Search For:

Displaying 1-44 out of 44 total
Inquiry-Based Requirements Analysis
Found in: IEEE Software
By Colin Potts, Kenji Takahashi, Annie I. Antón
Issue Date:March 1994
pp. 21-32
<p>This approach emphasizes pinpointing where and when information needs occur; at its core is the inquiry cycle model, a structure for describing and supporting discussions about system requirements. The authors use a case study to describe the mode...
 
An Integrated Scenario Management Strategy
Found in: Requirements Engineering, IEEE International Conference on
By Thomas A. Alspaugh, Annie I. Antón, Tiffany Barnes, Bradford W. Mott
Issue Date:June 1999
pp. 142
Scenarios have proven effective for eliciting, describing and validating software requirements; however, scenario management continues to be a significant challenge to practitioners. One reason for this difficulty is that the number of possible relations a...
 
Facing challenges and having fun
Found in: Computer
By Annie I. Anton
Issue Date:March 2013
pp. 65-66
Reflections on a 15-year career reveal that following your heart and mind will ensure that you're in the right place with regard to school and career choices. This is one of five articles providing personal perspectives on gender diversity in computing. Th...
 
Managing changing compliance requirements by predicting regulatory evolution
Found in: 2012 IEEE 20th International Requirements Engineering Conference (RE)
By Jeremy C. Maxwell,Annie I. Anton,Peter Swire
Issue Date:September 2012
pp. 101-110
Over time, laws change to meet evolving social needs. Requirements engineers that develop software for regulated domains, such as healthcare or finance, must adapt their software as laws change to maintain legal compliance. In the United States, regulatory...
 
Assessing identification of compliance requirements from privacy policies
Found in: 2012 Fifth International Workshop on Requirements Engineering and Law (RELAW)
By Jessica Young Schmidt,Annie I. Anton,Julia B. Earp
Issue Date:September 2012
pp. 52-61
In the United States, organizations can be held liable by the Federal Trade Commission for the statements they make in their privacy policies. Thus, organizations must include their privacy policies as a source of requirements in order to build systems tha...
 
A Method for Identifying Software Requirements Based on Policy Commitments
Found in: Requirements Engineering, IEEE International Conference on
By Jessica D. Young, Annie I. Antón
Issue Date:October 2010
pp. 47-56
Online policy documents—such as privacy policies, notices of privacy practices, and terms of use—describe organizations’ information practices for collecting, storing, and using consumers’ personal information. Organizations need to ensure that the commitm...
 
How Internet Users' Privacy Concerns Have Evolved since 2002
Found in: IEEE Security and Privacy
By Annie I. Antón, Julia B. Earp, Jessica D. Young
Issue Date:January 2010
pp. 21-27
In 2002, the authors established a baseline for Internet users' online privacy values, finding information transfer, notice/awareness, and information storage were the top online privacy concerns. Since this survey, many privacy-related events have occurre...
 
IT Compliance: Aligning Legal and Product Requirements
Found in: IT Professional
By Travis D. Breaux, Annie I. Antón, Kent Boucher, Merlin Dorfman
Issue Date:September 2009
pp. 54-58
Laws and regulations increasingly impose requirements on IT business practices and products. A key difficulty in responding to these requirements emerges from the need to translate legal language structures into domain-specific product specifications. Rese...
 
Developing Production Rule Models to Aid in Acquiring Requirements from Legal Texts
Found in: Requirements Engineering, IEEE International Conference on
By Jeremy C. Maxwell, Annie I. Antón
Issue Date:September 2009
pp. 101-110
Regulatory compliance is an important consideration for requirements engineering because recent regulations impose costly penalties for noncompliance. This paper details how developing production rule models can aid in acquiring software requirements from ...
 
Aligning Requirements with HIPAA in the iTrust System
Found in: Requirements Engineering, IEEE International Conference on
By Aaron K. Massey, Paul N. Otto, Annie I. Antón
Issue Date:September 2008
pp. 335-336
We describe a case study in which we evaluated an open-source Electronic Health Record (EHR) system’s requirements for compliance with the U.S. Health Insurance Portability and Accountability Act (HIPAA). Our findings suggest that legal compliance must be ...
 
