The Experts below are selected from a list of 360 Experts worldwide ranked by ideXlab platform
John Mylopoulos - One of the best experts on this subject based on the ideXlab platform.
-
GaiusT: supporting the extraction of rights and obligations for Regulatory Compliance
Requirements Engineering, 2015Co-Authors: Nicola Zeni, Nadzeya Kiyavitskaya, Luisa Mich, James R. Cordy, John MylopoulosAbstract:Ensuring Compliance of software systems with government regulations, policies, and laws is a complex problem. Generally speaking, solutions to the problem first identify rights and obligations defined in the law and then treat these as requirements for the system under design. This work examines the challenge of developing tool support for extracting such requirements from legal documents. To address this challenge, we have developed a tool called GaiusT. The tool is founded on a framework for textual semantic annotation. It semiautomatically generates elements of requirements models, including actors, rights, and obligations. We present the complexities of annotating prescriptive text, the architecture of GaiusT, and the process by which annotation is accomplished. We also present experimental results from two case studies to illustrate the application of the tool and its effectiveness relative to manual efforts. The first case study is based on the US Health Insurance Portability and Accountability Act, while the second analyzes the Italian accessibility law for information technology instruments.
-
nomos 3 reasoning about Regulatory Compliance of requirements
IEEE International Conference on Requirements Engineering, 2014Co-Authors: Silvia Ingolfo, Alberto Siena, John MylopoulosAbstract:The great impact that law has in the RE-process has called for new techniques and procedures to evaluate the alignment of requirements with applicable laws. In this paper we present a modeling language for the evaluation of Compliance of requirements with a piece of law: Nomos 3. We introduce our language and show the reasoning capabilities of our proposal.
-
automated reasoning for Regulatory Compliance
International Conference on Conceptual Modeling, 2013Co-Authors: Alberto Siena, Silvia Ingolfo, Anna Perini, Angelo Susi, John MylopoulosAbstract:Regulatory Compliance is gaining attention from information systems engineers who must design systems that at the same time satisfy stakeholder requirements and comply with applicable laws. In our previous work, we have introduced a conceptual modelling language called Nomos 2 that aids requirements engineers analyze law to identify alternative ways for Compliance. This paper presents an implemented reasoning tool that supports analysis of law models. The technical contributions of the paper include the formalization of reasoning mechanisms, their implementation in the NRTool, as well as an elaborated evaluation framework intended to determine whether the tool is scalable with respect to problem size, complexity as well as search space. The results of our experiments with the tool suggest that this conceptual modelling approach scales to real life Regulatory Compliance problems.
-
arguing Regulatory Compliance of software requirements
Data and Knowledge Engineering, 2013Co-Authors: Silvia Ingolfo, John Mylopoulos, Alberto Siena, Angelo Susi, Anna PeriniAbstract:A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and non-functional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. A pilot industrial case study involving fragments of the Italian regulation on privacy for Electronic Health Records provides preliminary evidence of the framework's adequacy and indicates directions for further improvements.
-
establishing Regulatory Compliance for software requirements
International Conference on Conceptual Modeling, 2011Co-Authors: Silvia Ingolfo, Alberto Siena, John MylopoulosAbstract:A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and nonfunctional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. Our proposed framework is illustrated through a case study involving fragments of the HIPAA regulation.
Silvia Ingolfo - One of the best experts on this subject based on the ideXlab platform.
-
nomos 3 reasoning about Regulatory Compliance of requirements
IEEE International Conference on Requirements Engineering, 2014Co-Authors: Silvia Ingolfo, Alberto Siena, John MylopoulosAbstract:The great impact that law has in the RE-process has called for new techniques and procedures to evaluate the alignment of requirements with applicable laws. In this paper we present a modeling language for the evaluation of Compliance of requirements with a piece of law: Nomos 3. We introduce our language and show the reasoning capabilities of our proposal.
-
automated reasoning for Regulatory Compliance
International Conference on Conceptual Modeling, 2013Co-Authors: Alberto Siena, Silvia Ingolfo, Anna Perini, Angelo Susi, John MylopoulosAbstract:Regulatory Compliance is gaining attention from information systems engineers who must design systems that at the same time satisfy stakeholder requirements and comply with applicable laws. In our previous work, we have introduced a conceptual modelling language called Nomos 2 that aids requirements engineers analyze law to identify alternative ways for Compliance. This paper presents an implemented reasoning tool that supports analysis of law models. The technical contributions of the paper include the formalization of reasoning mechanisms, their implementation in the NRTool, as well as an elaborated evaluation framework intended to determine whether the tool is scalable with respect to problem size, complexity as well as search space. The results of our experiments with the tool suggest that this conceptual modelling approach scales to real life Regulatory Compliance problems.
-
arguing Regulatory Compliance of software requirements
Data and Knowledge Engineering, 2013Co-Authors: Silvia Ingolfo, John Mylopoulos, Alberto Siena, Angelo Susi, Anna PeriniAbstract:A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and non-functional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. A pilot industrial case study involving fragments of the Italian regulation on privacy for Electronic Health Records provides preliminary evidence of the framework's adequacy and indicates directions for further improvements.
