TY - GEN
T1 - Towards adaptive compliance
AU - García-Galán, Jesús
AU - Pasquale, Liliana
AU - Grispos, George
AU - Nuseibeh, Bashar
N1 - Publisher Copyright:
© 2016 Copyright held by the owner/author(s).
PY - 2016/5/14
Y1 - 2016/5/14
N2 - Mission critical software is often required to comply with multiple regulations, standards or policies. Recent paradigms, such as cloud computing, also require software to operate in heterogeneous, highly distributed, and changing environments. In these environments, compliance requirements can vary at runtime and traditional compliance management techniques, which are normally applied at design time, may no longer be sufficient. In this paper, we motivate the need for adaptive compliance by illustrating possible compliance concerns determined by runtime variability. We further motivate our work by means of a cloud computing scenario, and present two main contributions. First, we propose and justify a process to support adaptive compliance that extends the traditional compliance management lifecycle with the activities of the Monitor-Analyse-Plan-Execute (MAPE) loop, and enacts adaptation through re-configuration. Second, we explore the literature on software compliance and classify existing work in terms of the activities and concerns of adaptive compliance. In this way, we determine how the literature can support our proposal and what are the open research challenges that need to be addressed in order to fully support adaptive compliance.
AB - Mission critical software is often required to comply with multiple regulations, standards or policies. Recent paradigms, such as cloud computing, also require software to operate in heterogeneous, highly distributed, and changing environments. In these environments, compliance requirements can vary at runtime and traditional compliance management techniques, which are normally applied at design time, may no longer be sufficient. In this paper, we motivate the need for adaptive compliance by illustrating possible compliance concerns determined by runtime variability. We further motivate our work by means of a cloud computing scenario, and present two main contributions. First, we propose and justify a process to support adaptive compliance that extends the traditional compliance management lifecycle with the activities of the Monitor-Analyse-Plan-Execute (MAPE) loop, and enacts adaptation through re-configuration. Second, we explore the literature on software compliance and classify existing work in terms of the activities and concerns of adaptive compliance. In this way, we determine how the literature can support our proposal and what are the open research challenges that need to be addressed in order to fully support adaptive compliance.
KW - Adaptive compliance
KW - Challenges
KW - Compliance as a service
KW - Self-adaptation
UR - http://www.scopus.com/inward/record.url?scp=84974577291&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84974577291&partnerID=8YFLogxK
U2 - 10.1145/2897053.2897070
DO - 10.1145/2897053.2897070
M3 - Conference contribution
AN - SCOPUS:84974577291
T3 - Proceedings - 11th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2016
SP - 108
EP - 114
BT - Proceedings - 11th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2016
PB - Association for Computing Machinery, Inc
T2 - 11th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2016
Y2 - 16 May 2016 through 17 May 2016
ER -