论文信息 - Preserving traceability and encoding meaning in legal requirements extraction

Preserving traceability and encoding meaning in legal requirements extraction

Information system developers must ensure that their systems comply with government laws and regulations. To demonstrate compliance, developers can trace from statements in law to their system specifications while preserving how they identify and interpret ambiguity. In this paper, we present an application of the legal requirements specification language (LRSL) as a means to encode laws into a machine-readable specification. The encoding reduces ambiguity by making relations between requirements statements explicit. These relations include refinement, pre- and post-conditions, and exceptions that shape the environment in which the developer's system must operate and limiting the behavior of the system to a set of mandatory and discretionary actions. We illustrate the LRSL using a legal excerpt from Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, section164.512(f) governing disclosures of protected health information to law enforcement in the United States.

Travis D. Breaux | David G. Gordon

[1] Annie I. Antón,et al. Legal requirements acquisition for the specification of legally compliant information systems , 2009 .

[2] Travis D. Breaux,et al. Assessing regulatory change through legal requirements coverage modeling , 2013, 2013 21st IEEE International Requirements Engineering Conference (RE).

[3] Travis D. Breaux,et al. Regulatory Requirements Traceability and Analysis Using Semi-formal Specifications , 2013, REFSQ.

[4] Annie I. Antón,et al. Analyzing Regulatory Rules for Privacy and Security Requirements , 2008, IEEE Transactions on Software Engineering.

[5] Jolanta Cybulka,et al. Dynamics of legal provisions and its representation , 2005, ICAIL '05.

[6] Travis D. Breaux,et al. A cross-domain empirical study and legal evaluation of the requirements water marking method , 2013, Requirements Engineering.