compliance of software systems with government regulations, policies, and laws is a complex problem. Generally speaking, solutions to the problem first identify rights and obligations defined in the law and then treat these as requirements for the system under design. This work examines the challenge of developing tool support for extracting such requirements from legal documents. To address this challenge, we have developed a tool called GaiusT. The tool is founded on a framework for textual semantic annotation. It semiautomatically generates elements of requirements models, including actors, rights, and obligations. We present the complexities of annotating prescriptive text, the architecture of GaiusT, and the process by which annotation is accomplished. We also present experimental results from two case studies to illustrate the application of the tool and its effectiveness relative to manual efforts. The first case study is based on the US Health Insurance Portability and Accountability Act, while the second analyzes the Italian accessibility law for information technology instruments.

  • nomos 3 reasoning about Regulatory Compliance of requirements
    IEEE International Conference on Requirements Engineering, 2014
    Co-Authors: Silvia Ingolfo, Alberto Siena, John Mylopoulos
    Abstract:

    The great impact that law has in the RE-process has called for new techniques and procedures to evaluate the alignment of requirements with applicable laws. In this paper we present a modeling language for the evaluation of Compliance of requirements with a piece of law: Nomos 3. We introduce our language and show the reasoning capabilities of our proposal.

  • automated reasoning for Regulatory Compliance
    International Conference on Conceptual Modeling, 2013
    Co-Authors: Alberto Siena, Silvia Ingolfo, Anna Perini, Angelo Susi, John Mylopoulos
    Abstract:

    Regulatory Compliance is gaining attention from information systems engineers who must design systems that at the same time satisfy stakeholder requirements and comply with applicable laws. In our previous work, we have introduced a conceptual modelling language called Nomos 2 that aids requirements engineers analyze law to identify alternative ways for Compliance. This paper presents an implemented reasoning tool that supports analysis of law models. The technical contributions of the paper include the formalization of reasoning mechanisms, their implementation in the NRTool, as well as an elaborated evaluation framework intended to determine whether the tool is scalable with respect to problem size, complexity as well as search space. The results of our experiments with the tool suggest that this conceptual modelling approach scales to real life Regulatory Compliance problems.

  • arguing Regulatory Compliance of software requirements
    Data and Knowledge Engineering, 2013
    Co-Authors: Silvia Ingolfo, John Mylopoulos, Alberto Siena, Angelo Susi, Anna Perini
    Abstract:

    A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and non-functional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. A pilot industrial case study involving fragments of the Italian regulation on privacy for Electronic Health Records provides preliminary evidence of the framework's adequacy and indicates directions for further improvements.

  • establishing Regulatory Compliance for software requirements
    International Conference on Conceptual Modeling, 2011
    Co-Authors: Silvia Ingolfo, Alberto Siena, John Mylopoulos
    Abstract:

    A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and nonfunctional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. Our proposed framework is illustrated through a case study involving fragments of the HIPAA regulation.

Silvia Ingolfo - One of the best experts on this subject based on the ideXlab platform.

  • nomos 3 reasoning about Regulatory Compliance of requirements
    IEEE International Conference on Requirements Engineering, 2014
    Co-Authors: Silvia Ingolfo, Alberto Siena, John Mylopoulos
    Abstract:

    The great impact that law has in the RE-process has called for new techniques and procedures to evaluate the alignment of requirements with applicable laws. In this paper we present a modeling language for the evaluation of Compliance of requirements with a piece of law: Nomos 3. We introduce our language and show the reasoning capabilities of our proposal.

  • automated reasoning for Regulatory Compliance
    International Conference on Conceptual Modeling, 2013
    Co-Authors: Alberto Siena, Silvia Ingolfo, Anna Perini, Angelo Susi, John Mylopoulos
    Abstract:

    Regulatory Compliance is gaining attention from information systems engineers who must design systems that at the same time satisfy stakeholder requirements and comply with applicable laws. In our previous work, we have introduced a conceptual modelling language called Nomos 2 that aids requirements engineers analyze law to identify alternative ways for Compliance. This paper presents an implemented reasoning tool that supports analysis of law models. The technical contributions of the paper include the formalization of reasoning mechanisms, their implementation in the NRTool, as well as an elaborated evaluation framework intended to determine whether the tool is scalable with respect to problem size, complexity as well as search space. The results of our experiments with the tool suggest that this conceptual modelling approach scales to real life Regulatory Compliance problems.

  • arguing Regulatory Compliance of software requirements
    Data and Knowledge Engineering, 2013
    Co-Authors: Silvia Ingolfo, John Mylopoulos, Alberto Siena, Angelo Susi, Anna Perini
    Abstract:

    A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and non-functional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. A pilot industrial case study involving fragments of the Italian regulation on privacy for Electronic Health Records provides preliminary evidence of the framework's adequacy and indicates directions for further improvements.

  • establishing Regulatory Compliance for software requirements
    International Conference on Conceptual Modeling, 2011
    Co-Authors: Silvia Ingolfo, Alberto Siena, John Mylopoulos
    Abstract:

    A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and nonfunctional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. Our proposed framework is illustrated through a case study involving fragments of the HIPAA regulation.

Alberto Siena - One of the best experts on this subject based on the ideXlab platform.

  • nomos 3 reasoning about Regulatory Compliance of requirements
    IEEE International Conference on Requirements Engineering, 2014
    Co-Authors: Silvia Ingolfo, Alberto Siena, John Mylopoulos
    Abstract:

    The great impact that law has in the RE-process has called for new techniques and procedures to evaluate the alignment of requirements with applicable laws. In this paper we present a modeling language for the evaluation of Compliance of requirements with a piece of law: Nomos 3. We introduce our language and show the reasoning capabilities of our proposal.

  • automated reasoning for Regulatory Compliance
    International Conference on Conceptual Modeling, 2013
    Co-Authors: Alberto Siena, Silvia Ingolfo, Anna Perini, Angelo Susi, John Mylopoulos
    Abstract:

    Regulatory Compliance is gaining attention from information systems engineers who must design systems that at the same time satisfy stakeholder requirements and comply with applicable laws. In our previous work, we have introduced a conceptual modelling language called Nomos 2 that aids requirements engineers analyze law to identify alternative ways for Compliance. This paper presents an implemented reasoning tool that supports analysis of law models. The technical contributions of the paper include the formalization of reasoning mechanisms, their implementation in the NRTool, as well as an elaborated evaluation framework intended to determine whether the tool is scalable with respect to problem size, complexity as well as search space. The results of our experiments with the tool suggest that this conceptual modelling approach scales to real life Regulatory Compliance problems.

  • arguing Regulatory Compliance of software requirements
    Data and Knowledge Engineering, 2013
    Co-Authors: Silvia Ingolfo, John Mylopoulos, Alberto Siena, Angelo Susi, Anna Perini
    Abstract:

    A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and non-functional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. A pilot industrial case study involving fragments of the Italian regulation on privacy for Electronic Health Records provides preliminary evidence of the framework's adequacy and indicates directions for further improvements.

  • establishing Regulatory Compliance for software requirements
    International Conference on Conceptual Modeling, 2011
    Co-Authors: Silvia Ingolfo, Alberto Siena, John Mylopoulos
    Abstract:

    A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and nonfunctional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. Our proposed framework is illustrated through a case study involving fragments of the HIPAA regulation.

Anna Perini - One of the best experts on this subject based on the ideXlab platform.

  • automated reasoning for Regulatory Compliance
    International Conference on Conceptual Modeling, 2013
    Co-Authors: Alberto Siena, Silvia Ingolfo, Anna Perini, Angelo Susi, John Mylopoulos
    Abstract:

    Regulatory Compliance is gaining attention from information systems engineers who must design systems that at the same time satisfy stakeholder requirements and comply with applicable laws. In our previous work, we have introduced a conceptual modelling language called Nomos 2 that aids requirements engineers analyze law to identify alternative ways for Compliance. This paper presents an implemented reasoning tool that supports analysis of law models. The technical contributions of the paper include the formalization of reasoning mechanisms, their implementation in the NRTool, as well as an elaborated evaluation framework intended to determine whether the tool is scalable with respect to problem size, complexity as well as search space. The results of our experiments with the tool suggest that this conceptual modelling approach scales to real life Regulatory Compliance problems.

  • arguing Regulatory Compliance of software requirements
    Data and Knowledge Engineering, 2013
    Co-Authors: Silvia Ingolfo, John Mylopoulos, Alberto Siena, Angelo Susi, Anna Perini
    Abstract:

    A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and non-functional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. A pilot industrial case study involving fragments of the Italian regulation on privacy for Electronic Health Records provides preliminary evidence of the framework's adequacy and indicates directions for further improvements.

Jomol Mathew - One of the best experts on this subject based on the ideXlab platform.

  • carenet building a secure software defined infrastructure for home based healthcare
    International Workshop on Security, 2017
    Co-Authors: Yan Luo, Yu Cao, Jomol Mathew
    Abstract:

    Healthcare network and computing infrastructure is rapidly changing from closed environments to open environments that incorporate new devices and new application scenarios. Home-based healthcare is such an example of leveraging pervasive sensors and analyzing sensor data (often in real-time) to guide therapy or intervene. In this paper, we address the challenges in Regulatory Compliance when designing and deploying healthcare applications on a heterogeneous cloud environment. We propose CareNet framework, consisting of a set of abstraction and APIs, to allow the specification of Compliance requirements. This work is a collaboration among computer scientists, medical researchers, healthcare IT and healthcare providers, and its goal is to reduce the gap between the availability of software defined infrastructure and meeting Regulatory Compliance in healthcare applications.

Regulatory Compliance - 15 days free trial to Access Experts & Abstracts