2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)最新文献

{"title":"Automatic Design of Secure Enterprise Architecture: Work in Progress Paper","authors":"Robert Lagerström, Pontus Johnson, M. Ekstedt","doi":"10.1109/EDOCW.2017.19","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.19","url":null,"abstract":"Architecture models mainly have three functions; 1) document, 2) analyze, and 3) improve the system under consideration. All three functions have suffered from being timeconsuming and expensive, mainly due to being manual processes in need of hard to find expertise. Recent work has however automated both the data collection and the analysis. In order for enterprise architecture modeling to finally become free of manual labor the design function also needs to be automated. In this position paper we propose the Automatic Designer. A solution that employs machine learning techniques to realize the design of (near) optimal architecture solutions. This particular implementation is focused on security analysis, but could easily be extended to other topics.","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"2012 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130930623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Evaluation of the risk and security overlay of archimate to model information system security risks","authors":"Nicolas Mayer, C. Feltus","doi":"10.1109/EDOCW.2017.30","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.30","url":null,"abstract":"We evaluated the support proposed by the RSO to represent graphically our EAM-ISSRM (Enterprise Architecture Management - Information System Security Risk Management) integrated model. The evaluation of the RSO visual notation has been done at two different levels: completeness with regards to the EAM-ISSRM integrated model (Section III) and cognitive effectiveness, relying on the nine principles established by D. Moody [\"The 'Physics' of Notations: Toward a Scientific Basis for Constructing Visual Notations in Software Engineering,\" IEEE Trans. Softw. Eng., vol. 35, no. 6, pp. 756-779, Nov. 2009] (Section IV). Regarding completeness, the coverage of the EAMISSRM integrated model by the RSO is complete apart from 'Event'. As discussed in Section III, this lack is negligible and we can consider the RSO as an appropriate notation to support the EAM-ISSRM integrated model from a completeness point of view. Regarding cognitive effectiveness, many gaps have been identified with regards to the nine principle established by Moody. Although no quantitative analysis has been performed to objectify this conclusion, the RSO can decently not be considered as an appropriate notation from a cognitive effectiveness point of view and there is room to propose a notation better on this aspect. This paper is focused on assessing the RSO without suggesting improvements based on the conclusions drawn. As a consequence, our objective for future work is to propose a more cognitive effective visual notation for the EAM-ISSRM integrated model. The approach currently considered is to operationalize Moody's principles into concrete metrics and requirements, taking into account the needs and profile of the target group of our notation (information security risk managers) through personas development and user experience map. With such an approach, we will be able to make decisions on the necessary trade-offs about our visual syntax, taking care of a specific context. We also aim at validating our proposal(s) with the help of tools and approaches extracted from cognitive psychology research applied to HCI domain (e.g., eye tracking, heuristic evaluation, user experience evaluation…).","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"344 ","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120931770","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Services as Activities: Towards a Unified Definition for (Public) Services","authors":"Nicola Guarino","doi":"10.1109/EDOCW.2017.25","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.25","url":null,"abstract":"I present a novel definition of services (in particular, public services) which sees each of them as the sum of all activities that realize a public authority's commitment to make available to individuals, businesses, or other public authorities some capabilities intended to answer their needs, giving them some possibilities to control how and when such capabilities should be manifested.","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"109 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123779111","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Automating the Provisioning and Integration of Analytics Tools with Data Resources in Industrial Environments Using OpenTOSCA","authors":"Michael Zimmermann, F. Baumann, Michael Falkenthal, F. Leymann, U. Odefey","doi":"10.1109/EDOCW.2017.10","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.10","url":null,"abstract":"The fourth industrial revolution is driven by the integration and analysis of a vast amount of diverse data. Thereby, data about production steps, overall manufacturing processes, and also supporting processes is gathered to enable holistic analysis approaches. These approaches promise to provide new insights and knowledge by revealing cost saving possibilities and also automated adjustments of production processes. However, such scenarios typically require analytics services and data integration stacks since algorithms have to be developed, executed and therefore be wired with the data to be processed. This leads to complex setups of overall analytics environments that have to be installed, configured and managed according to the needs of different analysis scenarios and setups. The manual execution of such installations is time-consuming and error-prone. Therefore, we demonstrate how the different components of such combined integration and analytics scenarios can be modelled in order to be reused in different settings, while enabling the fully automated provisioning of overall analytics stacks and services.","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130821664","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Mathematical Model for Evaluation of Data Analytics Implementation Alternatives","authors":"J. Grabis, R. Pirta","doi":"10.1109/EDOCW.2017.21","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.21","url":null,"abstract":"Importance of data analytics continuously increases in modern organizations, and diversity of technologies for implementation of analytical components is also increasing. Enterprise architecture and analytical methods are helpful in selecting the most appropriate technology to ensure the right balance among strategic, development and usage considerations. This paper elaborates a mathematical model for evaluation of alternative solutions for implementation of analytical reports requested by users of enterprise applications. The alternative solutions are selected to minimize development and maintenance costs in accordance with enterprise architecture evolution principles such as centralization of common functionality and promotion of reuse. The enterprise architecture also provides input data necessary to run the model. Application of the model is demonstrated using an illustrative example highlighting some of the trade-offs faced by enterprises and systems architects. The