Stratified Modelling and Analysis of Confidentiality Requirements

In this paper we present a method for modelling and analyzing confidentiality requirements based on requirements stratification. Stakeholders with varying data usage concerns have confidentiality and privacy requirements, and these stakeholders are often in different jurisdictions, for example, national, provincial and local authorities. In addition, customers, such as patient groups and individual patients, have important confidentiality concerns which should be considered in the requirement engineering process. Our approach provides a method to model and analyze the interactions of the different requirements with their inherent stratified relationship and supports the iterative specification and analysis of the requirements. We report on a preliminary evaluation of the method with a case study in the health care domain. Our results show that our method is suitable to express most case study requirements in their natural stratification order, but it also uncovered important limitations. Nevertheless, our method was effective in detecting a potential incompleteness in the subject requirements set.