Travis D. Breaux Carnegie Mellon University Travis D. Breaux
Assistant Professor of Computer Science
Institute for Software Research
School of Computer Science
5000 Forbes Avenue, Pittsburgh, PA 15213
Office:
Tel:
Fax:
E-mail:
5103 Wean Hall
412-268-7334
412-268-3455

Links: Home | Research | Teaching | Publications | Biography | Vitae

Copyright Notice:

Papers published by the Institute of Electrical and Electronics Engineers, Inc. (IEEE) are Copyright © 2005-2013 by IEEE. Personal use of this material is permitted. However, permission to reprint/ republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

Papers published by the Association for Computing Machinery, Inc. (ACM) are Copyright © 2005-2013 by ACM. Permission to make digital/ hard copy of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage, the copyright notice, the title of publication and its date appear, and notice is given that copying is by permission of ACM, Inc. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee.

Papers published by Springer are Copyright © 2005-2013 by Springer. Authors may self-archive the author's accepted manuscript of their articles on their own websites. Authors may also deposit this version of the article in any repository, provided it is only made publicly available 12 months after official publication or later. He/ she may not use the publisher's version (the final article), which is posted on SpringerLink and other Springer websites, for the purpose of self-archiving or deposit. Furthermore, the author may only post his/her version provided acknowledgement is given to the original source of publication and a link is inserted to the published article on Springer's website.


Publications Roadmap:

Theme: Contributing to Requirements Theory

  • Qualitative metrics for comparing requirements [C5, C10]
  • Formal method for modeling requirements in Description Logic [J6, J2, C13]
  • Framework for distributed requirements management [J3]
  • Balancing rights and obligations to improve requirements coverage [C3]
  • Enforceability vs. accountability in systems [W3]
  • Comparing requirements from multiple jurisdictions [J5, C10, W10, W9]
  • Assessing legal requirements coverage [C12]

Theme: Implementing Regulations in Practice

  • Gap analysis between regulations and product requirements [C5]
  • Patterns for refining regulations into product requirements [C5]

Theme: Acquiring Legal Requirements from Laws

  • Security requirements from FTC enforcement actions [J4]
  • Data access requirements from the HIPAA Privacy Rule [J1]
  • Business process models from the HIPAA Privacy Rule [C7]
  • Abuse cases from criminal court proceedings [W6]
  • Tool support for acquiring requirements from laws [C11, C8, C6, C4, W5]
  • Formalizing regulations [C3, W7] and policies [C2, C1, W2, W1] as requirements

Refereed Journal Publications:
[J6] Travis D. Breaux, Hanan Hibshi, Ashwini Rao. Eddy, A Formal Language for Specifying and Analyzing Data Flow Specifications for Conflicting Privacy Requirements. Requirements Engineering Journal, To Appear, 2014.
DOI ] [ BibTeX ]
[J5] David G. Gordon, Travis D. Breaux. A Cross-Domain Empirical Study and Legal Evaluation of the Requirements Water Marking Method. Requirements Engineering Journal, 18(2): 147-173, June 2013.
DOI ] [ BibTeX ]
[J4] Travis D. Breaux, David L. Baumer. Legally “Reasonable” Security Requirements: A 10-year FTC Retrospective. Computers and Security, 30(4):178-193, 2011
DOI ] [ PDF ] [ BibTeX ]
[J3] Travis D. Breaux, Annie I. Antón, Eugene H. Spafford. A Distributed Requirements Management Framework for Compliance and Accountability. Computers and Security (COSE), 28(1-2): 8-17, 2009
DOI ] [ PDF ] [ BibTeX ]
[J2] Travis D. Breaux, Annie I. Antón, Jon Doyle. Semantic Parameterization: A Process for Modeling Domain Descriptions. ACM Transactions on Software Engineering Methodology (ACM TOSEM), 18(2): 5, November 2008
DOI ] [ PDF ] [ BibTeX ]
[J1] Travis D. Breaux, Annie I. Antón. Analyzing Regulatory Rules for Privacy and Security Requirements. IEEE Transactions on Software Engineering, Special Issue on Software Engineering for Secure Systems (IEEE TSE), 34(1):5-20, January/February 2008
DOI ] [ PDF ] [ BibTeX ]