Legal Requirements, Compliance and Practice: An Industry Case Study in Accessibility
Found in: Requirements Engineering, IEEE International Conference on
By Travis D. Breaux, Annie I. Antón, Kent Boucher, Merlin Dorfman
Issue Date:September 2008
pp. 43-52
U.S. laws and regulations are designed to support broad societal goals, such as accessibility, privacy and safety. To demonstrate that a product complies with these goals, businesses need to identify and refine legal requirements into product requirements ...
 
Addressing Legal Requirements in Requirements Engineering
Found in: Requirements Engineering, IEEE International Conference on
By Paul N. Otto, Annie I. Antón
Issue Date:October 2007
pp. 5-14
Legal texts, such as regulations and legislation, are playing an increasingly important role in requirements engineering and system development. Monitoring systems for requirements and policy compliance has been recognized in the requirements engineering c...
 
Improving Performance Requirements Specifications from Field Failure Reports
Found in: Requirements Engineering, IEEE International Conference on
By Chih-Wei Ho, Laurie Williams, Annie I. Antón
Issue Date:October 2007
pp. 79-88
Customer-reported field failures provide valuable information for the requirements of the next release. Without a systematic approach, the requirements of the next release may not address the field failures, and the same problems may reoccur. In this paper...
 
The ChoicePoint Dilemma: How Data Brokers Should Handle the Privacy of Personal Information
Found in: IEEE Security and Privacy
By Paul N. Otto, Annie I. Antón, David L. Baumer
Issue Date:September 2007
pp. 15-23
Before 2005, data broker ChoicePoint suffered fraudulent access to its databases, exposing thousands of customers' personal information. This article examines ChoicePoint's data breach, explores what went wrong from the perspective of consumers, executives...
 
Analyzing Regulatory Rules for Privacy and Security Requirements
Found in: IEEE Transactions on Software Engineering
By Travis Breaux, Annie Antón
Issue Date:January 2008
pp. 5-20
Information practices that use personal, financial and health-related information are governed by U.S. laws and regulations to prevent unauthorized use and disclosure. To ensure compliance under the law, the security and privacy requirements of relevant so...
 
HIPAA's Effect on Web Site Privacy Policies
Found in: IEEE Security and Privacy
By Annie I. Antón, Julia B. Eart, Matthew W. Vail, Neha Jain, Carrie M. Gheen, Jack M. Frink
Issue Date:January 2007
pp. 45-52
Healthcare institutions typically post their privacy practices online as privacy policy documents. A study of nine institutions with Web sites shows that since the introduction of the 1996 Health Information and Portability Accountability Act (HIPAA), priv...
 
Privacy Policy Representation in Web-based Healthcare
Found in: Hawaii International Conference on System Sciences
By Julia B. Earp, Matthew Vail, Annie I. Anton
Issue Date:January 2007
pp. 138c
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) has resulted in the presence of very descriptive privacy policies on healthcare websites. These policies are intended to notify users about the organization?s privacy practices. Howeve...
   
Towards Regulatory Compliance: Extracting Rights and Obligations to Align Requirements with Regulations
Found in: Requirements Engineering, IEEE International Conference on
By Travis D. Breaux, Matthew W. Vail, Annie I. Antón
Issue Date:September 2006
pp. 49-58
In the United States, federal and state regulations prescribe stakeholder rights and obligations that must be satisfied by the requirements for software systems. These regulations are typically wrought with ambiguities, making the process of deriving syste...
 
Enforceability vs. Accountability in Electronic Policies
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By Travis D. Breaux, Annie I. Antón, Clare-Marie Karat, John Karat
Issue Date:June 2006
pp. 227-230
Laws, regulations, policies and standards are increasing the requirements complexity of software systems that ensure information resources are both available and protected. To motivate discussions as to how current policy models can address this problem, w...
 
Ensuring Compliance between Policies, Requirements and Software Design: A Case Study
Found in: Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on
By Qingfeng He, Paul Otto, Annie I. Anton, Laurie Jones
Issue Date:April 2006
pp. 79-92
Specifying correct and complete access control policies is essential to secure data and ensure privacy in information systems. Traditionally, policy specification has not been an explicit part of the software development process. This isolation of policy s...
 
Analyzing Goal Semantics for Rights, Permissions, and Obligations
Found in: Requirements Engineering, IEEE International Conference on
By Travis D. Breaux, Annie I. Antón
Issue Date:September 2005
pp. 177-188
<p>Software requirements, rights, permissions, obligations, and operations of policy enforcing systems are often misaligned. Our goal is to develop tools and techniques that help requirements engineers and policy makers bring policies and system requ...
 
