{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,2]],"date-time":"2025-07-02T11:49:30Z","timestamp":1751456970196,"version":"3.40.3"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030966478"},{"type":"electronic","value":"9783030966485"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-030-96648-5_4","type":"book-chapter","created":{"date-parts":[[2022,2,10]],"date-time":"2022-02-10T15:11:54Z","timestamp":1644505914000},"page":"67-87","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["A Framework for Privacy and Security Requirements Analysis and Conflict Resolution for Supporting GDPR Compliance Through Privacy-by-Design"],"prefix":"10.1007","author":[{"given":"Duaa","family":"Alkubaisy","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Luca","family":"Piras","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohammed Ghazi","family":"Al-Obeidallah","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Karl","family":"Cox","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haralambos","family":"Mouratidis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,2,11]]},"reference":[{"key":"4_CR1","doi-asserted-by":"crossref","unstructured":"Alkubaisy, D., Piras, L., Al-Obeidallah, M.G., Cox, K., Mouratidis, H.: ConfIs: a tool for privacy and security analysis and conflict resolution for supporting GDPR compliance through privacy-by-design. In: 16th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE) (2021)","DOI":"10.5220\/0010406100800091"},{"key":"4_CR2","doi-asserted-by":"publisher","unstructured":"Alkubaisy, D.: A framework managing conflicts between security and privacy requirements. In: 2017 11th International Conference on Research Challenges in Information Science (RCIS), pp. 427\u2013432. Institute of Electrical and Electronics Engineers (2017). https:\/\/doi.org\/10.1109\/RCIS.2017.7956571","DOI":"10.1109\/RCIS.2017.7956571"},{"key":"4_CR3","doi-asserted-by":"publisher","unstructured":"Alkubaisy, D., Cox, K., Mouratidis, H.: Towards detecting and mitigating conflicts for privacy and security requirements. In: Kolp, M., et al. (eds.) Proceedings: RCIS 2019 - IEEE 13th International Conference on Research Challenges in Information Science: Towards a design science for information systems. Brussels, 29\u201331 May 2019. Institute of Electrical and Electronics Engineers Computer Society, Belgium (2019). https:\/\/doi.org\/10.1109\/RCIS.2019.8876999. Accessed 05 Dec 2020","DOI":"10.1109\/RCIS.2019.8876999"},{"key":"4_CR4","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/978-3-319-17581-2_2","volume-title":"Formal Techniques for Safety-Critical Systems","author":"T Noll","year":"2015","unstructured":"Noll, T.: Safety, dependability and performance analysis of aerospace systems. In: Artho, C., \u00d6lveczky, P.C. (eds.) FTSCS 2014. CCIS, vol. 476, pp. 17\u201331. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-17581-2_2"},{"key":"4_CR5","doi-asserted-by":"crossref","unstructured":"Tejas, R.S., Patel, S.V.: Security, privacy and trust oriented requirements modeling for examination system. In: 2012 Nirma University International Conference on Engineering (NUiCONE). IEEE (2012)","DOI":"10.1109\/NUICONE.2012.6493189"},{"key":"4_CR6","doi-asserted-by":"crossref","unstructured":"Dubois, E., Mouratidis, H.: Guest editorial: security requirements engineering: past, present and future, pp. 1\u20135 (2010)","DOI":"10.1007\/s00766-009-0094-8"},{"issue":"9","key":"4_CR7","doi-asserted-by":"publisher","first-page":"2276","DOI":"10.1016\/j.jss.2013.03.011","volume":"86","author":"H Mouratidis","year":"2013","unstructured":"Mouratidis, H., et al.: A framework to support selection of cloud providers based on security and privacy requirements. J. Syst. Softw. 86(9), 2276\u20132293 (2013)","journal-title":"J. Syst. Softw."