Refereed Conference Proceedings:
[C13] Travis D. Breaux, Ashwini Rao. Formal Analysis of Privacy Requirements Specifications for Multi-Tier Applications, (Nominated for Best Paper) Accepted To: 21st IEEE International Requirements Engineering Conference (RE'13), Rio de Janeiro, Brazil, Jul. 2013.
DOI ] [ PDF ] [ BibTeX ]
[C12] David G. Gordon, Travis D. Breaux. Assessing Regulatory Change through Legal Requirements Coverage Modeling, Accepted To: 21st IEEE International Requirements Engineering Conference (RE'13), Rio de Janeiro, Brazil, Jul. 2013.
BibTeX ]
[C11] Travis D. Breaux, David G. Gordon. Regulatory Requirements Traceability and Analysis Using Semi-Formal Specifications, 19th Working Conference on Requirements Engineering: Foundations for Software Quality (REFSQ'13), Essen, Germany, pp. 141-157, Apr. 2013.
DOI ] [ PDF ] [ BibTeX ]
[C10] David G. Gordon, Travis D. Breaux. Reconciling Multi-Jurisdictional Requirements: A Case Study in Requirements Water Marking, (Nominated for Best Paper) IEEE International Requirements Engineering Conference (RE'12), Chicago, Illinois, pp. 91-100, Sep. 2012.
DOI ] [ PDF ] [ BibTeX ]
[C9] Travis D. Breaux, Catherine B. Lotrionte. Towards a Privacy Management Framework for Distributed Cybersecurity in the New Data Ecology, In Proc. IEEE International Conference on Technologies for Homeland Security (HST'11), Waltham, Massachusetts, pp. 6-12, Nov. 2011.
DOI ] [ PDF ] [ BibTeX ]
[C8] Travis D. Breaux. Exercising Due Diligence in Legal Requirements Acquisition: A Tool-supported, Frame-based Approach. In Proc. IEEE 17th International Requirements Engineering Conference (RE'09), Atlanta, Georgia, pp. 225-230, Sep. 2009.
DOI ] [ PDF ] [ BibTeX ]
[C7] Travis D. Breaux, Calvin Powers. Early Studies in Acquiring Evidentiary, Reusable Business Process Models for Legal Compliance. 6th International Conference on Information Technology: New Generations (ITNG'09), Las Vegas, Nevada, pp. 272-266, Apr. 2009.
DOI ] [ PDF ] [ BibTeX ]
[C6] Nadzeya Kiyavitskaya, Nicola Zeni, Travis D. Breaux, Annie I. Antón, James R. Cordy, Luisa Mich, John Mylopoulos. Automating the Extraction of Rights and Obligations for Regulatory Compliance. In Proc. 27th International Conference on Conceptual Modelling (ER'08), Barcelona, Spain, pp. 154-168, Oct. 2008
DOI ] [ PDF ] [ BibTeX ]
[C5] Travis D. Breaux, Annie I. Antón, Kent Boucher, Merlin Dorfman. Legal Requirements, Compliance and Practice: An Industry Case Study in Accessibility. In Proc. IEEE 16th International Requirements Engineering Conference (RE'08), Barcelona, Spain, pp. 43-52, Sep. 2008
DOI ] [ PDF ] [ BibTeX ]
[C4] Nadzeya Kiyavitskaya, Nicola Zeni, Luisa Mich, Travis D. Breaux, Annie I. Antón, John Mylopoulos. Extracting Rights and Obligations from Regulations: Towards a Tool-Supported Process. In Proc. IEEE/ACM 22nd International Conference Automated Software Engineering (ASE'07), Atlanta, Georgia, pp. 429-432, Nov. 2007
DOI ] [ PDF ] [ BibTeX ]
[C3] Travis D. Breaux, Matthew W. Vail, Annie I. Antón. Towards Compliance: Extracting Rights and Obligations to Align Requirements with Regulations. In Proc. IEEE 14th International Requirements Engineering Conference (RE'06), Minneapolis, Minnesota, pp. 49-58, Sep. 2006
DOI ] [ PDF ] [ BibTeX ]
[C2] Travis D. Breaux and Annie I. Antón. Analyzing Goal Semantics for Rights, Permissions and Obligations. In Proc. IEEE 13th International Requirements Engineering Conference (RE'05), Paris, France pp. 177-186, Aug. 2005
DOI ] [ PDF ] [ BibTeX ]
[C1] Travis D. Breaux and Joel Reed. Hierarchical Information Clustering Using Ontology Languages. In Proc. 38th Hawaii International Conference on System Sciences (HICSS-38), Waimea, Hawaii, pp. 111--112, Jan. 2005
DOI ] [ PDF ] [ BibTeX ]

