Tuesday, 18 April 2017

Computer-Aided Identification and Validation of Intervenability Requirements

an article by Rene Meis and Maritta Heisel (The Ruhr Institute for Software Technology, University of Duisburg-Essen, Germany) published in Information Volume 8 Article 30


Privacy as a software quality is becoming more important these days and should not be underestimated during the development of software that processes personal data.

The privacy goal of intervenability, in contrast to unlinkability (including anonymity and pseudonymity), has so far received little attention in research. Intervenability aims for the empowerment of end-users by keeping their personal data and how it is processed by the software system under their control. Several surveys have pointed out that the lack of intervenability options is a central privacy concern of end-users.

In this paper, we systematically assess the privacy goal of intervenability and set up a software requirements taxonomy that relates the identified intervenability requirements with a taxonomy of transparency requirements.

Furthermore, we provide a tool-supported method to identify intervenability requirements from the functional requirements of a software system. This tool-supported method provides the means to elicit and validate intervenability requirements in a computer-aided way.

Our combined taxonomy of intervenability and transparency requirements gives a detailed view on the privacy goal of intervenability and its relation to transparency.

We validated the completeness of our taxonomy by comparing it to the relevant literature that we derived based on a systematic literature review. The proposed method for the identification of intervenability requirements shall support requirements engineers to elicit and document intervenability requirements in compliance with the EU General Data Protection Regulation.

Full text (HTML)

Hazel’s comment:
I am simply too far away in terms of years from writing software or developing a taxonomy to understand all of this but it seems to make sense.

No comments: