Travis D. Breaux

IEEE Trans. Software Eng., January, 2024

2023

DAISY: Dynamic-Analysis-Induced Source Discovery for Sensitive Data.

[BibT_eX]

[DOI]

ACM Trans. Softw. Eng. Methodol., July, 2023

Consent Verification Monitoring.

[BibT_eX]

[DOI]

ACM Trans. Softw. Eng. Methodol., January, 2023

Mobile Application Privacy Risk Assessments from User-authored Scenarios.

[BibT_eX]

[DOI]

Tianjian Huang

Vaishnavi Kaulagi

Proceedings of the 31st IEEE International Requirements Engineering Conference, 2023

A Metric for Measuring Software Engineering Post-Graduate Outcomes.

[BibT_eX]

[DOI]

Jennifer Moritz

Proceedings of the 45th IEEE/ACM International Conference on Software Engineering: Software Engineering Education and Training, 2023

2022

A Systemic Approach for Natural Language Scenario Elicitation of Security Requirements.

[BibT_eX]

[DOI]

Stephanie T. Jones

IEEE Trans. Dependable Secur. Comput., 2022

Domain Model Extraction from User-authored Scenarios and Word Embeddings.

[BibT_eX]

[DOI]

Yuchen Shen

Proceedings of the 30th IEEE International Requirements Engineering Conference Workshops, 2022

Legal Accountability as Software Quality: A U.S. Data Processing Perspective.

[BibT_eX]

[DOI]

Thomas B. Norton

Proceedings of the 30th IEEE International Requirements Engineering Conference, 2022

2021

Analyzing privacy policies through syntax-driven semantic analysis of information types.

[BibT_eX]

[DOI]

Inf. Softw. Technol., 2021

The 2021 software developer shortage is coming.

[BibT_eX]

[DOI]

Jennifer Moritz

Commun. ACM, 2021

Ambiguity and Generality in Natural Language Privacy Policies.

[BibT_eX]

[DOI]

Proceedings of the 29th IEEE International Requirements Engineering Conference, 2021

2020

Disambiguating Requirements Through Syntax-Driven Semantic Analysis of Information Types.

[BibT_eX]

[DOI]

Alberto Rodrigues da Silva

Proceedings of the Requirements Engineering: Foundation for Software Quality, 2020

How does misconfiguration of analytic services compromise mobile privacy?

[BibT_eX]

[DOI]

Proceedings of the ICSE '20: 42nd International Conference on Software Engineering, Seoul, South Korea, 27 June, 2020

2019

RSL-IL4Privacy: a domain-specific language for the rigorous specification of privacy policies.

[BibT_eX]

[DOI]

João Caramujo

Requir. Eng., 2019

Identifying incompleteness in privacy policy goals using semantic frames.

[BibT_eX]

[DOI]

Morgan C. Evans

Requir. Eng., 2019

Toward Detection of Access Control Models from Source Code via Word Embedding.

[BibT_eX]

[DOI]

Proceedings of the 24th ACM Symposium on Access Control Models and Technologies, 2019

Consent Verification Under Evolving Privacy Policies.

[BibT_eX]

[DOI]

Proceedings of the 27th IEEE International Requirements Engineering Conference, 2019

Taming web views in the detection of Android privacy leaks.

[BibT_eX]

[DOI]

Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security, 2019

Toward a reliability measurement framework automated using deep learning.

[BibT_eX]

[DOI]

Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security, 2019

2018

Empirical Measurement of Perceived Privacy Risk.

[BibT_eX]

[DOI]

ACM Trans. Comput. Hum. Interact., 2018

Inferring Ontology Fragments from Semantic Role Typing of Lexical Variants.

[BibT_eX]

[DOI]

Jianwei Niu

Proceedings of the Requirements Engineering: Foundation for Software Quality, 2018

Semantic Incompleteness in Privacy Policy Goals.

[BibT_eX]

[DOI]

Proceedings of the 26th IEEE International Requirements Engineering Conference, 2018

GUILeak: tracing privacy policy claims on user input data for Android applications.

[BibT_eX]

[DOI]

Xiaoyin Wang

Xue Qin

Rocky Slavin

Jianwei Niu

Proceedings of the 40th International Conference on Software Engineering, 2018

2017

Reinforcing Security Requirements with Multifactor Quality Measurement.

[BibT_eX]

[DOI]

Proceedings of the 25th IEEE International Requirements Engineering Conference, 2017

An Evaluation of Constituency-Based Hyponymy Extraction from Privacy Policies.

[BibT_eX]

[DOI]

Proceedings of the 25th IEEE International Requirements Engineering Conference, 2017

A Data Purpose Case Study of Privacy Policies.

[BibT_eX]

[DOI]

Proceedings of the 25th IEEE International Requirements Engineering Conference, 2017

2016

Mining Privacy Goals from Privacy Policies Using Hybridized Task Recomposition.

[BibT_eX]

[DOI]

ACM Trans. Softw. Eng. Methodol., 2016

Crowdsourcing privacy policy analysis: Potential, challenges and best practices.

