The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Security has been a growing concern for large organizations, especially financial and governmental institutions, as security breaches in the systems they depend on have repeatedly resulted in billions of dollars in losses per year, and this cost is on the rise. A primary reason for these breaches is that the systems in question are socio-technical — a mix of people, processes, technology and infrastructure...
Exploratory evaluation is an effective way to analyze and improve the security of information system. The information system structure model for security protection capability is set up in view of the exploratory evaluation requirements of security protection capability, and the requirements of agility, traceability and interpretation for exploratory evaluation are obtained by analyzing the relationship...
Graphical models are useful for discussing different aspects of processes, structures or requirements. The visual syntax of a standard modelling language cannot support all such aspects. There are several cases where it would be desirable to decorate the symbols in a diagram with additional visual annotations. This way, it is possible to include specific information (such as security requirements)...
One of the conventional ways of dispersing information in a university or corporate office is through the Notice Board. Notice boards are an ideal platform that allows one to put up information so that it can be seen by everyone. Whenever there is a new circular to be dispersed among the students or employees, it will be immediately put up on the notice board where everyone has to manually gather...
This research identifies a number of key factors related to online consumer trust and establishes a model based on the System Dynamic method to find out the relationships between these factors and trust. This paper provides several contributions. Firstly it reviews the previous works of online trust and identifies the major online trust building factors which mainly consists of business factors, consumer...
Due to complex and heterogeneous nature of a software being used in present-day scenario, the need for developing solution to the design related problems, where solutions were made earlier can be reused in a recurring manner. For solving various design problems, it is observed that design pattern helps to find a better solution to many of the recurring design problems. Generally, design patterns are...
A time-and resource-sensitive simple businessprocess (TR-SBP) consists of a finite set of finite series ofactivities that have timing and resource constraints. A TRSBPseems simple, but its analysis needs to consider whatare not explicitly mentioned as activities and may introducea non-negligible number of intermediate states. In this sense, the analysis has similarities with security protocol analysisthat...
The Accessibility Stable Analysis Pattern intends to describe the core knowledge behind the concept of Accessibility. Accessibility finds an extensive range of usages in various applications. The pattern also gives an excellent start to software developers, by defining the core knowledge of any accessibility problem. Any developer can build on, extend or reuse the pattern to model any specific application...
With the popularization of high-speed and high-capacity communication networks, machine-to-machine (M2M) communication has received significant attention. However, although the related technologies have been actively investigated, creating new businesses based on M2M communication is difficult. The information and communication technology community should take not only system modeling but also business...
With the development of e-commerce and smart tourism, the combination of tourism and the internet has caused tourism purchasing in China to shift from traditional channels to online ones. However, while online tourism consumption has many advantages there are also high associated security risks. Understanding how perceived security impacts online tourism purchasing behavior is extremely important...
In this paper, we propose a new model of community cloud (ComC) interaction that is based on the demand of tenants and propose an intrusion detection mechanism for the proposed model. ComC is a solution that is more secure than the public cloud, and less costly than the private cloud. We argue that our proposed model of the ComC will be more beneficial to consumers as well as providers. Our evaluation...
The idea of business processes as a key concept to underpin organisational activities are increasingly recognised. Business processes must be able to accommodate security engineering from the early stages rather at the later stages of process development (i.e., design and implementation). This raises a question whether the business processes are performed securely. In this paper, we take a deeper...
Trustworthy e-commerce applications are not easy to design. Currently, patches are periodically released to countermeasure trust issues that arise in e-commerce communities. In this paper, we propose a methodology for designing trustworthy applications that enables an application designer to model applications resilient to trust related threats early in the development life cycle. Such modeling requires...
We describe the SPaCIoS project, illustrating its main objectives, the results obtained so far and those that we expect to achieve, in particular, the development of the SPaCIoS Tool, an integrated platform that takes as input a formal description of the system under validation, the expected security goals, and a description of the capabilities of the attacker, and automatically generates and executes...
Modern enterprise systems are often processbased, i. e., they allow for the direct execution of business processes that are specified in a high-level language such as BPMN. In this paper, we present a service, called Security Validation as a Service (SVaaS) for validating the compliance of the business processes during design-time. Basically, while modeling a business process the business analyst...
Network marketing in e-commerce is different from traditional marketing in several new features. This paper uses SPSS for the reliability and validity of principal component analysis on indicators, and suggests network marketing models under the framework of performance evaluation index system. Combined with FAHP, we designed two main network marketing business models and conducted related empirical...
Based on TAM and TTF theory, we construct an adoption model to analyze factors that influence users adoption m-commerce. The theoretical model indicates that perceived fit have positive effect on perceived usefulness and perceived security, perceived value was positively related to intention to adopt m-commerce; moreover, perceived value mediates the effect of perceived usefulness and perceived security...
With the large-scale distributed system plays an increasingly important role in such fields as national security, critical infrastructure and social life, its vulnerability analysis problem has become a growing focus nowadays. As a vulnerability analysis object, a multi-layer model is put forward firstly, and then a multi-dimension vulnerability analysis framework of large-scale distributed system...
With the development of workflow technology and the mature of corresponding modeling tools, more and more enterprise businesses are processed by workflow system. Although so many model methods, such as WF-net, Petrinet, BPMN and SCXML, etc., are proposed, it is a difficult task to guarantee the soundness property of workflow model. Generally, this problem is handled by soundness analysis after the...
This paper reports on ongoing work on SWAT, a new toolkit for security workflow analysis. SWAT provides a platform for the realization and testing of well-founded methods to detect information leaks in workflows, both for the workflow certification and for audit based upon the execution traces. Besides presenting the SWAT's functionality and high-level architecture, an example illustrates its operation.
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.