Transparency & Legal Compliance in Information Systems
Research Areas: End System Security, Policy, Law and Management,
![[topcap]](/images/floating_sidebar_topcap.png){kind=small}
Research Areas
![[bottomcap]](/images/floating_sidebar_bottomcap.png){kind=small}
Principal Investigator: Eugene Spafford
Analysts need mechanisms to disambiguate regulations so they may be clearly specified as software requirements. Additionally, those responsible for certifying compliance within relevant systems need controls and assurances that measure conformance with policies and regulations. Our goal is to develop methods, tools, and procedures to help software designers and policy makers achieve transparency and consistency by bringing regulations, policies and system requirements into better alignment.
Results: There are three main expected results of this work. First, we will produce tools to assist software designers in determining a clear set of actionable requirements for system design and access control from regulations and legislation. Second, we will produce methods to develop audit mechanisms and procedures that may be used to verify that a functioning system meets its requirements. This will aid organizations as they conduct policy and legal compliance. Third, we will develop a realistic corpus of synthetic electronic patient record data that can be used to test any such experimental system. We will make this available so that other researchers can use it.
Keywords: software requirements, policy, assurance
Footer
RSS Feeds
Combined XML Feed
News XML Feed Events XML Feed Weblogs XML Feed Security Seminar Podcast
Twitter: @cerias, @ceriasarchive, #cerias
CERIAS, Purdue University / Recitation Building / 656 Oval Drive / West Lafayette IN 47907-2086
phone (765)494-7841 / fax (765)496-3181
Copyright © 2013, Purdue University, all rights reserved. Purdue University is an equal access/equal opportunity university.
If you have trouble accessing this page because of a disability, please contact the CERIAS webmaster at webmaster@cerias.purdue.edu. Some content on this site may require the use of a special plug-in or application. Please visit our plug-ins page for links to download these applications.
Privacy Policy