Title :
Embedding policy rules for software-based systems in a requirements context
Author_Institution :
Dept. of Inf. Syst., Vienna Univ. of Econ. & BA, Austria
Abstract :
Policy rules define what behavior is desired in a software-based system, they do not describe the corresponding action and event sequences that actually "produce" desired ("legal") or undesired ("illegal") behavior. Therefore, policy rules alone are not sufficient to model every (behavioral) aspect of an information system. In other words, like requirements policies only exist in context, and a policy rule set can only be assessed and sensibly interpreted with adequate knowledge of its embedding context. Scenarios and goals are artifacts used in requirements engineering and system design to model different facets of software systems. With respect to policy rules, scenarios are well suited to define how these rules are embedded into a specific environment. A goal is an objective that the system under consideration should or must achieve. Thus, the control objectives of a system must be reflected in the policy rules that actually govern a system\´s behavior.
Keywords :
embedded systems; formal specification; information systems; systems analysis; information system; policy rules; requirements engineering; requirements policies; software-based systems; Authentication; Business communication; Control systems; Information systems; Monitoring; Privacy; Quality of service; Software engineering; Software systems; Systems engineering and theory;
Conference_Titel :
Policies for Distributed Systems and Networks, 2005. Sixth IEEE International Workshop on
Print_ISBN :
0-7695-2265-3
DOI :
10.1109/POLICY.2005.14