[BibT_eX]

[DOI]

Norman M. Sadeh

it Inf. Technol., 2016

A grounded analysis of experts' decision-making during security assessments.

[BibT_eX]

[DOI]

J. Cybersecur., 2016

Improving security requirements adequacy.

[BibT_eX]

[DOI]

Christian Wagner

Proceedings of the 2016 IEEE Symposium Series on Computational Intelligence, 2016

Automated Extraction of Regulated Information Types Using Hyponymy Relations.

[BibT_eX]

[DOI]

Proceedings of the 24th IEEE International Requirements Engineering Conference, 2016

A Theory of Vagueness and Privacy Risk Perception.

[BibT_eX]

[DOI]

Proceedings of the 24th IEEE International Requirements Engineering Conference, 2016

PVDetector: a detector of privacy-policy violations for Android apps.

[BibT_eX]

[DOI]

Rocky Slavin

Xiaoyin Wang

Proceedings of the International Conference on Mobile Software Engineering and Systems, 2016

Toward a framework for detecting privacy policy violations in android application code.

[BibT_eX]

[DOI]

Rocky Slavin

Xiaoyin Wang

Alberto Rodrigues da Silva

Proceedings of the 38th International Conference on Software Engineering, 2016

Improving the Specification and Analysis of Privacy Policies - The RSLingo4Privacy Approach.

[BibT_eX]

[DOI]

Proceedings of the ICEIS 2016, 2016

Modeling, analyzing, and consistency checking privacy requirements using eddy.

[BibT_eX]

[DOI]

Daniel Smullen

Proceedings of the Symposium and Bootcamp on the Science of Security, 2016

Privacy Risk in Cybersecurity Data Sharing.

[BibT_eX]

[DOI]

Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security, 2016

Lexical Similarity of Information Type Hypernyms, Meronyms and Synonyms in Privacy Policies.

[BibT_eX]

[DOI]

Sudarshan Wadkar

Jianwei Niu

Proceedings of the 2016 AAAI Fall Symposia, Arlington, Virginia, USA, November 17-19, 2016, 2016

2015

How have we evaluated software pattern application? A systematic mapping study of research design practices.

[BibT_eX]

[DOI]

Maria Riaz

Laurie A. Williams

Inf. Softw. Technol., 2015

Assessment of risk perception in security requirements composition.

[BibT_eX]

[DOI]

Stephen B. Broomell

Proceedings of the 23rd IEEE International Requirements Engineering Conference, 2015

Comparing and analyzing definitions in multi-jurisdictions.

[BibT_eX]

[DOI]

Sepideh Ghanavati

Proceedings of the Eighth IEEE International Workshop on Requirements Engineering and Law, 2015

Detecting repurposing and over-collection in multi-party privacy requirements specifications.

[BibT_eX]

[DOI]

Daniel Smullen

Proceedings of the 23rd IEEE International Requirements Engineering Conference, 2015

Towards an information type lexicon for privacy policies.

[BibT_eX]

[DOI]

Proceedings of the Eighth IEEE International Workshop on Requirements Engineering and Law, 2015

2014

Privacy Requirements in an Age of Increased Sharing.

[BibT_eX]

[DOI]

IEEE Softw., 2014

Eddy, a formal language for specifying and analyzing data flow specifications for conflicting privacy requirements.

[BibT_eX]

[DOI]

Ashwini Rao

Requir. Eng., 2014

Managing security requirements patterns using feature diagram hierarchies.

[BibT_eX]

[DOI]

Proceedings of the IEEE 22nd International Requirements Engineering Conference, 2014

Towards a framework to measure security expertise in requirements analysis.

[BibT_eX]

[DOI]

Proceedings of the IEEE 1st Workshop on Evolving Security and Privacy Requirements Engineering, 2014

The role of legal expertise in interpretation of legal requirements and definitions.

[BibT_eX]

[DOI]

Proceedings of the IEEE 22nd International Requirements Engineering Conference, 2014

Scaling requirements extraction to the crowd: Experiments with privacy policies.

[BibT_eX]

[DOI]

Proceedings of the IEEE 22nd International Requirements Engineering Conference, 2014

Less is more?: investigating the role of examples in security studies using analogical transfer.

[BibT_eX]

[DOI]

Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, 2014

Crowdsourcing the Extraction of Data Practices from Privacy Policies.

[BibT_eX]

[DOI]

Norman M. Sadeh

Proceedings of the Seconf AAAI Conference on Human Computation and Crowdsourcing, 2014

2013

A cross-domain empirical study and legal evaluation of the requirements water marking method.

[BibT_eX]

[DOI]

Requir. Eng., 2013

What Engineers Should Know about US Security and Privacy Law.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2013

Regulatory Requirements Traceability and Analysis Using Semi-formal Specifications.

[BibT_eX]

[DOI]

Proceedings of the Requirements Engineering: Foundation for Software Quality, 2013

Toward benchmarks to assess advancement in legal requirements modeling.

[BibT_eX]

[DOI]

Proceedings of the Sixth International Workshop on Requirements Engineering and Law, 2013

Assessing regulatory change through legal requirements coverage modeling.

