(PRIMIUM - Process Innovation for Enterprise Software, 2009) Kähmer, Martin; Gilliot, Maike
Eliciting non-functional security requirements within a company was one of the major aspects of the SIKOSA project1. Scenarios, such as that of METRO presented in this paper, show how besides a company's internal requirements, customers' preferences also play an important role. However, conflicts between specific customers' privacy policies and those of a company need to be detected and dealt with. To this end we present a policy language that is able to tackle this comparison problem and two tools: An editor tool allowing users to specify their policies in a user-friendly way and a monitoring tool to evaluate und enforce the policies at runtime.