1. Home
  2. Publications

Refereed Journal Publications

  • D. Amyot, M. Baslyman, S. Ghanavati, M. Ghasemi, J. Hassine, L. Lessard, G. Mussbacher, E. Yu, Combining Goal modelling with Business Process modelling: Two Decades of Experience with the User Requirements Notation Standard, Journal of Enterprise Modelling and Information Systems Architectures (EMISAJ), 2022.
  • M. van Zee, F. Bex and S. Ghanavati, RationalGRL: A Framework for Argumentation and Goal Modeling, Argument & Computation Journal, IOS Press, Accepted, Journal of Argument and Computation, November 2020.
  • L. Humphreys, G. Boella, L. van der Torre, L. Robaldo, L. Di Caro, S. Ghanavati and R. Muthuri, Populating Legal Ontologies using Semantic Role Labeling, Springer Journal of Artificial Intelligence and Law (ARTI), Published, June 24th, 2020.
  • S. Ghanavati, A. Siena, D. Amyot, A. Perini, L. Peyton and A. Susi, Integrating Business Strategies with Requirement Models of Legal Compliance, International Journal of Electronic Business, Inderscience Publishers, Vol. 8, No. 3, pp 260-280, 2010. DOI: 10.1504/IJEB.2010.034171.
  • D. Amyot, S. Ghanavati, J. Horkoff, G. Mussbacher, L. Peyton and E. Yu, Evaluating Goal Models within the Goal-oriented Requirement Language, International Journal of Intelligent Systems, John Wiley & Sons, Vol. 25, No. 8, pp 841-877, 2010. DOI: 10.1002/int.20433.
  • A. Pourshahid, P. Chen, D. Amyot, A.J. Forster, S. Ghanavati, L. Peyton and M. Weiss, Business Process Management with the User Requirements Notation, Electronic Commerce Research, Springer, Vol. 9 No. 4, pp 269-316, 2009.
  • L. Peyton, S. Ghanavati and D. Amyot, Designing for Privacy Compliance and Performance Management in Health Care, Design Principles and Practices: An International Journal, Vol. 1, Number 3, Common Ground, pp 13-25, 2007.