Refereed Symposia and Workshop Proceedings:
[W11] Travis D. Breaux, Hanan Hibshi, Ashwini Rao, Jean-Michel Lehker. Towards a Framework for Pattern Experimentation: Understanding empirical validity in requirements engineering patterns. 2nd IEEE Workshop on Requirements Engineering Patterns (RePa'12), Chicago, Illinois, Sep. 2012.
BibTeX ]
[W10] David G. Gordon, Travis D. Breaux. Managing Multi-Jurisdictional Requirements in the Cloud: Towards a Computational Legal Landscape. 3rd ACM Cloud Computing Security Workshop (CCSW'11), Chicago, Illinois, Oct. 2011.
DOI ] [ PDF ] [ BibTeX ]
[W9] David G. Gordon, Travis D. Breaux. Comparing Requirements from Multiple Jurisdictions. 4th IEEE International Workshop on Requirements Engineering and Law (RELAW'11), Trento, Italy, Aug. 2011.
DOI ] [ PDF ] [ BibTeX ]
[W8] Travis D. Breaux, Thomas A. Alspaugh. Governance and Accountability in the New Data Ecology: A Vision for Electronic Data Licenses. 4th IEEE International Workshop on Requirements Engineering and Law (RELAW'11), Trento, Italy, Aug. 2011.
DOI ] [ PDF ] [ BibTeX ]
[W7] Travis D. Breaux. A Method to Acquire Compliance Monitors from Regulations. 3rd IEEE International Workshop on Requirements Engineering and Law (RELAW'10), Sydney, Australia, pp. 17-26, Sep. 2010.
DOI ] [ PDF ] [ BibTeX ]
[W6] Travis D. Breaux, Jonathan D. Lewis, Paul N. H. Otto, Annie I. Antón. Identifying Legal Vulnerabilities and Critical Requirements Using Criminal Court Proceedings. 24th ACM/SIGAPP Symposium on Applied Computing (ACM SAC'09), Honolulu, Hawaii, pp. 355-359, Aug. 2008.
DOI ] [ PDF ] [ BibTeX ]
[W5] Travis D. Breaux, Annie I. Antón. A Systematic Method for Acquiring Regulatory Requirements: A Frame-Based Approach. In Proc. 6th International Workshop on Requirements for High Assurance Systems (RHAS-6), Delhi, India, Sep. 2007
PDF ] [ BibTeX ]
[W4] Travis D. Breaux. Compliance Engineering: Aligning Software Requirements with Policies and Regulations. Doctoral Symposium at the ACM/SIGSOFT 14th Symp. on Foundations of Software Engineering (FSE-14), Portland, Oregon, Nov. 2006
BibTeX ]
[W3] Travis D. Breaux, Annie I. Antón, Clare-Marie Karat and John Karat. Enforceability vs. Accountability in Electronic Policies. In Proc. IEEE 7th International Workshop on Policies for Distributed Systems and Networks (POLICY'06), London, Ontario, pp. 227-230, Jun. 2006
DOI ] [ PDF ] [ BibTeX ]
[W2] Travis D. Breaux and Annie I. Antón. Mining Rule Semantics to Understand Legislative Compliance. In Proc. ACM Workshop on Privacy in the Electronic Society (WPES'05), Alexandria, Virginia, pp. 51-54, Nov. 2005
DOI ] [ PDF ] [ BibTeX ]
[W1] Travis D. Breaux and Annie I. Antón. Deriving Semantic Models from Privacy Policy Goals. In Proc. IEEE 6th International Workshop on Policies for Distributed Systems and Networks (POLICY'05), Stockholm, Sweden, pp. 67-76, Jun. 2005
DOI ] [ PDF ] [ BibTeX ]
Dissertation, Thesis and Technical Reports:
[T3] Travis D. Breaux. Legal Requirements Acquisition for the Specification of Legally Compliant Information Systems. Ph.D. Thesis, North Carolina State University, Apr. 2009
HTML ] [ PDF ] [ BibTeX ]
[T2] Travis D. Breaux. Policy-Parametric Software. Computer Science Technical Report TR-2004-30, North Carolina State University, Nov. 2004
PDF ] [ BibTeX ]
[T1] Travis D. Breaux. BABEL: The Semantic Web in Open Systems. Undergraduate Honors Thesis, Adviser: Dr. Stephen Fickas, University of Oregon, Dec. 2003
BibTeX ]