A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is
Incorporating Security Requirements from Legal Regulations into UMLsec model
ACM/IEEE International Conference on Model Driven Engineering Languages and Systems
Compliance with law, industry standards, and corporate governance regulations are one of the driving factors for discovering security requirements. This paper aims to incorporate constraints from regulations through security requirements at an early stage of development. Constraints are extracted using a pattern based approach from legal texts of information security laws and policies derived from the security standard ISO/IEC 27001:2005. The UML extension UMLsec is then used to address whetherdblp:conf/models/IslamJ08 fatcat:cfzwuf6a4zbjjhepofovpzno5q