A High-Level Scheme for an Ontology-Based Compliance Framework in Software Development

Date

2019-04-11

Advisors

Journal Title

Journal ISSN

ISSN

Volume Title

Publisher

IEEE

Type

Conference

Peer reviewed

Yes

Abstract

Software development market is currently witnessing an increasing demand for software applications conformance with the international regime of GRC for Governance, Risk and Compliance. In this paper, we propose a compliance requirement analysis method for early stages of software development based on a semantically-rich model, where a mapping can be established from legal and regulatory requirements relevant to system context to software system business goals and contexts. The proposed semantic model consists of a number of ontologies each corresponding to a knowledge component within the developed framework of our approach. Each ontology is a thesaurus of concepts in the compliance and risk assessment domain related to system development along with relationships and rules between concepts that compromise the domain knowledge. The main contribution of the work presented in this paper is a case study that demonstrates how description-logic reasoning techniques can be used to simulate legal reasoning requirements employed by legal professions against the description of each ontology.

Description

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.

Keywords

Requirement Engineeering, Privacy, Compliance, Data Protection, Ontology

Citation

Jorshari, F.Z. and Tawil, R.H. (2015) A High-Level Scheme for an Ontology-Based Compliance Framework in Software Development. In: Proceedings of 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems, New York, USA, August 2015, IEEE, pp. 1479-1487.

Rights

Research Institute