Refereed Conferences and Workshops

  • S. Santos, T. Breaux, T. Norton, S. Haghighi and S. Ghanavati, Requirements Satisfiability with In-Context Learning, accepted to the 32nd IEEE Requirements Engineering Conference, Reykjavik, Iceland. PDF
  • C. Y Su, A. Bansal, V. Jain, S. Ghanavati, and C. McMillan, A Language Model of Java Methods with Train/Test Deduplication, ESEC/FSE 2023 Demonstration track, Accepted, July 20th 2023. PDF
  • Z. Delile, S. Radel, J. Godinez, G. Engstrom, T. Brucker, K. Young, and S. Ghanavati, Evaluating Privacy Questions From Stack Overflow: Can ChatGPT Compete?, ESPRE Workshop at RE Conference 2023, Accepted, July 8th 2023.
  • V. Jain, S. Ghanavati, S. T. Peddinti, and C. McMillan, Towards Fine-Grained Localization of Privacy Behaviors, In Proceedings of the 8th IEEE European Symposium on Security and Privacy (Euro S\&P'23), Delft, July 3-7, 2023.
  • J. Parsons, M. Schrider, O. Ogunlela and S. Ghanavati, Understanding Developers Privacy Concerns Through Reddit Thread Analysis, In: Joint Proceedings of REFSQ-2023 Workshops, Doctoral Symposium, Posters \& Tools Track, and Journal Early Feedback Track, Co-located with REFSQ 2023. Barcelona, Spain, April 17, 2023.
  • V. Jain, S. D. Gupta, S. Ghanavati, S. T. Peddinti, and C. McMillan, PAcT: Detecting and Classifying Privacy Behavior of Android Applications. In Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '22), ACM, NY, USA, 104–118, 2022.
  • S.D. Gupta, A. Nygaard, S. Kaplan, S. Ghanavati, A Two Folded Survey to Understanding the Degree of Sensitivity of the Collected Information in the IoT, Proceedings of the Second International Symposium on Emerging Information Security and Applications (EISA 2021).
  • S. Kaplan, D. Bulmer, A Gosselin, S. Ghanavati, Lattice-based Contextual Integrity Analysis of Social Network Privacy Policies, the 8th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) at RE 2021.
  • S.D. Gupta, S., A. Nygaard, S. Kaplan, V. Jain, S. Ghanavati, PHIN: A Privacy Protected Heterogeneous IoT Network, 15th International Conference on Research Challenges in Information Science (RCIS2021), Cyprus, 2021.
  • V. Jain, S.D. Gupta, S. Ghanavati, S.T. Peddinti, PriGen: Towards Automated Translation of Android Applications' Code to Privacy Captions, 15th International Conference on Research Challenges in Information Science (RCIS2021), Cypress, 2021.
  • S. Sartoli, S. Ghanavati, A. Siami Namin, Towards Variability-Aware Legal-GRL Framework for Modeling Compliance Requirements, In The 7th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) at RE'20, Zurich, Switzerland, 2020.
  • S. Sartoli, S. Ghanavati, A. Siami Namin, Compliance Requirements Checking in Variable Environments, 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC), 1093-1094, 2020.
  • L. Humphreys, G. Boella, L. Di Caro, L. Robaldo, L. van der Torre, S. Ghanavati and R. Muthuri, Populating Legal Ontologies using Semantic Role Labeling, Proceedings of the 12th Conference on Language Resources and Evaluation (LREC 2020), pages 2157–2166, Marseille, France, 11–16 May 2020.
  • S.D. Gupta and Sepideh Ghanavati, Towards a heterogeneous IoT privacy architecture, In The 35th ACM/SIGAPP Symposium on Applied Computing (SAC ’20), March 30-April 3, 2020, Brno, Czech Republic, ACM, New York, NY, USA.
  • V. Jain and S. Ghanavati, Is It Possible to Preserve Privacy in the Age of AI?, Proceedings of the PrivateNLP 2020: Workshop on Privacy in Natural Language Processing - Colocated with WSDM 2020, CEUR Workshop Proceedings, Pages 32-36, Houston, TX, Feb. 2020.
  • A. Rabinia, S. Ghanavati, L. Humphreys and T. Hahmann, A Methodology for Implementing the Formal Legal-GRL Framework: A Research Preview, The 26th International Working Conference on Requirements Engineering: Foundation for Software Quality, pp 124-131, Pisa, Italy, 23-26 June, 2020.
  • A. Rabinia, M. Dragoni and S. Ghanavati, Towards Integrating the FLG Framework with the NLP Combinatory Framework, Proceedings of the PAL: Privacy-Enhancing Artificial Intelligence and Language Technologies, As Part of the AAAI Spring Symposium Series (AAAI-SSS 2019), Palo Alto, USA, March 25-27, 2019.
  • A. Rabinia, D. Nathan, S. Ghanavati, Contextual Integrity and Reasonable Expectations: A Privacy Paradigm, The 2nd Annual Symposium on Applications Of Contextual Integrity, Berkeley, CA, CI Talk, August 2019.
