TY - GEN
T1 - Requirements Analysis for Privacy Protection and Third Party Awareness Using Logging Models
AU - Kaiya, Haruhiko
AU - Yoshioka, Nobukazu
AU - Okubo, Takao
AU - Washizaki, Hironori
AU - Hazeyama, Atsuo
N1 - Funding Information:
This work was supported by JSPS KAKENHI Grant Number 15H02686, 15K00109 and 16H02804.
Publisher Copyright:
© 2016 The authors and IOS Press. All rights reserved.
PY - 2016
Y1 - 2016
N2 - An information system can store personal information of its primary users such as shopping histories, and some third party wants or happens to know such information. Because the system usually provides its privacy policy and its users have to give their consent to it, they sometimes have to partially give up the protection of their privacy. On the other hand, a chance of a third party to know such information is too limited if the policy is too defensive. We proposed a method to explore trade-offs between protection of such information and access permissions for a third party, and exemplified it. In this method, operation logs of a system are focused. The structure of each log is then modelled for analysing what kinds of information can be accessed by a third party. Access limitations of each third party are explored so as to balance the protection of privacy information against access right of third parties.
AB - An information system can store personal information of its primary users such as shopping histories, and some third party wants or happens to know such information. Because the system usually provides its privacy policy and its users have to give their consent to it, they sometimes have to partially give up the protection of their privacy. On the other hand, a chance of a third party to know such information is too limited if the policy is too defensive. We proposed a method to explore trade-offs between protection of such information and access permissions for a third party, and exemplified it. In this method, operation logs of a system are focused. The structure of each log is then modelled for analysing what kinds of information can be accessed by a third party. Access limitations of each third party are explored so as to balance the protection of privacy information against access right of third parties.
KW - Access Control
KW - Case Grammar
KW - Class Diagram
KW - Privacy Requirements Analysis
KW - Use Cases
UR - http://www.scopus.com/inward/record.url?scp=85139142562&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85139142562&partnerID=8YFLogxK
U2 - 10.3233/978-1-61499-674-3-155
DO - 10.3233/978-1-61499-674-3-155
M3 - Conference contribution
AN - SCOPUS:85139142562
T3 - Frontiers in Artificial Intelligence and Applications
SP - 155
EP - 166
BT - Frontiers in Artificial Intelligence and Applications
A2 - Fujita, Hamido
A2 - Papadopoulos, George Angelos
PB - IOS Press BV
T2 - 15th International Conference on New Trends in Intelligent Software Methodology Tools, and Techniques, SoMeT 2016
Y2 - 13 September 2016 through 15 September 2016
ER -