Skip to main content

Nane: Identifying misuse cases using temporal norm enactments

Kafalı, Özgur and Singh, Munindar P. and Williams, Laurie (2016) Nane: Identifying misuse cases using temporal norm enactments. In: 2016 IEEE 24th International Requirements Engineering Conference (RE). IEEE, pp. 136-145. ISBN 978-1-5090-4122-0. E-ISBN 978-1-5090-4121-3. (doi:10.1109/RE.2016.34) (KAR id:65869)

PDF Author's Accepted Manuscript
Language: English
Download (288kB)
[thumbnail of RE-16-Nane.pdf]
This file may not be suitable for users of assistive technology.
Request an accessible format
Official URL:


Recent data breaches in domains such as healthcare where confidentiality of data is crucial indicate that breaches often originate from misuses, not only from vulnerabilities in the technical (software or hardware) architecture. Current requirements engineering (RE) approaches determine what access control mechanisms are needed to protect sensitive resources (assets). However, current RE approaches inadequately characterize how a user is expected to interact with others in relation to the relevant assets. Consequently, a requirements analyst cannot readily identify misuses by legitimate users. We adopt social norms as a natural, formal means of characterizing user interactions whereby potential misuses map to norm violations. Our research goal is to help analysts identify misuse cases by formal reasoning about norm enactments. We propose Nane, a formal framework for identifying such misuse cases using a semiautomated process. We demonstrate how Nane enables monitoring of potential misuses on a healthcare scenario.

Item Type: Book section
DOI/Identification number: 10.1109/RE.2016.34
Uncontrolled keywords: authorization; monitoring; hospitals; calculus; software; cognition
Subjects: Q Science > Q Science (General) > Q335 Artificial intelligence
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Ozgur Kafali
Date Deposited: 02 Feb 2018 16:43 UTC
Last Modified: 08 Dec 2022 22:02 UTC
Resource URI: (The current URI for this page, for reference purposes)
Kafalı, Özgur:
  • Depositors only (login required):


Downloads per month over past year