发布求助
文献互助 智能选刊 最新文献

2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management最新文献

筛选
英文 中文
Elevating the Discussion on Security Management: The Data Centric Paradigm 提升安全管理的讨论:以数据为中心的范式
2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management Pub Date : 2007-05-21 DOI: 10.1109/BDIM.2007.375015
Tyrone Grandison, Michael Bilger, Luke O’Connor, M. Graf, Morton Swimmer, M. Schunter, A. Wespi, Nevenko Zunic
{"title":"Elevating the Discussion on Security Management: The Data Centric Paradigm","authors":"Tyrone Grandison, Michael Bilger, Luke O’Connor, M. Graf, Morton Swimmer, M. Schunter, A. Wespi, Nevenko Zunic","doi":"10.1109/BDIM.2007.375015","DOIUrl":"https://doi.org/10.1109/BDIM.2007.375015","url":null,"abstract":"Corporate decision makers have normally been disconnected from the details of the security management infrastructures of their organizations. The management of security resources has traditionally been the domain of a small group of skilled and technically savvy professionals, who report to the executive team. As threats become more prevalent, attackers get smarter and the infrastructure required to secure corporate assets become more complex, the communication gap between the decision makers and the implementers has widened. The risk of misinterpretation of corporate strategy into technical safe controls also increases with the above-mentioned trends. In this paper, we articulate a paradigm for managing enterprise security called the data centric security model (DCSM), which puts IT policy making in the hands of the corporate executives, so that security decisions can be directly executed without the diluting effect of interpretation at different levels of the Infrastructure and with the benefit of seeing direct correlation between business objective and security mechanism. Our articulation of the DCSM vision is a starting point for discussion and provides a rich platform for research into business-driven security management.","PeriodicalId":414047,"journal":{"name":"2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management","volume":"661 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131984949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Utilizing a Service Oriented Architecture for Information Security Evaluation and Quantification 利用面向服务的体系结构进行信息安全评估与量化
2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management Pub Date : 2007-05-21 DOI: 10.1109/BDIM.2007.375023
C. Martin, Khalil A. Abuosba
{"title":"Utilizing a Service Oriented Architecture for Information Security Evaluation and Quantification","authors":"C. Martin, Khalil A. Abuosba","doi":"10.1109/BDIM.2007.375023","DOIUrl":"https://doi.org/10.1109/BDIM.2007.375023","url":null,"abstract":"The service oriented architecture provides an abstraction utility that is characterized to be autonomous, well defined, and self-contained. In this research we define the basic building blocks of a security reference model composed out of processes domain view, security requirements view, infrastructure management view, security assurance view, and survivability management view. We build a security attributes organizational model based on security processes states and security attributes requirements. We continue to dissect our proposed architecture based on the service oriented architecture reference model, and map the SOA dimensions into security requirements attributes.","PeriodicalId":414047,"journal":{"name":"2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133491348","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
A Mechanism of Specifying and Determining Pricing in Utility Computing Environments 效用计算环境下定价的确定机制
2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management Pub Date : 2007-05-21 DOI: 10.1109/BDIM.2007.375010
J. Ouyang, Akhil Sahai, J. Pruyne
{"title":"A Mechanism of Specifying and Determining Pricing in Utility Computing Environments","authors":"J. Ouyang, Akhil Sahai, J. Pruyne","doi":"10.1109/BDIM.2007.375010","DOIUrl":"https://doi.org/10.1109/BDIM.2007.375010","url":null,"abstract":"Utility services providers offer on-demand services for multiple users and applications from a shared resource pool. The utility computing environment provider manages resources that have multiple dimensions, namely CPU, Memory and Disk. It is important that a mechanism of quantification he utilized for determining pricing. Also in these environments, we believe that price needs to be adapted to reflect and influence dynamic change in demand on resources, and can be used, as an economic mechanism, to efficiently manage a utility computing environment. To achieve this, we propose in this paper an adaptive pricing mechanism. The objective of this scheme is twofold: it, for business objectives, adapts price based upon the supply and demand curves over time intervals; on the other hand, price invisibly manages the distribution of resource demand across time intervals, therefore makes resource utilization more efficient and balanced over time. In this approach, the resource unit to be priced is called capacity unit, and applications are billed based upon the capacity units that have been reserved or used.","PeriodicalId":414047,"journal":{"name":"2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125198671","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
The strategic value of the "fit" between business processes and IT management: The case of the Italian publishing industry 业务流程和IT管理之间“契合”的战略价值:以意大利出版业为例
2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management Pub Date : 2007-05-21 DOI: 10.1109/BDIM.2007.375021
G. Petruzzi, A. Garavelli
{"title":"The strategic value of the \"fit\" between business processes and IT management: The case of the Italian publishing industry","authors":"G. Petruzzi, A. Garavelli","doi":"10.1109/BDIM.2007.375021","DOIUrl":"https://doi.org/10.1109/BDIM.2007.375021","url":null,"abstract":"This research study aims at investigating the effect of the fit between organizational processes and information technology on business performance. Our key theoretical point unfolds from the hypothesis that the information technologies can trigger their potential and (positively) impact business performance if they \"fit\" the organizational processes they are deemed to support. When firms configure their IT equipments, we argue that managers should select a configuration that better \"fit\" the processes. We have outlined a theoretically derived model of IT/process fit based on business process dimensions and their relationship to IT features that can help researchers to understand the consequences of IT investments on organization. Model estimation has been carried out in the context of the Italian publishing industry on a sample of 36 publishing firms. The results show substantial support for our main hypothesis: firms which actually use IT in a way that fits business process requirements show a better competitive positioning. Results have significant managerial implications and show that to make \"good\" IT decisions managers should consider jointly both IT characteristics and process dimensions. The cost of any IT option should be evaluated against its purpose and the organizational processes the IT should support.","PeriodicalId":414047,"journal":{"name":"2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131081099","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