},{"key":"4_CR8","doi-asserted-by":"publisher","first-page":"287","DOI":"10.21552\/EDPL\/2016\/3\/4","volume":"2","author":"JP Albrecht","year":"2016","unstructured":"Albrecht, J.P.: How the GDPR will change the world. Eur. Data Prot. L. Rev. 2, 287 (2016)","journal-title":"Eur. Data Prot. L. Rev."},{"issue":"3","key":"4_CR9","doi-asserted-by":"publisher","first-page":"417","DOI":"10.1016\/j.datak.2006.06.009","volume":"61","author":"M Kim","year":"2007","unstructured":"Kim, M., Park, S., Sugumaran, V., Yang, H.: Managing requirements conflicts in software product lines: a goal and scenario-based approach. Data Knowl. Eng. 61(3), 417\u2013432 (2007)","journal-title":"Data Knowl. Eng."},{"key":"4_CR10","doi-asserted-by":"crossref","unstructured":"Egyed, A., Boehm, B.: A comparison study in software requirements negotiation. In: Proceedings of the 8th Annual International Symposium on Systems Engineering, INCOSE 1998 (1998)","DOI":"10.1002\/j.2334-5837.1998.tb00096.x"},{"issue":"11","key":"4_CR11","doi-asserted-by":"publisher","first-page":"908","DOI":"10.1109\/32.730542","volume":"24","author":"A Lamsweerde","year":"1998","unstructured":"Lamsweerde, A., Darimont, R., Letier, E.: Managing conflicts in goal-driven requirements engineering. IEEE Trans. Softw. Eng. 24(11), 908\u2013926 (1998)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Sch\u00e4r, B.: Requirements engineering process: HERMES 5 and SCRUM. Master\u2019s thesis. University of Applied Sciences and Arts (2015)","DOI":"10.1109\/ES.2015.17"},{"key":"4_CR13","unstructured":"Botha, J., Grobler, M., Eloff, M.: Global data breaches responsible for the disclosure of personal information: 2015 & 2016. In: European Conference on Cyber Warfare and Security. Academic Conferences International Limited (2017)"},{"issue":"10","key":"4_CR14","first-page":"326","volume":"7","author":"M Aldekhail","year":"2016","unstructured":"Aldekhail, M., Azzedine, C., Djamal, Z.: Software requirements conflict identification: review and recommendations. Int. J. Adv. Comput. Sci. Appl. 7(10), 326\u2013335 (2016)","journal-title":"Int. J. Adv. Comput. Sci. Appl."},{"key":"4_CR15","doi-asserted-by":"crossref","unstructured":"Mairiza, D., Zowghi, D., Gervasi, V.: \u2018Conflict characterization and analysis of non functional requirements: an experimental approach. In: IEEE 12th International Conference on Intelligent Software Methodologies, Tools and Techniques (SoMeT), pp. 83\u201391. Institute of Electrical and Electronics Engineers, Budapest (2013)","DOI":"10.1109\/SoMeT.2013.6645645"},{"key":"4_CR16","unstructured":"Pavlidis, M., Islam, S.: SecTro: a CASE tool for modelling security in requirements engineering using secure Tropos. In: CEUR Workshop Proceedings, vol. 734, pp. 89\u201396 (2011)"},{"issue":"3","key":"4_CR17","doi-asserted-by":"publisher","first-page":"331","DOI":"10.4304\/jsw.6.3.331-339","volume":"6","author":"H Mouratidis","year":"2011","unstructured":"Mouratidis, H.: Secure software systems engineering: the secure tropos approach. J. Softw. 6(3), 331\u2013339 (2011)","journal-title":"J. Softw."},{"key":"4_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1007\/978-3-030-27813-7_6","volume-title":"Trust, privacy and security in digital business","author":"L Piras","year":"2019","unstructured":"Piras, L., et al.: DEFeND architecture: a privacy by design platform for GDPR compliance. In: Gritzalis, S., Weippl, E.R., Katsikas, S.K., Anderst-Kotsis, G., Tjoa, A.M., Khalil, I. (eds.) TrustBus 2019. LNCS, vol. 11711, pp. 78\u201393. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-27813-7_6"},{"key":"4_CR19","first-page":"76541","volume":"8","author":"M Yahuza","year":"2020","unstructured":"Yahuza, M., et al.: Systematic review on security and privacy requirements in edge computing: state of the art and future research opportunities. Inst. Electr. Electron. Eng. Access 8, 76541\u201376567 (2020)","journal-title":"Inst. Electr. Electron. Eng. Access"},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Mouratidis, H., Giorgini, P.: Secure Tropos: a security-oriented extension of the Tropos methodology. Int. J. Softw. Eng. Knowl. Eng. 17(02), pp. 285\u2013309 (2007). http:\/\/www.worldscientific.com\/doi\/abs\/10.1142\/S0218194007003240. Accessed 10 Feb 2016","DOI":"10.1142\/S0218194007003240"},{"issue":"1","key":"4_CR21","first-page":"25","volume":"10","author":"A Salado","year":"2014","unstructured":"Salado, A., Nilchiani, R.: The concept of order of conflict in requirements engineering. Inst. Electr. Electron. Eng. Syst. J. 10(1), 25\u201335 (2014)","journal-title":"Inst. Electr. Electron. Eng. Syst. J."},{"key":"4_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/978-3-030-58986-8_13","volume-title":"Trust, privacy and security in digital business","author":"L Piras","year":"2020","unstructured":"Piras, L., et al.: DEFeND DSM: a data scope management service for model-based privacy by design GDPR compliance. In: Gritzalis, S., Weippl, E.R., Kotsis, G., Tjoa, A Min, Khalil, Ismail (eds.) TrustBus 2020. LNCS, vol. 12395, pp. 186\u2013201. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-58986-8_13"},{"issue":"2","key":"4_CR23","doi-asserted-by":"publisher","first-page":"136","DOI":"10.26421\/JDI2.2-3","volume":"2","author":"L Piras","year":"2021","unstructured":"Piras, L., et al.: A data scope management service to support privacy by design and GDPR compliance. J. Data Intell. 2(2), 136\u2013165 (2021)","journal-title":"J. Data Intell."},{"key":"4_CR24","doi-asserted-by":"publisher","unstructured":"Camenisch, J., van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 21\u201330. Association for Computing Machinery, New York (2002). https:\/\/doi.org\/10.1145\/586110.586114","DOI":"10.1145\/586110.586114"},{"issue":"3","key":"4_CR25","doi-asserted-by":"publisher","first-page":"337","DOI":"10.2105\/AJPH.62.3.337","volume":"62","author":"AH van de Ven","year":"1972","unstructured":"van de Ven, A.H., Delbecq, A.: The nominal group as a research instrument for exploratory health studies. Am. J. Public Health 62(3), 337\u201342 (1972)","journal-title":"Am. J. Public Health"},{"key":"4_CR26","doi-asserted-by":"publisher","unstructured":"Mendes, L.M., de Franco Rosa, F., Bonacin, R.: Enriching financial software requirements concerning privacy and security aspects: a semiotics based approach. In: Latifi, S. (ed.) ITNG 2021 18th International Conference on Information Technology-New Generations. Advances in Intelligent Systems and Computing, vol. 1346, pp. 85\u201390. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-70416-2_11","DOI":"10.1007\/978-3-030-70416-2_11"},{"key":"4_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1007\/978-3-319-92997-2_12","volume-title":"Modelling Foundations and Applications","author":"Q Ramadan","year":"2018","unstructured":"Ramadan, Q., Str\u00fcber, D., Salnitri, M., Riediger, V., J\u00fcrjens, J.: Detecting conflicts between data-minimization and security requirements in business process models. In: Pierantonio, A., Trujillo, S. (eds.) ECMFA 2018. LNCS, vol. 10890, pp. 179\u2013198. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-92997-2_12"},{"issue":"5","key":"4_CR28","doi-asserted-by":"publisher","first-page":"1191","DOI":"10.1007\/s10270-020-00781-x","volume":"19","author":"Q Ramadan","year":"2020","unstructured":"Ramadan, Q., Str\u00fcber, D., Salnitri, M., J\u00fcrjens, J., Riediger, V., Staab, S.: A semi-automated BPMN-based framework for detecting conflicts between security, data-minimization, and fairness requirements. Softw. Syst. Model. 19(5), 1191\u20131227 (2020). https:\/\/doi.org\/10.1007\/s10270-020-00781-x","journal-title":"Softw. Syst. Model."},{"issue":"2","key":"4_CR29","doi-asserted-by":"publisher","first-page":"467","DOI":"10.1007\/s10270-019-00744-x","volume":"19","author":"M Salnitri","year":"2020","unstructured":"Salnitri, M., et al.: Modelling the interplay of security, privacy and trust in sociotechnical systems: a computer-aided design approach. Softw. Syst. Model. 