The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
At present, the tourism change information management cannot be resolved efficiently and effectively, and this may cause tourists' travel to be out of order, leaving behind much pressure to transportation, scenic spots, hotels facilities and so forth. The main reason for this is lacking adaptive handling mechanism for this situation. This paper describes the mechanism of tourism information Change...
Telecommunication providers are still searching for business models beyond the bit pipe. While added-value services like Software-as-a-Service (SaaS) become more and more common for private customers as well as small and medium enterprises, in this paper we demonstrate the opportunities of Platform-as-a-Service offerings for specific business domains. By offering such platforms as cloud services,...
One of the key motivations of policy-based management is flexibility and adaptability to existing infrastructure and change management. In the context of security, modern policy languages such as XACML are extensible and support natively the expression of new information and manipulation operations. However, policy engines, which evaluate users' requests according to policies, may not support this...
The identification of Non-functional Requirements (NFRs) is, in general, performed ad-hoc, notwithstanding the organizational business needs of where the system will operate, further performed in the development process, and with incipient and low information sharing among different stakeholders. This work presents the results of case studies on the use of a method for NFRs identification, employed...
The CERT® Resilience Management Model (CERT®-RMM) defines processes for managing operational resilience in complex, risk-evolving environments. The model encompasses and integrates activities from security, business continuity, and aspects of IT operations management. It provides a path for making operational resilience a repeatable, predictable, manageable, and improvable process over which an organization...
Directory services are used by almost every enterprise computing environment to provide data concerning users, computers, contacts, and other objects. Virtual directories are components that provide directory services in a highly customized manner. Unfortunately, though the use of virtual directory services are widespread, an analysis of risks posed by their unique position and architecture has not...
The demands of sophisticated data communications have issued a new challenge to port logistics systems. Customers expect ports to handle their generated administrative data while a vessel is docked in a port. One port logistics system, known as the Vessel Clearance System (VCS), manages large numbers of documents related to the handling of containers. In the VCS system, information flows through many...
Cloud Computing Environments enable business agility and enterprises to exploit/respond quickly to changes in the marketplace, competition, technology and operational environment. For enterprises, CCE present a number of issues and challenges. Some of these include the inability to take advantage of the dynamic resource elasticity of CCE, issues of data fragmentation and duplication, the challenge...
In business and IT alignment, the implementation of IT is determined by business objectives and its services. In order to help organizations invest wisely in IT and makes the best use of the current facilities, this paper aims to deliver a method for assessing the value of service in business and IT Alignment. The method provides specific guideline in service evaluation process and assesses value...
Security risk management for information technology-based organizations has become increasingly important in recent years. However, the risk assessment and mitigation strategies that these organizations employ have remained relatively ad hoc and qualitative. In this paper, we extend a quantitative framework for risk assessment called Risk-Rank to include risk mitigation through Markov Decision Processes...
Information security managers with fixed budgets must invest in security measures to mitigate increasingly severe threats whilst maintaining the alignment of their systems with their organization's business objectives. The state of the art lacks a systematic methodology to support security investment decision-making. We describe a methodology that integrates methods from multi-attribute utility evaluation...
Enterprise search differs from Internet search in many ways. The overwhelming majority of information in an enterprise is unstructured. Together with information in relational and proprietary databases, these documents constitute the enterprise information ecosystem. The information in an enterprise is distributed. A centric search engine does not satisfy the security requirement in enterprise information...
The business environment of most enterprises comprises of fluid requirements, and emergent behaviour that cause continuous changes across the enterprises' business processes. Thus, Process Management Systems (PMSs) able to handle such changes become a necessity for businesses in order to effectively respond in this volatile environment. However, despite the plethora of available PMS, dynamic process...
This article showed the need for better support of rural small and medium-sized businesses in their transition towards modern enterprises competitive in the information economy. It summarizes the conceptual framework on the role of ICTs, namely web-pages on the internet, for the building of socio-economic networks and for the creation and development of trust. And discusses the applicability of the...
This paper identifies and analyzes governance roles and tasks in SOA security governance at macro level. Drawing from Information security management standards and frameworks on one hand and SOA considerations on the other hand, the identified governance elements are mapped to a governance structure that specifies planning and execution aspects at four organizational decision-making levels, resulting...
This paper develops a framework for analyzing security risk dependencies in organizations and ranking the risks. The framework captures how risk `diffuses' via complex interactions and reaches an equilibrium by introducing a risk-rank algorithm. A conceptual structure of an organization-comprised of business units, security threats/vulnerabilities, and people-is leveraged for modeling risk dependencies...
ITIL (IT Infrastructure Library) provides a framework of best practice guidance for IT service management based on process, and has grown to become the most widely accepted approach to IT service management in the world. ITIL processes are implemented so that they underpin the organization business, and play the core role in the framework. The paper presents ITIL process integration architecture in...
Information security is a comprehensive and specialized discipline and related to many different topics of business and science. In this framework, this paper focuses on the role and behavior of business leaders in the hectic modern business environments in realizing and practicing business-related information security management. One of the most obvious characteristics of our modern society and all...
This paper aims at building a responsibility model based on the concepts of accountability, capability and commitment. The model's objectives are firstly to help organizations for verifying the organizational structure and detecting policy problems and inconsistency. Secondly, the paper brings up a conceptual framework to support organization for defining their corporate, security and access control...
An increasingly large number of digital documents, need to be preserved by organizations. Business documents such as various contracts may be of great business value, may only exit in digital form and may need to be preserved for longer periods of times that may span over decades or even centuries. The preservation process should take care of both the integrity and authenticity of digital documents,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.