{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:35:58Z","timestamp":1742913358126,"version":"3.40.3"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031573262"},{"type":"electronic","value":"9783031573279"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-57327-9_6","type":"book-chapter","created":{"date-parts":[[2024,3,29]],"date-time":"2024-03-29T03:01:47Z","timestamp":1711681307000},"page":"92-108","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Governance-Focused Classification of Security and Privacy Requirements from Obligations in Software Engineering Contracts"],"prefix":"10.1007","author":[{"given":"Preethu Rose","family":"Anish","sequence":"first","affiliation":[]},{"given":"Aparna","family":"Verma","sequence":"additional","affiliation":[]},{"given":"Sivanthy","family":"Venkatesan","sequence":"additional","affiliation":[]},{"given":"Logamurugan","family":"V.","sequence":"additional","affiliation":[]},{"given":"Smita","family":"Ghaisas","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,3,30]]},"reference":[{"key":"6_CR1","unstructured":"https:\/\/www.financierworldwide.com\/data-privacy-and-cyber-security-the-importance-of-a-proactive-approach. Accessed 02 Nov 2023"},{"key":"6_CR2","unstructured":"IBM report: https:\/\/www.ibm.com\/security\/data-breach. Accessed 02 Nov 2023"},{"key":"6_CR3","unstructured":"Whatsapp case: https:\/\/www.bloomberg.com\/news\/articles\/2021-09-02\/whatsapp-fined-266-million-over-data-transparency-violations. Accessed 05 Nov 2023"},{"key":"6_CR4","unstructured":"https:\/\/www.bbc.com\/news\/technology-54722362. Accessed 02 Nov 2023"},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Casillo, F., Deufemia, V., Gravino, C.: Detecting privacy requirements from user stories with NLP transfer learning models. Inf. Softw. Technol., 106853 (2022)","DOI":"10.1016\/j.infsof.2022.106853"},{"key":"#cr-split#-6_CR6.1","doi-asserted-by":"crossref","unstructured":"Sainani, A., Anish, P.R., Joshi, V., Ghaisas, S.: Extracting and classifying requirements from software engineering contracts. In: 2020 IEEE 28th International Requirements Engineering Conference","DOI":"10.1109\/RE48521.2020.00026"},{"key":"#cr-split#-6_CR6.2","unstructured":"(RE) (pp. 147-157). IEEE (2020)"},{"key":"6_CR7","unstructured":"https:\/\/www.infosysbpm.com\/offerings\/functions\/legal-process-outsourcing\/white-papers\/Documents\/contract-process-helping-hurting.pdf. Accessed 02 Nov 2023"},{"key":"6_CR8","unstructured":"Contract Governance: https:\/\/www.linkedin.com\/pulse\/simple-keys-contract-governance-kelly-smith\/. Accessed 02 Nov 2023"},{"key":"6_CR9","unstructured":"Devlin, J., Chang, M., Lee, K.: BERT: pre-training of deep bidirectional trans-formers for language understanding. In: Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Volume 1 (Long and Short Papers), Minneapolis, MN, USA, pp. 4171\u20134186 (2019)"},{"issue":"1","key":"6_CR10","first-page":"5485","volume":"21","author":"C Raffel","year":"2020","unstructured":"Raffel, C., et al.: Exploring the limits of transfer learning with a unified text-to-text transformer. J. Mach. Learn. Res. 21(1), 5485\u20135551 (2020)","journal-title":"J. Mach. Learn. Res."},{"key":"6_CR11","unstructured":"GPT-3: Models - OpenAI API. Accessed 02 Nov 2023"},{"key":"6_CR12","doi-asserted-by":"crossref","unstructured":"Weber-Jahnke, J., Onabajo, A.: Mining and analysing security goal models in health information systems. In: Workshop on Software Engineering in Health Care, pp. 42\u201352. IEEE Computer Society (2009)","DOI":"10.1109\/SEHC.2009.5069605"},{"key":"6_CR13","doi-asserted-by":"crossref","unstructured":"Jindal, R., Malhotra, R., Jain, A.: Automated classification of security requirements. In: 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 2027\u20132033 (2016)","DOI":"10.1109\/ICACCI.2016.7732349"},{"key":"6_CR14","doi-asserted-by":"crossref","unstructured":"Xiao, X., Paradkar, A., Thummalapenta, S., Xie, T.: Automated extraction of security policies from natural-language software documents. In: Proceedings of the ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE), pp. 12:1\u201312:11 (2012)","DOI":"10.1145\/2393596.2393608"},{"issue":"1","key":"6_CR15","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1109\/TSE.2007.70746","volume":"34","author":"T Breaux","year":"2008","unstructured":"Breaux, T., Anton, A.: Analyzing regulatory rules for privacy and security requirements. IEEE Trans. Softw. Eng. 34(1), 5\u201320 (2008)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"6_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/978-3-642-14192-8_23","volume-title":"Requirements Engineering: Foundation for Software Quality","author":"S Islam","year":"2010","unstructured":"Islam, S., Mouratidis, H., Wagner, S.: Towards a framework to elicit and manage security and privacy requirements from laws and regulations. In: Wieringa, R., Persson, A. (eds.) REFSQ 2010. LNCS, vol. 6182, pp. 255\u2013261. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-14192-8_23"},{"key":"6_CR17","doi-asserted-by":"crossref","unstructured":"Janpitak, N., Sathitwiriyawong, C.: Information security requirement extraction from regulatory documents using GATE\/ANNIC. In: 7th International Electrical Engineering Congress (iEECON) (2019)","DOI":"10.1109\/iEECON45304.2019.8938899"},{"key":"6_CR18","doi-asserted-by":"crossref","unstructured":"Munaiah, N., Meneely, A., Murukannaiah, P.K.: A domain dependent model for identifying security requirements. In: Proceedings of the IEEE 25th International Requirements Engineering Conference (RE), Lisbon, pp. 506\u2013511 (2017)","DOI":"10.1109\/RE.2017.79"},{"key":"6_CR19","first-page":"2778","volume":"2","author":"TR Farkhani","year":"2006","unstructured":"Farkhani, T.R., Razzazi, M.R.: Examination and classification of security requirements of software systems. Inf. Commun. Technol. 2, 2778\u20132783 (2006)","journal-title":"Inf. Commun. Technol."},{"key":"6_CR20","doi-asserted-by":"crossref","unstructured":"Jain, C., Anish, P.R., Ghaisas, S.: Automated identification of security and privacy requirements from software engineering contracts. In: 2023 IEEE 31st International Requirements Engineering Conference Workshops (REW)\u00a0(pp. 234\u2013238) (2023)","DOI":"10.1109\/REW57809.2023.00047"},{"key":"6_CR21","doi-asserted-by":"publisher","unstructured":"Hoda, R.: Socio-Technical grounded theory for software engineering. IEEE Trans. Softw. Eng. (2021). https:\/\/doi.org\/10.1109\/TSE.2021.3106280","DOI":"10.1109\/TSE.2021.3106280"},{"issue":"2","key":"6_CR22","first-page":"73","volume":"8","author":"JMB Nunes","year":"2010","unstructured":"Nunes, J.M.B., Martins, J.T., Zhou, L., Alajamy, M., Al-Mamari, S.: Contextual sensitivity in grounded theory: The role of pilot studies. Electr. J. Bus. Res. Methods 8(2), 73\u201384 (2010)","journal-title":"Electr. J. Bus. Res. Methods"},{"key":"6_CR23","volume-title":"The Discovery of Grounded Theory","author":"B Glaser","year":"1967","unstructured":"Glaser, B., Strauss, A.: The Discovery of Grounded Theory. Aldine, Chicago (1967)"},{"key":"6_CR24","doi-asserted-by":"crossref","unstructured":"Loper, E., Bird, S.: NLTK: the natural language toolkit. arXiv preprint cs\/0205028 (2002)","DOI":"10.3115\/1118108.1118117"},{"key":"6_CR25","unstructured":"CUAD dataset. https:\/\/www.atticusprojectai.org\/cuad. Accessed 02 Nov 2023"},{"key":"6_CR26","doi-asserted-by":"crossref","unstructured":"Simonson, D., Broderick, D., Herr, J.: The extent of repetition in contract language. In: Proceedings of the Natural Legal Language Processing Workshop 2019 (pp. 21\u201330) (2019)","DOI":"10.18653\/v1\/W19-2203"},{"key":"6_CR27","unstructured":"Ratner, A.J., De Sa, C.M., Wu, S., Selsam, D., R\u00e9, C.: Data programming: creating large training sets, quickly. In: Advances in Neural Information Processing Systems 3567\u20133575 (2016)"},{"key":"6_CR28","unstructured":"Amini, M.-R., Feofanov, V., Pauletto, L., Devijver, E., Maximov, Y.: Self-training: a survey (2022)"},{"key":"6_CR29","doi-asserted-by":"publisher","unstructured":"Sharifi, S., Parvizimosaed, A., Amyot, D., Logrippo, L., Mylopoulos, J.: Symboleo: towards a specification language for legal contracts. In: 2020 IEEE 28th International Requirements Engineering Conference (RE), Zurich, Switzerland, pp. 364\u2013369 (2020). https:\/\/doi.org\/10.1109\/RE48521.2020.00049","DOI":"10.1109\/RE48521.2020.00049"}],"container-title":["Lecture Notes in Computer Science","Requirements Engineering: Foundation for Software Quality"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-57327-9_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,29]],"date-time":"2024-03-29T03:03:44Z","timestamp":1711681424000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-57327-9_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031573262","9783031573279"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-57327-9_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"30 March 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"REFSQ","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Working Conference on Requirements Engineering: Foundation for Software Quality","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Winterthur","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Switzerland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 April 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 April 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"refsq2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2024.refsq.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"59","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"14","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"24% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}