19(2), 467\u2013491 (2020)","journal-title":"Softw. Syst. Model."},{"issue":"2","key":"4_CR30","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1007\/s00766-017-0280-z","volume":"24","author":"J Horkoff","year":"2017","unstructured":"Horkoff, J., et al.: Goal-oriented requirements engineering: an extended systematic mapping study. Requirements Eng. 24(2), 133\u2013160 (2017). https:\/\/doi.org\/10.1007\/s00766-017-0280-z","journal-title":"Requirements Eng."},{"key":"4_CR31","doi-asserted-by":"publisher","first-page":"349","DOI":"10.1007\/978-981-13-2324-9_35","volume-title":"International Conference on Innovative Computing and Communications","author":"R Bhavsar","year":"2019","unstructured":"Bhavsar, R., et al.: Resolving conflicts in requirement engineering through agile software development: a comparative case study. In: Bhattacharyya, S., et al. (eds.) International Conference on Innovative Computing and Communications, vol. 55, pp. 349\u2013357. Springer, Singapore (2019). https:\/\/doi.org\/10.1007\/978-981-13-2324-9_35"},{"key":"4_CR32","doi-asserted-by":"crossref","unstructured":"Maxwell, J.C., Ant\u00f3n, A.I., Swire, P.: A legal cross-references taxonomy for identifying conflicting 160 software requirements. In: 2011 IEEE 19th international requirements engineering conference, vol. 161, pp. 197\u2013206 (2011)","DOI":"10.1109\/RE.2011.6051647"},{"key":"4_CR33","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1016\/j.csi.2016.08.011","volume":"49","author":"E-M Schon","year":"2017","unstructured":"Schon, E.-M., Thomaschewski, J., Escalona, M.J.: Agile requirements engineering: a systematic literature review. Comput. Stand. Interfaces 49, 79\u201391 (2017)","journal-title":"Comput. Stand. Interfaces"},{"issue":"4","key":"4_CR34","doi-asserted-by":"publisher","first-page":"168","DOI":"10.3390\/info12040168","volume":"12","author":"S\u00c9R Ferr\u00e3o","year":"2021","unstructured":"Ferr\u00e3o, S.\u00c9.R., Carvalho, A.P., Canedo, E.D., Mota, A.P.B., Costa, P.H.T., Cerqueira, A.J.: Diagnostic of data processing by Brazilian organizations\u2014a low compliance issue. Information 12(4), 168 (2021)","journal-title":"Information"},{"issue":"3","key":"4_CR35","doi-asserted-by":"publisher","first-page":"100543","DOI":"10.1016\/j.hlpt.2021.100543","volume":"10","author":"P Mulgund","year":"2021","unstructured":"Mulgund, P., et al.: The implications of the California Consumer Privacy Act (CCPA) on healthcare organizations: lessons learned from early compliance experiences. Health Policy Technol. 10(3), 100543 (2021)","journal-title":"Health Policy Technol."}],"container-title":["Communications in Computer and Information Science","Evaluation of Novel Approaches to Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-96648-5_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,2,10]],"date-time":"2022-02-10T15:15:24Z","timestamp":1644506124000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-96648-5_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783030966478","9783030966485"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-96648-5_4","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"11 February 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ENASE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Evaluation of Novel Approaches to Software Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 April 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 April 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"enase2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.enase.org\/?y=2021","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"PRIMORIS","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"96","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"15","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"16% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}