[BibT_eX]

[DOI]

Proceedings of the 21st IEEE International Requirements Engineering Conference, 2013

Formal analysis of privacy requirements specifications for multi-tier applications.

[BibT_eX]

[DOI]

Ashwini Rao

Proceedings of the 21st IEEE International Requirements Engineering Conference, 2013

Mapping legal requirements to IT controls.

[BibT_eX]

[DOI]

Proceedings of the Sixth International Workshop on Requirements Engineering and Law, 2013

Preserving traceability and encoding meaning in legal requirements extraction.

[BibT_eX]

[DOI]

Proceedings of the Sixth International Workshop on Requirements Engineering and Law, 2013

2012

Reconciling multi-jurisdictional legal requirements: A case study in requirements water marking.

[BibT_eX]

[DOI]

Proceedings of the 2012 20th IEEE International Requirements Engineering Conference (RE), 2012

Towards a framework for pattern experimentation: Understanding empirical validity in requirements engineering patterns.

[BibT_eX]

[DOI]

Proceedings of the Second IEEE International Workshop on Requirements Patterns, 2012

2011

Digital privacy: theory, policies and technologies.

[BibT_eX]

[DOI]

Requir. Eng., 2011

Legally "reasonable" security requirements: A 10-year FTC retrospective.

[BibT_eX]

[DOI]

David L. Baumer

Comput. Secur., 2011

Comparing requirements from multiple jurisdictions.

[BibT_eX]

[DOI]

Proceedings of the Fourth International Workshop on Requirements Engineering and Law, 2011

Governance and accountability in the new data ecology.

[BibT_eX]

[DOI]

Thomas A. Alspaugh

Proceedings of the Fourth International Workshop on Requirements Engineering and Law, 2011

Managing multi-jurisdictional requirements in the cloud: towards a computational legal landscape.

[BibT_eX]

[DOI]

Proceedings of the 3rd ACM Cloud Computing Security Workshop, 2011

2010

A method to acquire compliance monitors from regulations.

[BibT_eX]

[DOI]

Proceedings of the Third International Workshop on Requirements Engineering and Law, 2010

2009

IT Compliance: Aligning Legal and Product Requirements.

[BibT_eX]

[DOI]

IT Prof., 2009

A distributed requirements management framework for legal compliance and accountability.

[BibT_eX]

[DOI]

Eugene H. Spafford

Comput. Secur., 2009

Identifying vulnerabilities and critical requirements using criminal court proceedings.

[BibT_eX]

[DOI]

Proceedings of the 2009 ACM Symposium on Applied Computing (SAC), 2009

Exercising Due Diligence in Legal Requirements Acquisition: A Tool-supported, Frame-Based Approach.

[BibT_eX]

[DOI]

Proceedings of the RE 2009, 17th IEEE International Requirements Engineering Conference, Atlanta, Georgia, USA, August 31, 2009

Early Studies in Acquiring Evidentiary, Reusable Business Process Models for Legal Compliance.

[BibT_eX]

[DOI]

Calvin Powers

Proceedings of the Sixth International Conference on Information Technology: New Generations, 2009

2008

Analyzing Regulatory Rules for Privacy and Security Requirements.

[BibT_eX]

[DOI]

IEEE Trans. Software Eng., 2008

Semantic parameterization: A process for modeling domain descriptions.

[BibT_eX]

[DOI]

Jon Doyle

ACM Trans. Softw. Eng. Methodol., 2008

Legal Requirements, Compliance and Practice: An Industry Case Study in Accessibility.

[BibT_eX]

[DOI]

Proceedings of the 16th IEEE International Requirements Engineering Conference, 2008

Automating the Extraction of Rights and Obligations for Regulatory Compliance.

[BibT_eX]

[DOI]

Proceedings of the Conceptual Modeling, 2008

2007

Extracting rights and obligations from regulations: toward a tool-supported process.

[BibT_eX]

[DOI]

Proceedings of the 22nd IEEE/ACM International Conference on Automated Software Engineering (ASE 2007), 2007

2006

Towards Regulatory Compliance: Extracting Rights and Obligations to Align Requirements with Regulations.

[BibT_eX]

[DOI]

Matthew W. Vail

Proceedings of the 14th IEEE International Conference on Requirements Engineering (RE 2006), 2006

Enforceability vs. Accountability in Electronic Policies.

[BibT_eX]

[DOI]

Proceedings of the 7th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2006), 2006

2005

Mining rule semantics to understand legislative compliance.

[BibT_eX]

[DOI]

Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, 2005

Analyzing Goal Semantics for Rights, Permissions, and Obligations.

[BibT_eX]

[DOI]

Proceedings of the 13th IEEE International Conference on Requirements Engineering (RE 2005), 29 August, 2005

Deriving Semantic Models from Privacy Policies.

[BibT_eX]

[DOI]

Proceedings of the 6th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2005), 2005

Using Ontology in Hierarchical Information Clustering.

[BibT_eX]

[DOI]