UTRECHT UNIVERSITY A Method for Identifying Software Requirements Based on Policy Commitments Method Description Robert Anthony Vroon (3440516) 8-2-2011 Introduction The method discussed in this document is the Commitments Analysis Methodology. It is a method to identify software requirements out of policy documents, such as privacy policies and terms of use. Young and Antón (2010) developed this method during a formative case study of four healthcare organizations’ policy documents. After the development of the method, they applied the method, in a summative case study, to eight other healthcare organizations’ policy documents in order to validate the method. Jessica Young is a Ph.D. candidate on the North Carolina State University. She received her Master of Science degree for the study Computer Science in December 2009. Her advisor is Dr. Annie I. Antón. She is professor at the North Carolina State University and she has an academic background. The Commitments Analysis Methodology consists of the following three main steps: 1. Parse Policy Document into Individual Statements 2. Classify Policy Statements 3. Operationalize Classified Statements Into Requirements In the first step, parse policy document into individual statements, the requirements engineer will split the policy document up in individual policy statements. Every sentence in the policy document will be a single statement. After that, he needs to classify the individual statements and document the statements attributes in step 2, classify policy statements. In order to classify the individual statements there are 12 classifications. These classifications are divided into three aspects, scope, actor and concept. Scope and actor consist of two possibilities and concept of three. This result into 12 classifications. In the final step, operationalize classified statements into requirements, the individual statements are operationalized into requirements. (Young & Antón, 2010) Policy document Step 1: Parse Policy Document into Individual statements Policy Statements Step 2: Classify Policy Statements Classified Statements Key Step Step 3: Operationalize Classified Statements into Requirements Input / Output Requirements Figure 1: Commitments Analysis Methodology (Young & Antón, 2010, p. 3) Flow Example In order to provide an example for the method described in the introduction I will use a paragraph from the Facebook’s Privacy Policy. The paragraph is: “To contact you. We may contact you with service-related announcements from time to time. You may opt out of all communications except essential updates on your account notifications page. We may include content you see on Facebook in the emails we send to you.” (Facebook, 2010) Step 1: Parse Policy Document into Individual Statements In the first step the paragraph will be split up into individual statements. This will result in the following: To contact you. We may contact you with service-related announcements from time to time. You may opt-out of all communications except essential updates on your account notifications page. We may include content you see on Facebook in the emails we send to you. This parsing results in the above 4 individual statements which will then be classified in the following step of the Commitments Analysis Method. Step 2: Classify Policy Statements The next step is to analyse the individual statements by assigning a classification. This step consists of assigning an classification to the statements and document the attributes of each statement. This will result in the following tables. The first table are the classifications of each statement and the second table is the documentation of each individual statement. In the second table the examples are omitted. Table 1: Classification assignment Scope (1) To contact you. (2) We may contact you with service-related announcements from time to time. (3) You may opt-out of all communications except essential updates on your account notifications page. (4) We may include content you see on Facebook in the emails we send to you. Concept procedural Actor unclassified organization procedural user privilege procedural organization privilege privilege Table 2: Documented attributes Actor Action Object 1 - Object’s source Target Purpose Conditions - 2 Organization Contact the user with service-related announcements the user from time to time Examples - - 3 User Opt-out all communications except essential updates - 4 Organization Email content you see on Facebook the user - Step 3: Operationalize Classified Statements Into Requirements In this step the individual statements are operationalized into requirements using templates. There are two different templates. One template is for the privileges and rights and on is for the commitments. Template for privileges and rights (Young & Antón, 2010): The system shall allow the [actor] to [action] [object] from [object’s source] to/with [target] for/in order to [purpose] given/if [conditions]. Template for commitments (Young & Antón, 2010): The system shall require the [actor] to [action] [object] from [object’s source] to/with [target] for/in order to [purpose] given/if [conditions]. This will result in the following requirements: The system shall allow the organization to contact with service-related announcements to/with the user. The system shall allow the user to opt-out all communications given/if except essential updates. The system shall allow the organization to email content you see on Facebook from to/with the user. The main deliverable of the method are the requirements depict in the last enumeration. Related literature The method explained in this paper is described in the paper ‘A Method for Identifying Software Requirements Based on Policy Commitments’ (Young & Antón, 2010). The relationship between policies and software requirements is addressed by several researchers. This means that policy documents can be used to identify (new) requirements. (Antón, Earp, & Carter, 2003). In the paper of Breaux & Antón (2002) another methodology to derive security requirements from regulation texts is explained. The paper of Antón, Earp and Reese (2002) is describing a method to analyse website privacy requirements in order to derive software requirements from it. This is also the case for ‘Commitment analysis to operationalize software requirements from privacy policies’ from Young (2010). References Antón, A., Earp, J., & Carter, R. (2003). Precluding incongruous behavior by aligning software requirements with security and privacy policies. Information and Software Technology, 967977. Antón, A., Earp, J., & Reese, A. (2002). Analyzing website privacy requirements using a privacy goal taxonomy. In IEEE Joint International Conference on Requirements Engineering (pp. 23-31). IEEE. Antón, A., Earp, J., He, Q., Stufflebeam, W., Bolchini, D., & Jensen, C. (2005). The Lack of Clarity in Financial Privacy Policies and the need for standardization. Security & Privacy, 36-45. Antón, A., Earp, J., Potts, C., & Alspaugh, T. (2002). The role of policy and stakeholder privacy values in requirements engineering. Fifth IEEE International Symposium on Requirements Engineering (pp. 138-145). IEEE. Breaux, T., & Antón, A. (2005). Deriving Semantic Models from Privacy Policies. Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (pp. 67-76). IEEE. Breaux, T., & Antón, A. (2008). Analyzing regulatory rules for privacy and security requirements. IEEE Transactions on Software Engineering, 5-20. Facebook. (2010, December 22). Facebook's Privacy Policy. Retrieved February 18, 2011, from Facebook: http://www.facebook.com/home.php?#!/policy.php Massey, A., Otto, P., & Antón, A. (2009). Prioritizing Legal Requirements. Relaw, 27-32. Massey, A., Otto, P., Hayward, L., & Antón, A. (2010). Evaluating existing security and privacy requirements for legal compliance. Requirements Engineering, 119-137. Maxwell, J., & Antón, A. (2010). The production rule framework: developing a canonical set of software requirements for compliance with law. Proceedings of the 1st ACM International Health Informatics Symposium (pp. 629-636). ACM. Young, J. (2010). Commitment analysis to operationalize software requirements from privacy policies. Requirements Engineering, 1-14. Young, J., & Antón, A. (2010). A Method for Identifying Software Requirements Based on Policy Commitments. 2010 18th IEEE International Requirements Engineering Conference (pp. 47-56). IEEE.