Deriving Semantic Models from Privacy Policies
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By Travis D. Breaux, Annie I. Antón
Issue Date:June 2005
pp. 67-76
Natural language policies describe interactions between and across organizations, third-parties and individuals. However, current policy languages are limited in their ability to collectively describe interactions across these parties. Goals from requireme...
 
Inside JetBlue's Privacy Policy Violations
Found in: IEEE Security and Privacy
By Annie I. Antón, Qingfeng He, David L. Baumer
Issue Date:November 2004
pp. 12-18
JetBlue Airways gave five million customers' travel records to a US Department of Defense contractor. The authors' analysis reveals that JetBlue's privacy policy might pose additional significant threats to customer privacy and that the US Department of Ho...
 
An Initial Exploration of the Relationship Between Pair Programming and Brooks' Law
Found in: Agile Development Conference/Australasian Database Conference
By Laurie Williams, Anuja Shukla, Annie I. Antón
Issue Date:June 2004
pp. 11-20
Through his law,
 
Misuse and Abuse Cases: Getting Past the Positive
Found in: IEEE Security and Privacy
By Paco Hope, Gary McGraw, Annie I. Antón
Issue Date:May 2004
pp. 90-92
Software development is all about making software do something: when software vendors sell their products, they talk about what the particular products do to make customer?s lives easier, such as improving business processes or something similarly positive...
 
Financial Privacy Policies and the Need for Standardization
Found in: IEEE Security and Privacy
By Annie I. Antón, Julia B. Earp, Qingfeng He, William Stufflebeam, Davide Bolchini, Carlos Jensen
Issue Date:March 2004
pp. 36-45
By analyzing 40 online privacy policy documents from nine financial institutions, the authors examine the clarity and readability of these important privacy notices. Using goal-driven requirements engineering techniques and readability analysis, the findin...
 
SMaRT — Scenario Management and Requirements Tool
Found in: Requirements Engineering, IEEE International Conference on
By William Stufflebeam, Annie I. Antón, Thomas A. Alspaugh
Issue Date:September 2003
pp. 351
No summary available.
   
Contrasting Use Case, Goal, and Scenario Analysis of the Euronet System
Found in: Requirements Engineering, IEEE International Conference on
By Thomas A. Alspaugh, Annie I. Antón
Issue Date:September 2003
pp. 355
In this research, we compare three related requirements engineering efforts: an industrial effort based on use cases; a case study analyzing these use cases by means of goal analysis; and a case study analyzing the same use cases with an integrated scenari...
   
Point/Counterpoint
Found in: IEEE Software
By Annie I. Antón, Don Wells
Issue Date:May 2003
pp. 44-47
No summary available.
 
Functional Paleontology: The Evolution of User-Visible System Services
Found in: IEEE Transactions on Software Engineering
By Annie I. Antón, Colin Potts
Issue Date:February 2003
pp. 151-166
<p><b>Abstract</b>—It has long been accepted that requirements analysis should precede architectural design and implementation, but in software evolution and reverse engineering this concern with black-box analysis of function has necessa...
 
Analyzing Website Privacy Requirements Using a Privacy Goal Taxonomy
Found in: Requirements Engineering, IEEE International Conference on
By Annie I. Antón, Julia B. Earp, Angela Reese
Issue Date:September 2002
pp. 23
Privacy has recently become a prominent issue in the context of electronic commerce websites. Increasingly, privacy policies posted on such websites are receiving considerable attention from the government and consumers. We have used goal-mining, to extrac...
 
Evolving Beyond Requirements Creep: A Risk-Based Evolutionary Prototyping Model
Found in: Requirements Engineering, IEEE International Conference on
By Ryan A. Carter, Annie I. Antón, Laurie Williams, Aldo Dagnino
Issue Date:August 2001
pp. 0094
Abstract: Evolutionary prototyping focuses on gathering a correct and consistent set of requirements. The process lends particular strength to building quality software by means of the ongoing clarification of existing requirements and the discovery of pre...
 
The Role of Policy and Stakeholder Privacy Values in Requirements Engineering
Found in: Requirements Engineering, IEEE International Conference on
By Annie I. Antón, Julia B. Earp, Thomas A. Alspaugh, Colin Potts
Issue Date:August 2001
pp. 0138
Abstract: Diverse uses of information technology (IT)i n organizations affect privacy. Developers of electronic commerce, database management, security mechanisms, telecommunication and collaborative systems should be aware of these effects and acknowledge...
 