  • S. Maitra, B.Suh and S. Ghanavati, Privacy Consistency Analyzer for Android Applications, In proceeding of the 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE'18) in conjunction with RE’18, Banff, Canada, August 2018.
  • A. Rabinia and S. Ghanavati, The FOL-based Legal-GRL (FLG) Framework: Towards an Automated Goal Modeling Approach for Regulations, In the proceedings of the Eighth International Model-Driven Requirements Engineering (MoDRE’18) workshop in conjunction with RE’18, Banff, Canada, August 2018.
  • A. K. Massey, E. Holtgrefe and S. Ghanavati, Modeling Regulatory Ambiguities for Requirements Analysis, In proceeding of the 36th International Conference on Conceptual Modeling (ER'17),Valencia, Spain, November 2017, (Acceptance rate: 25%).
  • P. Shayegh and S. Ghanavati, Toward an Approach to Privacy Notices in IoT, In proceeding of the 4th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE'17), Lisbon, Portugal, September 2017.
  • A. Rabinia and S. Ghanavati, FOL-based Approach for Improving Legal-GRL Modeling Framework - A Case for Requirements Engineering of Legal Regulations of Social Media, In proceeding of the 10th International Requirements Engineering and Law Workshop (RELAW'17), Lisbon, Portugal, September 2017.
  • S. Ghanavati, M. van Zee and F. Bex, Argumentation-based Methodology for Goal-oriented Requirements Language (GRL), In proceeding of the 10th International iStar Workshop (iStar'17), Essen, Germany, June 2017.
  • D. Marosin and S. Ghanavati, Semi-formal Evaluation of Architecture Design Based on Architecture Principles, In proceeding of the 10th International iStar Workshop (iStar'17), Essen, Germany, June 2017.
  • M. van Zee, D. Marosin, F. Bex, and S. Ghanavati, RationalGRL: A Framework for Rationalizing Goal Models from Argument Graphs, In proceeding of the 35th International Conference on Conceptual Modeling (ER'16), Gifu, Japan, November 2016.
  • M. Colesky and S. Ghanavati, Privacy Shielding by Design - A Strategies Case for Near-Compliance, In the 9th IEEE International Workshop on Requirements Engineering and Law (RELAW'16), Beijing, China, September 2016.
  • M. van Zee, D. Marosin, F. Bex and S. Ghanavati, The RationalGRL toolset for Goal Models and Argument Diagrams, In proceeding of the 6th International Conference on Computational Models of Argument (COMMA'16) as a DEMO ABSTRACT, Extended Abstract, Potsdam, Germany, September 2016.
  • D. Marosin, M. van Zee and S. Ghanavati, Formalizing and Modeling Enterprise Architecture (EA) Principles with Goal-oriented Requirements Language (GRL), In Proceedings of the 28th International Conference on Advanced Information System Engineering (CAiSE16), Slovenia, June 2016, (Acceptance rate= 16%).
  • S. Ghanavati and T.D. Breaux, Comparing and Analyzing Definitions in Multi-Jurisdictions, In the 8th IEEE International Workshop on Requirements Engineering and Law (RELAW'15), Ottawa, Canada, August 2015.
  • D. Marosin and S. Ghanavati, Measuring and Managing the Design Restriction of Enterprise Architecture (EA) Principles on EA Models, In the 8th IEEE International Workshop on Requirements Engineering and Law (RELAW15), Ottawa, Canada, August 2015.
  • M. Van Zee, F. Bex and S. Ghanavati, Rationalization of Goal Models in GRL using Formal Argumentation, In RENext! @ 23rd International IEEE Requirements Engineering Conference (RE15), Ottawa, Canada, August 2015.
  • L. Humphreys, G. Boella, L. Robaldo, L. Di Caro, L. Cupi, S. Ghanavati, R. Muthuri and L. Van der Torre, Classifying and Extracting Elements of Norms for Ontology Population using Semantic Role Labelling, In 2015 Workshop on Automated Detection, Extraction and Analysis of Semantic Information in Legal Texts in Conjunction to ICAIL'15, San Diego, CA, US, 2015.
  • S. Ghanavati and J. Hulstijn, Impact of Legal Interpretation in Business Process Compliance, In TELERISE15 Workshop, In ICSE15 Workshop, Italy, May 2015.
  • M. van Zee and S. Ghanavati, Capturing Evidence and Rationales with Requirements Engineering and Argumentation-Based Techniques, The 26th BENELUX Conference ON Artificial Intelligence (BNAIC'14), Nijmegen, Netherlands, 2014.
