Search results

This paper aims to propose a conceptual model of policy components for software that supports modularizing and tailoring of information security policies (ISPs).

This study used a design science research approach, drawing on design knowledge from the field of situational method engineering. The conceptual model was developed as a unified modeling language class diagram using existing ISPs from public agencies in Sweden.

This study’s demonstration as proof of concept indicates that the conceptual model can be used to create free-standing modules that provide guidance about information security in relation to a specific work task and that these modules can be used across multiple tailored ISPs. Thus, the model can be considered as a step toward developing software to tailor ISPs.

The proposed conceptual model bears several short- and long-term implications for research. In the short term, the model can act as a foundation for developing software to design tailored ISPs. In the long term, having software that enables tailorable ISPs will allow researchers to do new types of studies, such as evaluating the software's effectiveness in the ISP development process.

Practitioners can use the model to develop software that assist information security managers in designing tailored ISPs. Such a tool can offer the opportunity for information security managers to design more purposeful ISPs.

The proposed model offers a detailed and well-elaborated starting point for developing software that supports modularizing and tailoring of ISPs.

Testing business processes is crucial to assess the compliance of business process models with requirements. Automating this task optimizes testing efforts and reduces human error while also providing improvement insights for the business process modeling activity. The primary purposes of this paper are to conduct a literature review of Business Process Model and Notation (BPMN) testing and formal verification and to propose the Business Process Evaluation and Research Framework for Enhancement and Continuous Testing (bPERFECT) framework, which aims to guide business process testing (BPT) research and implementation. Secondary objectives include (1) eliciting the existing types of testing, (2) evaluating their impact on efficiency and (3) assessing the formal verification techniques that complement testing.

The methodology used is based on Kitchenham's (2004) original procedures for conducting systematic literature reviews.

Results of this study indicate that three distinct business process model testing types can be found in the literature: black/gray-box, regression and integration. Testing and verification approaches differ in aspects such as awareness of test data, coverage criteria and auxiliary representations used. However, most solutions pose notable hindrances, such as BPMN element limitations, that lead to limited practicality.

The databases selected in the review protocol may have excluded relevant studies on this topic. More databases and gray literature could also be considered for inclusion in this review.

Three main originality aspects are identified in this study as follows: (1) the classification of process model testing types, (2) the future trends foreseen for BPMN model testing and verification and (3) the bPERFECT framework for testing business processes.

Data protection requirements heavily increased due to the rising awareness of data security, legal requirements and technological developments. Today, NoSQL databases are increasingly used in security-critical domains. Current survey works on databases and data security only consider authorization and access control in a very general way and do not regard most of today’s sophisticated requirements. Accordingly, the purpose of this paper is to discuss authorization and access control for relational and NoSQL database models in detail with respect to requirements and current state of the art.

This paper follows a systematic literature review approach to study authorization and access control for different database models. Starting with a research on survey works on authorization and access control in databases, the study continues with the identification and definition of advanced authorization and access control requirements, which are generally applicable to any database model. This paper then discusses and compares current database models based on these requirements.

As no survey works consider requirements for authorization and access control in different database models so far, the authors define their requirements. Furthermore, the authors discuss the current state of the art for the relational, key-value, column-oriented, document-based and graph database models in comparison to the defined requirements.

This paper focuses on authorization and access control for various database models, not concrete products. This paper identifies today’s sophisticated – yet general – requirements from the literature and compares them with research results and access control features of current products for the relational and NoSQL database models.

Despite corporate communications having an immense impact on corporate success, there is a lack of dedicated techniques for their management and visualization. A potential strategy is to apply business process management (BPM) approach with business process model and notation (BPMN) modeling techniques.

The goal of this study was to gain empirical insights into the cognitive effectiveness of BPMN-based corporate communications modeling. To this end, experimental research was performed in which subjects tested two modeling notations – standardized BPMN conversation diagrams and a BPMN extension with corporate communications-specific concepts.

Standard conversation diagrams were demonstrated to be more time-efficient for designing and interpreting diagrams. However, the subjects made significantly fewer mistakes when interpreting the diagrams modeled in the BPMN extension. Subjects also evolved positive perceptions toward the proposed extension.

BPMN-based corporate communications modeling may be applied to organizations to depict how formal communications are or should be performed consistently, effectively and transparently by following and integrating with BPM approaches and modeling techniques.

The paper provides empirical insights into the cognitive effectiveness of corporate communications modeling based on BPMN and positions the corresponding models into typical process architecture.

Mobile applications affect our everyday activities and have become more and more information centric. Effort estimation for mobile application is an essential factor to consider in the development cycle. Due to feature complexities and size, effort estimation of mobile applications poses a continued challenge for developers. This paper attempts to adapt COSMIC Function Point and Unified Modeling Language (UML) techniques to estimate the size of a given mobile application. The COSMIC concepts capture data movements of the functional processes whereas the UML class analyzes them. We utilize the Use Case Diagrams, sequence diagrams and class diagrams for mapping the Function user requirements for sizing mobile applications. We further present a new size measurement technique; Unadjusted Mobile COSMIC Function points (UMCFP) to get the functional size of mobile application using Mobile Complex Factors as an input. In this study eight mobile applications were analyzed using UMCFP, Function Point Analysis and COSMIC Function Point. The results were compared with the actual size of previous Mobile application projects.

