• DocumentCode
    2620653
  • Title

    Detecting Conflicts of Interest

  • Author

    Giorgini, Paolo ; Massacci, Fabio ; Mylopoulos, John ; Zannone, Nicola

  • Author_Institution
    Trento Univ.
  • fYear
    2006
  • fDate
    11-15 Sept. 2006
  • Firstpage
    315
  • Lastpage
    318
  • Abstract
    System vulnerabilities are often caused by the presence of conflicts within the organization where the system-to-be would eventually operate. In particular, conflicts of interest are very harmful since actors can exploit their positions/roles relative to the system for gaining personal advantage. Capturing and resolving such conflicts is a necessary condition for developing secure information systems. In this paper, we show how conflicts of interest can be formally detected during requirements analysis. This allows system designers to investigate the causes for which conflicts may occur in an organization. Thereby, they can better understand the organizational structure and so provide appropriate countermeasures to resolve or at least mitigate them
  • Keywords
    information systems; security of data; systems analysis; conflicts of interest; organizational structure; requirements analysis; secure information systems; system vulnerabilities; Humans; Incentive schemes; Information systems; Law; Legal factors; Proposals; Protection; Security; Software engineering; Software systems;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Requirements Engineering, 14th IEEE International Conference
  • Conference_Location
    Minneapolis/St. Paul, MN
  • ISSN
    1090-705X
  • Print_ISBN
    978-0-7695-2555-6
  • Type

    conf

  • DOI
    10.1109/RE.2006.16
  • Filename
    1704085
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2620653