-
establishing Regulatory Compliance for software requirements
International Conference on Conceptual Modeling, 2011Co-Authors: Silvia Ingolfo, Alberto Siena, John MylopoulosAbstract:A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and nonfunctional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. Our proposed framework is illustrated through a case study involving fragments of the HIPAA regulation.
Alberto Siena - One of the best experts on this subject based on the ideXlab platform.
-
nomos 3 reasoning about Regulatory Compliance of requirements
IEEE International Conference on Requirements Engineering, 2014Co-Authors: Silvia Ingolfo, Alberto Siena, John MylopoulosAbstract:The great impact that law has in the RE-process has called for new techniques and procedures to evaluate the alignment of requirements with applicable laws. In this paper we present a modeling language for the evaluation of Compliance of requirements with a piece of law: Nomos 3. We introduce our language and show the reasoning capabilities of our proposal.
-
automated reasoning for Regulatory Compliance
International Conference on Conceptual Modeling, 2013Co-Authors: Alberto Siena, Silvia Ingolfo, Anna Perini, Angelo Susi, John MylopoulosAbstract:Regulatory Compliance is gaining attention from information systems engineers who must design systems that at the same time satisfy stakeholder requirements and comply with applicable laws. In our previous work, we have introduced a conceptual modelling language called Nomos 2 that aids requirements engineers analyze law to identify alternative ways for Compliance. This paper presents an implemented reasoning tool that supports analysis of law models. The technical contributions of the paper include the formalization of reasoning mechanisms, their implementation in the NRTool, as well as an elaborated evaluation framework intended to determine whether the tool is scalable with respect to problem size, complexity as well as search space. The results of our experiments with the tool suggest that this conceptual modelling approach scales to real life Regulatory Compliance problems.
-
arguing Regulatory Compliance of software requirements
Data and Knowledge Engineering, 2013Co-Authors: Silvia Ingolfo, John Mylopoulos, Alberto Siena, Angelo Susi, Anna PeriniAbstract:A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and non-functional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. A pilot industrial case study involving fragments of the Italian regulation on privacy for Electronic Health Records provides preliminary evidence of the framework's adequacy and indicates directions for further improvements.
-
establishing Regulatory Compliance for software requirements
International Conference on Conceptual Modeling, 2011Co-Authors: Silvia Ingolfo, Alberto Siena, John MylopoulosAbstract:A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and nonfunctional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. Our proposed framework is illustrated through a case study involving fragments of the HIPAA regulation.
Anna Perini - One of the best experts on this subject based on the ideXlab platform.
-
automated reasoning for Regulatory Compliance
International Conference on Conceptual Modeling, 2013Co-Authors: Alberto Siena, Silvia Ingolfo, Anna Perini, Angelo Susi, John MylopoulosAbstract:Regulatory Compliance is gaining attention from information systems engineers who must design systems that at the same time satisfy stakeholder requirements and comply with applicable laws. In our previous work, we have introduced a conceptual modelling language called Nomos 2 that aids requirements engineers analyze law to identify alternative ways for Compliance. This paper presents an implemented reasoning tool that supports analysis of law models. The technical contributions of the paper include the formalization of reasoning mechanisms, their implementation in the NRTool, as well as an elaborated evaluation framework intended to determine whether the tool is scalable with respect to problem size, complexity as well as search space. The results of our experiments with the tool suggest that this conceptual modelling approach scales to real life Regulatory Compliance problems.
-
arguing Regulatory Compliance of software requirements
Data and Knowledge Engineering, 2013Co-Authors: Silvia Ingolfo, John Mylopoulos, Alberto Siena, Angelo Susi, Anna PeriniAbstract:A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of Regulatory Compliance for software systems has been growing, as regulations are increasingly impacting both the functional and non-functional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on Compliance. In this paper we propose a framework for establishing Regulatory Compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nomos). In addition, we adopt and integrate with i* and Nomos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. A pilot industrial case study involving fragments of the Italian regulation on privacy for Electronic Health Records provides preliminary evidence of the framework's adequacy and indicates directions for further improvements.
Jomol Mathew - One of the best experts on this subject based on the ideXlab platform.
-
carenet building a secure software defined infrastructure for home based healthcare
International Workshop on Security, 2017Co-Authors: Yan Luo, Yu Cao, Jomol MathewAbstract:Healthcare network and computing infrastructure is rapidly changing from closed environments to open environments that incorporate new devices and new application scenarios. Home-based healthcare is such an example of leveraging pervasive sensors and analyzing sensor data (often in real-time) to guide therapy or intervene. In this paper, we address the challenges in Regulatory Compliance when designing and deploying healthcare applications on a heterogeneous cloud environment. We propose CareNet framework, consisting of a set of abstraction and APIs, to allow the specification of Compliance requirements. This work is a collaboration among computer scientists, medical researchers, healthcare IT and healthcare providers, and its goal is to reduce the gap between the availability of software defined infrastructure and meeting Regulatory Compliance in healthcare applications.