A Model Driven Framework for IT Transformation IT转换的模型驱动框架
2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management Pub Date : 2007-05-21 DOI: 10.1109/BDIM.2007.375012
S. Kumaran, T. Chao, K. Bhattacharya, P. Dhoolia
{"title":"A Model Driven Framework for IT Transformation","authors":"S. Kumaran, T. Chao, K. Bhattacharya, P. Dhoolia","doi":"10.1109/BDIM.2007.375012","DOIUrl":"https://doi.org/10.1109/BDIM.2007.375012","url":null,"abstract":"IT organizations are faring significant business and technical challenges today. On the business realm, companies are increasingly outsourcing their IT operations to specialized IT services firms. On the technical side, new architectural approaches such as Model Driven Architecture and Service Oriented Architecture are fundamentally changing IT management. In response to these challenges, Business-driven IT management (BDIM) has emerged as a new approach lo IT management that bridges Business IT gap, improves the quality of IT services, and optimizes IT operations. In this paper, we present a multi- layer modeling framework to support BDIM, introduce a versatile Service Delivery Management (SDM) platform for IT service delivery, and use the construction of the SDM platform to demonstrate the modeling framework in action.","PeriodicalId":414047,"journal":{"name":"2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130037963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Definition of Metric Dependencies for Monitoring the Impact of Quality of Services on Quality of Processes 用于监控服务质量对过程质量影响的度量依赖关系的定义
2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management Pub Date : 2007-05-21 DOI: 10.1109/BDIM.2007.375006
Christian Mayerl, Kay M. Huner, Jens-Uwe Gaspar, Christof Momm, S. Abeck
{"title":"Definition of Metric Dependencies for Monitoring the Impact of Quality of Services on Quality of Processes","authors":"Christian Mayerl, Kay M. Huner, Jens-Uwe Gaspar, Christof Momm, S. Abeck","doi":"10.1109/BDIM.2007.375006","DOIUrl":"https://doi.org/10.1109/BDIM.2007.375006","url":null,"abstract":"Service providers have to monitor the quality of offered services and to ensure the compliance of service levels provider and requester agreed on. Thereby, a service provider should notify a service requester about violations of service level agreements (SLAs). Furthermore, the provider should point to impacts on affected processes in which services are invoked. For that purpose, a model is needed to define dependencies between quality of processes and quality of invoked services. In order to measure quality of services and to estimate impacts on the quality of processes, we focus on measurable metrics related to functional elements of processes, services as well as components implementing services. Based on functional dependencies between processes and services of a service-oriented architecture (SOA), we define metric dependencies for monitoring the impact of quality of invoked services on quality of affected processes. In this paper we discuss how to derive metric dependency definitions from functional dependencies by applying dependency patterns, and how to map metric and metric dependency definitions to an appropriate monitoring architecture.","PeriodicalId":414047,"journal":{"name":"2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126427002","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Specifying Information Security Needs for the Delivery of High Quality Security Services 订明资讯保安需要,以提供高质素的保安服务
2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management Pub Date : 2007-05-21 DOI: 10.1109/BDIM.2007.375022
Xiaomeng Su, D. Bolzoni, P. V. Eck
{"title":"Specifying Information Security Needs for the Delivery of High Quality Security Services","authors":"Xiaomeng Su, D. Bolzoni, P. V. Eck","doi":"10.1109/BDIM.2007.375022","DOIUrl":"https://doi.org/10.1109/BDIM.2007.375022","url":null,"abstract":"In this paper we present an approach for specifying and prioritizing information security requirements in organizations. We propose to explicitly link security requirements with the organizations' business vision, i.e. to provide business rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements. Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance.","PeriodicalId":414047,"journal":{"name":"2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132391087","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Model-Based Mitigation of Availability Risks 基于模型的可用性风险缓解
2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management Pub Date : 2007-01-31 DOI: 10.1109/BDIM.2007.375014
E. Zambon, D. Bolzoni, S. Etalle, M. Salvato
{"title":"Model-Based Mitigation of Availability Risks","authors":"E. Zambon, D. Bolzoni, S. Etalle, M. Salvato","doi":"10.1109/BDIM.2007.375014","DOIUrl":"https://doi.org/10.1109/BDIM.2007.375014","url":null,"abstract":"The assessment and mitigation of risks related to the availability of the IT infrastructure is becoming increasingly important in modern organizations. Unfortunately, present standards for risk assessment and mitigation show limitations when evaluating and mitigating availability risks. This is due to the fact that they do not fully consider the dependencies between the constituents of an IT infrastructure that are paramount in large enterprises. These dependencies make the technical problem of assessing availability issues very challenging. In this paper we define a method and a tool for carrying out a risk mitigation activity which allows us to assess the global impact of a set of risks and to choose the best set of countermeasures to cope with them. To this end, the presence of a tool is necessary, due to the high complexity of the assessment problem. Our approach can be integrated in present risk management methodologies (e.g. COBIT) to provide a more precise risk mitigation activity. We substantiate the viability of this approach by showing that most of the input required by the tool is available as part of a standard business continuity plan, and/or by performing a common tool-assisted risk management.","PeriodicalId":414047,"journal":{"name":"2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115392278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信