Business models are increasingly recognized as a concept to support innovation in organizations. The implementation and operation of a new or altered business model involves the (re-)design of an organization's business processes and their successful execution. This study reviews and synthesizes the existing body of literature to guide organizations in systematically moving from a business model design to the implementation and operation of the business model through their underlying business processes.

A systematic literature review of the methods that bridge business models and business processes is performed. The selected 34 studies are classified according to the method's characteristics and the support in the design, implementation and operation of business models.

The results of the systematic review provide an overview of existing methods that organizations can adopt when moving from business model design into the implementation and operation of their business model using processes.

This work provides a comprehensive overview and detailed insight into the existing methods that align business models and business processes. It increases the understanding on how these two concepts can be synthesized to support more effective digital innovation in organizations. Based on the review results, knowledge gaps are identified and an agenda for future research bridging the fields of business models and business processes is proposed.

The study, within the Increasing Resilience of Cultural Heritage (ResCult) project, aims to support civil protection to prevent, lessen and mitigate disasters impacts on cultural heritage using a unique standardised-3D geographical information system (GIS), including both heritage and risk and hazard information.

A top-down approach, starting from existing standards (an INSPIRE extension integrated with other parts from the standardised and shared structure), was completed with a bottom-up integration according to current requirements for disaster prevention procedures and risk analyses. The results were validated and tested in case studies (differentiated concerning the hazard and type of protected heritage) and refined during user forums.

Besides the ensuing reusable database structure, the filling with case studies data underlined the tough challenges and allowed proposing a sample of workflows and possible guidelines. The interfaces are provided to use the obtained knowledge base.

The increasing number of natural disasters could severely damage the cultural heritage, causing permanent damage to movable and immovable assets and tangible and intangible heritage. The study provides an original tool properly relating the (spatial) information regarding cultural heritage and the risk factors in a unique archive as a standard-based European tool to cope with these frequent losses, preventing risk.

In March 2020 the United Nations published an open brief for the creative community to propose interventions to the unfolding COVID-19 pandemic. However, when faced with unprecedented wicked problems such as these, the rigour of design and creative processes can tested. COVID-19 has demonstrated how important human centred design responses are in understanding the worldviews and ecosystems of users. Ad hoc design responses or design hacks have demonstrated that they have a role to play in how we create our future individual, community and societal ecosystems.

In terms of age friendly design, this pandemic makes us envision what should be, furthermore, how we could create better products and services through technology. For our ageing communities “Cocooning” and other social restriction measures have exposed technological deficiencies for the needs of older people and opens up questions of our future preparedness for a growing ageing society. Now more than ever, designers need to understand the behavioural mind-set of older people in their own ecosystem and understand existing mental models.

In this opinion piece we posit what acts of design hacking can lead us to greater understanding of users mental models and therefore better understanding of technology needs for both older and younger adults. While presenting various examples of how design hacking is conducted by citizens and participants alike, it shows that it offers designers differing perspectives, experiences and inspiration for technology.

Although Public Research Institutions (PRIs) are large technology producers, they lack automated information tools that follow technical and scientific criteria for assessing and valuing patents. The assessment and valuation processes are stages of technology transfer (TT) that make it possible to obtain productive arrangements and guide the efforts of those involved in the development, maintenance and negotiation. This study aims to analyze the hybrid model of assessment and valuation of technologies by Soares (2018), applying the ‘Valorativo' software. In addition to patent value and indicator scores, the methods allow an understanding of the technology portfolio and its management.

This research is quali-quantitative, following an approach of applied nature and descriptive objectives. The research has bibliographical, documental and case study features based on the software development methodologies described in the study and the theoretical framework.

The Valorativo software assisted in the analysis of ten patents on PRIs. With the data collection and patent analysis, PAT1 scored highest among engineering patents, PAT3 scored highest among pharmaceutical patents and PAT10 scored highest among biotechnology patents. Five of the assessed patents resulted in a surplus of net present value (NPV), final net present value (NPVF) and royalties; revenue expectations outpaced investments.

The authors based the developed software on Soares’s (2018) methodology, with additional calculations and graphs. The Web software and the spreadsheet with Visual Basic for Application (VBA) were developed to deal with the patents assessment and valuation, helping in the analysis of their Legal Value, Technological Value and Market Conditions in the assessment process, and the Discounted Cash Flow and NPV in the valuation process.

The software helps with patent analysis and can generate indicators for traders, technology holders and researchers. Thus, it was necessary to understand and develop a theoretical-applied framework to outline and replicate the methodology clearly and easily.

This study aimed to develop the integration of the multiperiod production-distribution model in a closed-loop supply chain involving carbon emission and traceability. The developed model was for agricultural food (agri-food) products, considering the reverse flow of food waste from the disposal center (composting center) to producers.

The results indicate that integrating the production and distribution model considering food waste recycling provides low carbon emissions in lower total costs. The sensitivity analysis also found that there are trade-offs between production and distribution rate and food waste levels on carbon emission and traceability.

This study focuses on the mathematical modeling of a multiperiod production-distribution formulation for a closed-loop supply chain.

The model of the agri-food closed-loop supply chain in this study that considers food recycling and carbon emissions would help stakeholders involved in the agri-food supply chain to reduce food waste and carbon emissions.