Privacy protection is important in many industries, such as healthcare and finance. Capturing and modeling privacy requirements in the early stages of system development is essential to provide high assurance of privacy protection to both stakeholders and consumers. This paper presents a framework for modeling privacy requirements in the role engineering process. Role engineering entails defining roles and permissions as well as assigning the permissions to the roles. Role engineering is the first step to implement a Role-Based Access Control (RBAC) system and essentially a Requirements Engineering (RE)process. The framework includes a data model and a goal-driven role engineering process. It seeks to bridge the gap between high-level privacy requirements and low-level access control policies by modeling privacy requirements as the contexts and obligations of RBAC entities and relationships. A healthcare example is illustrated with the framework.

Pressures are increasing on organisations to take an early and more systematic approach to security. A key to enforcing security is to restrict access to valuable assets. We regard access policies as security requirements that specify such restrictions. Current requirements engineering methods are generally inadequate for eliciting and analysing these types of requirements, because they do not allow complex organisational structures and procedures that underlie policies to be represented adequately. This paper discusses roles and why they are important in the analysis of security. The paper relates roles to organisational theory and how they could be employed to define access policies. A framework is presented, based on these concepts, for analysing access policies.

Abstract—Using roles for modeling organizations has become common in commercial policy based access control systems and widely accepted in policy-based management research for the grouping of policies. In this paper we argue that the role abstraction is inflexible in the face of many forms of organizational change and thus only an appropriate abstraction for mostly static organizational structures. We describe a novel policy grouping abstraction based upon communities. We ground the community-based approach through an application to dynamic spectrum access. Keywords: Policy-based Management, roles, Communities, Spectrum Management I.

Abstract. Our society is increasingly moving towards richer forms of information exchange where mobility of processes and devices plays a prominent role. This tendency has prompted the academic community to study the security problems arising from such mobile environments, and in particular, the security policies regulating who can access the information in question. In this paper we propose a mechanisms for specifying access privileges based on a combination of the identity of the user seeking access, its credentials, and the location from which he seeks it, within a reconfigurable nested structure. We define BACIR, a boxed ambient calculus extended with a Distributed Role-Based Access Control mechanism where each ambient controls its own access policy. A process in BACIR is associated with an owner and a set of activated roles that grant permissions for mobility and communication. The calculus includes primitives to activate and deactivate roles. The behavior of these primitives is determined by the process’s owner, its current location and its currently activated roles. We consider two forms of security violations that our type system prevents: 1) attempting to move into an ambient without having the authorizing roles granting entry activated and 2) trying to use a communication port without having the roles required for access activated. We accomplish 1) and 2) by giving a static type system, an untyped transition semantics, and a typed transition semantics. We then show that a well-typed program never violates the dynamic security checks. 1

Software systems of today are characterized by increasing size, complexity, distribution, heterogeneity, and lifespan. Understanding and supporting the interaction between software requirements and architectures remains one of the challenging problems in software engineering research. To address these challenges we are investigating the relationship between the requirements and software architecture.In this work we show an approach for this integration of systems requirements and software architectures within the context of the Tropos project.