Functional Paleontology: System Evolution as the User Sees It
Found in: Software Engineering, International Conference on
By Annie I. Antón, Colin Potts
Issue Date:May 2001
pp. 0421
Abstract: It has long been accepted that requirements analysis should precede architectural design and implementation, but in software evolution and reverse engineering this concern with black-box analysis of function has necessarily been de-emphasized in ...
 
What Do You Mean I've Been Practicing without a License? Certification and Licensing of Requirements Engineering Professionals
Found in: Requirements Engineering, IEEE International Conference on
By Annie I. Anton, Joanne M. Atlee
Issue Date:June 2000
pp. 151
We would like the panel to address these questions: What are the goals we want to achieve? If software quality and reliability are the ultimate goals, is the licensing of software practitioners the best way to achieve them? Who should be licensed? In parti...
   
The Use of Goals to Surface Requirements for Evolving Systems
Found in: Software Engineering, International Conference on
By Annie I. Anton, Colin Potts
Issue Date:April 1998
pp. 157
No summary available.
 
Goal-Based Requirements Analysis
Found in: Requirements Engineering, IEEE International Conference on
By Annie I. Anton
Issue Date:April 1996
pp. 136
Goals are a logical mechanism for identifying, organizing and justifying software requirements. Strategies are needed for the initial identification and construction of goals. In this paper we discuss goals from the perspective of two themes: goal analysis...
 
First International Workshop on Requirements Engineering and Law (RELAW)
Found in: Requirements Engineering and Law
By Annie I. Antón, Travis D. Breaux, Dimitris Karagiannis, John Mylopoulos
Issue Date:September 2008
pp. i-iv
Requirements engineering is the practice of identifying and specifying system requirements to achieve a specific purpose. Government laws and regulations are written to achieve societal goals, and thus have a direct impact on system requirements and design...
   
A Requirements-based Comparison of Privacy Taxonomies
Found in: Requirements Engineering and Law
By Aaron K. Massey, Annie I. Antón
Issue Date:September 2008
pp. 1-5
Understanding the nature of privacy regulation is a challenge that requirements engineers face when building software systems in financial, healthcare, government, or other sensitive industries. Requirements engineers have begun to model privacy requiremen...
 
Checking Existing Requirements for Compliance with Law Using a Production Rule Model
Found in: Requirements Engineering and Law
By Jeremy C. Maxwell, Annie I. Antón
Issue Date:September 2009
pp. 1-6
To ensure legal compliance, requirements engineers need tools to determine existing software requirements' compliance with relevant law. We propose using a production rule model for requirements engineers to query as they check software requirements for le...
 
Identifying Commitment-Based Software Requirements to Thwart Unfair and Deceptive Practices
Found in: Requirements Engineering and Law
By Jessica D. Young, Annie I. Antón
Issue Date:September 2009
pp. 19-20
Companies publish privacy notices to notify consumers about their information practices. These privacy notices express company-specific commitments to the consumer about how the company will collect, use, and securely store data. Requirements engineers nee...
 
Prioritizing Legal Requirements
Found in: Requirements Engineering and Law
By Aaron K. Massey, Paul N. Otto, Annie I. Antón
Issue Date:September 2009
pp. 27-32
Requirements prioritization is used in the early phases of software development to determine the order in which requirements should be implemented. Requirements are not all equally important to the final software system because time constraints, expense, a...
 
An empirical investigation of software engineers' ability to classify legal cross-references
Found in: 2013 IEEE 21st International Requirements Engineering Conference (RE)
By Jeremy C. Maxwell,Annie I. Anton,Julie B. Earp
Issue Date:July 2013
pp. 24-31
Requirements engineers often have to develop software for regulated domains. These regulations often contain cross-references to other laws. Cross-references can introduce exceptions or definitions, constrain existing requirements, or even conflict with ot...
   
Automated text mining for requirements analysis of policy documents
Found in: 2013 IEEE 21st International Requirements Engineering Conference (RE)
By Aaron K. Massey,Jacob Eisenstein,Annie I. Anton,Peter P. Swire
Issue Date:July 2013
pp. 4-13
Businesses and organizations in jurisdictions around the world are required by law to provide their customers and users with information about their business practices in the form of policy documents. Requirements engineers analyze these documents as sourc...
   
 1