Title :
Detecting Conflicts of Interest
Author :
Giorgini, Paolo ; Massacci, Fabio ; Mylopoulos, John ; Zannone, Nicola
Author_Institution :
Trento Univ.
Abstract :
System vulnerabilities are often caused by the presence of conflicts within the organization where the system-to-be would eventually operate. In particular, conflicts of interest are very harmful since actors can exploit their positions/roles relative to the system for gaining personal advantage. Capturing and resolving such conflicts is a necessary condition for developing secure information systems. In this paper, we show how conflicts of interest can be formally detected during requirements analysis. This allows system designers to investigate the causes for which conflicts may occur in an organization. Thereby, they can better understand the organizational structure and so provide appropriate countermeasures to resolve or at least mitigate them
Keywords :
information systems; security of data; systems analysis; conflicts of interest; organizational structure; requirements analysis; secure information systems; system vulnerabilities; Humans; Incentive schemes; Information systems; Law; Legal factors; Proposals; Protection; Security; Software engineering; Software systems;
Conference_Titel :
Requirements Engineering, 14th IEEE International Conference
Conference_Location :
Minneapolis/St. Paul, MN
Print_ISBN :
978-0-7695-2555-6