model is intended as a decision-making guide during enterprise architecture change management.","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124747239","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Introducing a Coordination Perspective to Enterprise Architecture Management Research","authors":"Maximilian Brosius, Stephan Aier, M. Haki","doi":"10.1109/EDOCW.2017.20","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.20","url":null,"abstract":"Enterprise Architecture Management (EAM) is a prominent discipline for purposefully guiding the complex, coevolutionary business-IT relationships in organizations. Means to realize such guidance are, among others, mechanisms to coordinate heterogeneous and potentially conflicting stakeholder concerns. Yet, organizations face challenges to successfully leverage their EAM initiatives, often as a result of coordination mechanisms that only reach specific stakeholders or selected contexts. In the paper at hand, we aim at introducing coordination as a research lens for analyzing and designing EAM approaches. To this end, we substantiate the abstract notion of coordination through its underlying formal and informal mechanisms, which are implemented by artifacts, as well as through artifact modalities in an analysis framework. For illustrative purposes, we apply the developed analysis framework to The Open Group Architecture Framework (TOGAF). We find informal mechanisms (lateral relations, communication, and socialization) comparably underrepresented, which limits not only coordination effects but may also limit the success of the overall EAM approach. Our findings call for an extended and more comprehensive perspective on coordination in EAM, motivating the complementarity of informal mechanisms as an avenue for future research.","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127102716","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"In-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis","authors":"Alexandre Vernotte, Pontus Johnson, M. Ekstedt, Robert Lagerström","doi":"10.1109/EDOCW.2017.26","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.26","url":null,"abstract":"ICT systems have become an integral part of business and life. At the same time, these systems have become extremely complex. In such systems exist numerous vulnerabilities waiting to be exploited by potential threat actors. pwnPr3d is a novel modelling approach that performs automated architectural analysis with the objective of measuring the cyber security of the modeled architecture. Its integrated modelling language allows users to model software and hardware components with great level of details. To illustrate this capability, we present in this paper the metamodel of UNIX, operating systems being the core of every software and every IT system. After describing the main UNIX constituents and how they have been modelled, we illustrate how the modelled OS integrates within pwnPr3d's rationale by modelling the spreading of a self-replicating malware inspired by WannaCry.","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128142347","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Bimodal Enterprise Architecture Management: The Emergence of a New EAM Function for a BizDevOps-Based Fast IT","authors":"P. Drews, Ingrid Schirmer, Bettina Horlach, Carsten Tekaat","doi":"10.1109/EDOCW.2017.18","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.18","url":null,"abstract":"During the last years, many companies established fast IT or digital IT units dedicated to build and operate digital customer-facing services. These units adopted agile methods, new tool chains as well as new organizational settings like BizDevOps teams. BizDevOps teams are responsible for continuously (re-)defining business functionality of certain (micro-)services, (re-)developing and running them. In these new fast IT environments, the role of enterprise architecture management changes dramatically. BizDevOps teams have a high degree of autonomy in designing both, the functionality and the architecture of their (micro-)services and thus contribute to business-IT-alignment in a new way. Nevertheless, a central enterprise architecture management (EAM) function is still required for supporting the teams regarding cross-team and cross-service issues. Furthermore, as many companies still run the traditional IT function side-by-side with the new IT function, the EAM functions of both parts have to cooperate. Based on a single case study, we discuss the emergence of a new EAM function (\"fast IT EAM\"), changing tasks and processes, implications for EA models and challenges for the integration of the traditional EAM and the fast IT EAM functions.","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131713972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards Integration Methods of Product-IT into Enterprise Architectures","authors":"K. Sandkuhl, U. Seigerroth, Julia Kaidalova","doi":"10.1109/EDOCW.2017.13","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.13","url":null,"abstract":"Digital innovation (DI), Internet of Things (IoT) and Cyber-Physical Systems (CPS) offer new opportunities for enterprises but also cause new challenges for Enterprise Architecture Management. Based on an industrial case from power garden products illustrating potentials and challenges of DI and IoT, this paper investigates the integration of product-IT into enterprise architectures. Product-IT includes the embedded IT-systems in physical products and services, components for operations, maintenance or evaluation purposes. The paper investigates the suitability of traditional enterprise architecture layers for structuring product-IT, identifies problems in product-IT and enterprise-IT integration and challenges for the field of EAM. The main contributions of the paper are (1) to position the area of product-IT in the field of EAM, (2) to identify challenges from real-world cases regarding integration of product-IT into EA and (3) outline potential ways to approach the challenges.","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134429548","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Key Performance Indicators for a Capability-Based Application Portfolio Management","authors":"Pouya Aleatrati Khosroshahi, Jannis Beese, Fatih Yılmaz, F. Matthes, R. Winter","doi":"10.1109/EDOCW.2017.22","DOIUrl":"https://doi.org/10.1109/EDOCW.2017.22","url":null,"abstract":"In this paper, we define three key performance indicators (KPI) to measure the health of application portfolios (AP) and use the business capability map (BCM) as a visualization lens. Based on a literature review of AP management and BCM practices, we conduct a case study with a large European automotive company to develop three KPIs related to AP complexity, AP quality, and AP impact. The application of the KPIs is illustrated for the BCM of our case study partner and evaluated by conducting expert interviews with ten enterprise architecture experts of the company. Our results provide further insights on AP management practices that are enabled by using the BCM as a holistic visualization tool.","PeriodicalId":315067,"journal":{"name":"2017 IEEE 21st International Enterprise Distributed Object Computing Workshop (EDOCW)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132213544","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}