  • S. Ghanavati, S. Ingolfo and A. Siena, Exploring Legal Business Process Alternatives, 7th IFIP WG 8.1 working conference on the Practice of Enterprise Modelling (POEM'14), Manchester, UK, 2014.
  • S. Ghanavati, R. Muthuri, A. Rifaut, L. Humphreys and G. Boella, The Role of Power in Legal Compliance, In the 7th Int. Workshop on Requirements Engineering and Law (RELAW'14), Karlskrona, Sweden,Extended Abstract, August 2014.
  • S. Ghanavati, L. Humphreys, G. Boella, L. Di Caro, L. Robaldo and L. van der Torre, Business Process Compliance with Multiple Regulations, In the proceeding of the 33rd International Conference on Conceptual Modeling (ER'14), USA, October 2014.
  • S. Ghanavati, D. Amyot, A. Rifaut and E. Dubois, Goal-Oriented Compliance with Multiple Regulations, In the 22nd IEEE International Requirements Engineering Conference (RE'14), Karlskrona, Sweden, August 2014, (Acceptance rate = 26%).
  • D. Marosin, S. Ghanavati and D. van der Linden, A Principle-based Goal-oriented Requirements Language (GRL) for Enterprise Architecture, 7th International i* Workshop (iStar'14), Thessaloniki, Greece, In conjunction with CAiSE'14, June 2014.
  • G. Boella, S. Colombo Tosatto, S. Ghanavati, J. Hulstijn, L. Humphreys, R. Muthuri, A. Rifaut and L. van der Torre, Integrating Legal-URN and Eunomos: Towards a Comprehensive Compliance Management Solution, In the proceeding of Artificial Intelligence and the Complexity of Legal Systems (AICOL), 2014.
  • S. Ghanavati, D. Amyot and A. Rifaut, Legal Goal-oriented Requirement Language (Legal GRL) for Modeling Regulations, In Workshop on Modeling in Software Engineering @ICSE2014 (MiSE), Hydarabad, India, May 2014.
  • A. Rifaut and S. Ghanavati, Measurement-Oriented Comparison of Multiple Regulations with GRL, In the 5th Int. Workshop on Requirements Engineering and Law (RELAW'12), Chicago, USA, September 2012.
  • S. Ghanavati, D. Amyot and L. Peyton, A Systematic Review of Goal-oriented Requirements Management Frameworks for Business Process Compliance, In the 4th Int. Workshop on Requirements Engineering and Law (RELAW'11), Trento, Italy, August 2011.
  • D. Amyot, G. Mussbacher, S. Ghanavati and J. Kealey, GRL Modeling and Analysis with jUCMNav, In 5th Int. i* Workshop, Trento, Italy, August 2011.
  • S. Ghanavati, A. Siena, D. Amyot, A. Susi and A. Perini, Towards a Framework for Business Process Compliance, International Workshop on Goal-based Business Process Engineering (WGBP'10), Vitoria, ES, Brazil, October 2010.
  • S. Ghanavati, A. Siena, D. Amyot, A. Susi and A. Perini, Making Business Processes Law-Compliant, In the First Workshop on Law Compliancy Issues in Organisational Systems and Strategies (iComply'10), Fiesole, Firenze, Italy, July 2010.
  • S. Ghanavati, D. Amyot and L. Peyton, Compliance Analysis Based on a Goal-oriented Requirement Language Evaluation Methodology, In the 17th IEEE International Requirements Engineering Conference (RE'09), Atlanta, USA, IEEE CS, 133-142, September 2009, (Acceptance rate: 21%).
  • S. Ghanavati, A. Siena, A. Perini, D. Amyot, L. Peyton, and A. Susi, A Legal Perspective on Business:Modeling the Impact of Law, In the 4th International MCeTech Conference on eTechnologies, Ottawa,Canada, LNBIP 26, Springer, 267-278, May 2009.
  • S. Ghanavati, D. Amyot and L. Peyton, Comparative Analysis between Document-based and Model-based Compliance Management Approaches., In the First Int. Workshop on Requirements Engineering and Law (RELAW'08), Barcelona, Spain, IEEE, 35-39, September 2008.
  • A. Pourshahid, P. Chen, D. Amyot, A.J. Forster, S. Ghanavati, L. Peyton and M. Weiss, Toward an integrated User Requirements Notation Framework and Tool for Business Process Management, In the 3rd Int. MCeTech Conference on eTechnologies, Montreal, Canada, IEEE Computer Society, 3-15, January 2008,(Best Paper Award).
  • S. Ghanavati, D. Amyot and L. Peyton, Towards a Framework for Tracking Legal Compliance in Healthcare, In the 19th Int. Conf. on Advanced Information Systems Engineering (CAiSE'07), Trondheim, Norway, LNCS 4495, Springer, 218-232, June 2007, (Acceptance rate: 13%).
  • S. Ghanavati, D. Amyot and L. Peyton, A Requirements Management Framework for Privacy Compliance, In the proceeding of the 10th Workshop on Requirements Engineering (WER'07), Toronto, Canada, 149-159, May 2007.

