Sökning: WFRF:(Araújo João) >
Evaluating a privac...
Evaluating a privacy requirements specification method by using a mixed-method approach : results and lessons learned
-
- Peixoto, Mariana (författare)
- Universidade Federal de Pernambuco (UFPE), BRA
-
- Silva, Carla (författare)
- Universidade Federal de Pernambuco (UFPE), BRA
-
- Araújo, João (författare)
- Universidade Nova de Lisboa (UNL), PRT
-
visa fler...
-
- Gorschek, Tony, 1972- (författare)
- Blekinge Tekniska Högskola,Institutionen för programvaruteknik
-
- Vasconcelos, Alexandre (författare)
- Universidade Federal de Pernambuco (UFPE), BRA
-
- Vilela, Jéssyka (författare)
- Universidade Federal de Pernambuco (UFPE), BRA
-
visa färre...
-
(creator_code:org_t)
- 2022-09-18
- 2023
- Engelska.
-
Ingår i: Requirements Engineering. - : Springer Science+Business Media B.V.. - 0947-3602 .- 1432-010X. ; 28:2, s. 229-255
- Relaterad länk:
-
https://urn.kb.se/re...
-
visa fler...
-
https://doi.org/10.1...
-
visa färre...
Abstract
Ämnesord
Stäng
- Although agile software development (ASD) has been adopted in the industry, requirements approaches for ASD still neglect non-functional requirements. Privacy has become a concern due to new user demands and data protection laws. Hence, privacy needs to be properly specified, but agile requirements engineering techniques do not explicitly represent privacy requirements and, therefore, are not able to proper analyze such requirements. In this context, Privacy Criteria Method (PCM), an approach to specify privacy in requirements activities, was proposed to produce more complete and detailed privacy requirements. By considering PCM a promising approach to be used in ASD and the importance of empirical evaluation of new methods, we have as objectives: 1 evaluate the ability of PCM to support systems analysts in specifying privacy requirements when used in conjunction with some agile specification methods; and 2 show our lessons learned in conducting empirical research based on an mix-method approach defined to empirically evaluate the suitability of a requirements specification in specifying privacy requirements. Mixed-method approach is a controlled experiment as a quantitative evaluation and a feasibility study (questionnaire and task analysis based) study as a qualitative and quantitative evaluation. The requirements specifications following PCM allow to represent privacy aspects, such as user’s personal data and the privacy mechanism that can be used to mitigate a privacy risk scenario. We also observed that some extra time is necessary to specify privacy requirements with PCM, but it does not imply a greater perceived effort. Specifications produced with PCM are of good quality and more privacy detailed. Additionally, we attest to the importance of conducting empirical research to evaluate new methods. PCM assists in specifying more complete and detailed in relation to traditional techniques used in ASD, which facilitates communication between the requirements analysts and developers. © 2022, The Author(s), under exclusive licence to Springer-Verlag London Ltd., part of Springer Nature.
Ämnesord
- NATURVETENSKAP -- Data- och informationsvetenskap -- Programvaruteknik (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Software Engineering (hsv//eng)
Nyckelord
- Agile software development
- Empirical study
- Privacy criteria method
- Privacy requirements specification
- Job analysis
- Requirements engineering
- Risk perception
- Software design
- Specifications
- Empirical research
- Empirical studies
- Industry requirements
- Mixed method
- Privacy requirement specification
- Privacy requirements
- Quantitative evaluation
- Requirements specifications
- Data privacy
Publikations- och innehållstyp
- ref (ämneskategori)
- art (ämneskategori)
Hitta via bibliotek
Till lärosätets databas