Refereed Poster and Demo Proceeding

  • G. Mussbacher, S. Ghanavati and D. Amyot, Modeling and Analysis of URN Goals and Scenarios with jUCMNav, Research demo at the 17th IEEE International Requirements Engineering Conference (RE'09), Atlanta, USA, September 2009. Short paper also published by IEEE CS, 2009.

Book Chapters

  • D. Marosin and S. Ghanavati, Steering Transformations with Architecture Principles, In: H. A. Proper, R. Winter, S. Aier and S. de Kinderen (Eds), Architectural Coordination of Enterprise Transformation, Springer, Page 147-151, 2017.
  • D. Marosin and S. Ghanavati, Principle-Based Goal-Oriented Requirements Language, In: H. A. Proper, R. Winter, S. Aier and S. de Kinderen (Eds), Architectural Coordination of Enterprise Transformation, Springer, Page 235-247, 2017.
  • A. Pourshahid, L. Peyton, S. Ghanavati, D. Amyot, P. Chen and M. Weiss, Model-Based Validation of Business Processes, In: V. Shankararaman, J.L. Zhao and J.K. Lee (Eds), Business Enterprise, Process, and Technology Management: Models and Applications, Business Science Reference, IGI Global, USA, pp. 165-183, 2012. DOI: 10.4018/978-1-46660-249-6.

Thesis

  • S. Ghanavati, Legal-URN framework for legal compliance of business processes, Ph.D. thesis, University of Ottawa, Canada, 2013.
  • S. Ghanavati, A Compliance Framework for Business Processes Based on URN, MSc. thesis, University of Ottawa, Canada, 2007.

Papers in Unrefereed Proceedings

  • S. Ghanavati, D. Amyot, L. Peyton and G. Mussbacher, A Compliance Framework for Business Processes Based on URN and DOORS, In Telelogic User Group Conference, Atlanta, USA, October 2007.

Technical Reports

  • P. Shayegh, V. Jain, A. Rabinia and S. Ghanavati, “Automated Approach to Shorten Privacy Policies”, Technical Report, 2018.

Invited Talks

  • Keynote Speaker, Privacy is not an Afterthought: Raising Awareness Towards Privacy-Driven Software Development, The 10th Int. Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE'23) - September 2023
  • A Holistic Automated Approach to Enhance Applications’ Privacy, Invited Faculty Talk, Google, Virtual - April 2023
  • A Holistic Developer-Centered Approach to Enhance Privacy for Data-Driven Applications, UMaine BOT Event - March 2023
  • ACM-W Celebrating Technology Leaders: Women in Cybersecurity, Invited Panelist: ACM-W, Virtual - June 2021
  • Crazy Life with a Connected Device Cybersecurity Conference, Invited Panelist: Center for Criminal Justice, Intelligence & Cybersecurity at SUNY - October 2020
  • Privacy and AI Panel, Invited Panelist: Synthetic Intelligence Forum, Toronto, ON, Canada - August 2020
  • Privacy Compliance Challenges and Opportunities for Smart Applications, GISE’20 Workshop @ICSE’20 Conference, Virtual - July 2020
  • Automated Translation of Permission-Requiring Code to Privacy Statements, PERC Lab Research, AI Initiative at UMaine - March 2020
  • A Privacy-Compliant Framework for Mobile and Smart Applications, IEEE Maine Communications and Computer Societies Chapter - November 2019
  • Privacy Engineering Framework for Software, Mobile and Smart Applications, Google Inc., Mountain View - March 2019.
  • Multi-jurisdictional Privacy Compliance in IoT era, Department of Computer Science, Texas Tech University, USA - November 2016.
  • Multi-jurisdictional Legal Compliance, Department of Informatic, University of Hamburg, Germany - September 2015.
  • Legal - URN Framework - A Method for Business Process Compliance, Centre of Security and Trust (SnT), Luxembourg - January 2015.
  • Legal - URN Framework for Privacy Compliance, University of Toronto, Toronto, Canada - October 2014.
  • Legal- URN Framework for Privacy Compliance, Normative Multi-Agent Systems: NorMAS 2014, Bertinoro, Italy - September 2014.
  • Legal - URN Framework for Privacy Compliance, Bournemouth University, UK - May 2014.
  • Legal - User Requirements Notation Framework for Business Process Compliance, Centre de Recherche Henri Tudor, Luxembourg - February 2014.
  • Goal-oriented Legal Compliance: A Lightweight URN Profile, Fondazione Bruno Kessler (FBK), IRST - ICT, Software Engineering Unit, Italy - March 2010.