i nform ation managem ent e com m erce and
play

I nform ation Managem ent e-Com m erce and Overview Business - PDF document

Jan 02, 2024 •290 likes •650 views

I nform ation Managem ent e-Com m erce and Overview Business process focus e-Commerce Information Management WS-SOA WU Digital resources in "learn@wu" RBAC SEITE 2 Business Process Focus

  1. I nform ation Managem ent e-Com m erce and

  2. Overview  Business process focus  e-Commerce  Information Management  WS-SOA  WU  Digital resources in "learn@wu"  RBAC SEITE 2

  3. Business Process Focus  Business Process (BP) Focus  Defines need for exchange of information  Broken up in constituting "business transactions", e.g.  Order transaction,  Invoice transaction,  Payment transaction, ...  Paper-based documents representing BP  forms, patents, etc.  Evolving IT infrastructures determine how BP may get supported, e.g.  from proprietary physical communication connections to Internet (independent of physical connections)  Perspective of the business, not the customer

  4. e-Com m erce  Business-to-Business (B2B)  End of 70's, begin of 80's  Proprietary communication lines  Proprietary Protocols  Electronic Data Interchange (EDI) and Electronic Funds Transfer (EFT)  (ASCII) Text encodings  Automating business functions of business processes  Raise of Enterprise Resource Planning (ERP) Systems  Standardisation efforts  United Nations/ Electronic Data Interchange For Administration, Commerce and Transport (UN/ EDIFACT)  Exchange of documents (invoices, shipping orders, etc.) in electronic form SEITE 4

  5. e-Com m erce  Business-to-Business (B2B)  Since the beginning of the 90's  Internet  http  HTML  Since the beginning of the 00's  XML  e-Business XML (ebXML)  Organization for the Advancement of Structured Information Standards (OASIS)  United Nations/ Centre for Trade Faciliation and Electronic Business (UN/ CEFACT)  ISO standard (ISO 15000)  Universal Business Language (UBL) by OASIS  Presale, Ordering, Delivery, Invoicing, Payment  Northern European Subset (NES)  Denmark, Sweden, Norway, Finland, UK, Iceland) SEITE 5

  6. e-Com m erce  Business-to-Consumer (B2C)  Since the beginning of the 90's  Proprietary networks  eg. "MS-Net" with Windows95  Internet  http, shttp  HTML, XML SEITE 6

  7. I nform ation Managem ent  Digital information  Digital goods  e.g. music  Digital forms  e.g. order  Digital services  e.g. queries  Managing (and securing)  Sources  Creation  Distribution  Access SEITE 7

  8. I nform ation Managem ent  ISO/ IEC 27002: 2007 (JIS Q 27002)  Information Security Management Systems (ISMS)  Defines best practices for (excerpt)  Security policy  Organization of information security  Communications and operations management  Access control  Information security incident management  Compliance (with information security policies) SEITE 8

  9. I nform ation Managem ent  Control Objectives for Information and related Technology (COBIT)  Information Systems Audit Control Association (ISACA), IT Governance Institute (ITGI)  IT governance and audit  Public Companies subject to U.S. Sarbanes-Oxley (SOX) Act 2002 encouraged to also adopt COBIT  Security related IT processes in COBIT objective domains overlapping with ISO/ IEC 27002 (JIS Q 27002)  Plan and Organize (PO)  PO2: Define the Information Architecture  PO5: Manage the IT Investment  PO6: Communicate Management Aims and Direction  PO7: Manage IT Human Resources  PO8: Manage Quality SEITE 9

  10. I nform ation Managem ent  Control Objectives for Information and related Technology (COBIT)  Security related IT processes in COBIT domains  Acquire and Implement (AI)  AI1: Identify Automated Solutions  AI6: Manage Changes  Deliver and Support (DS)  DS2: Manage Third-party Services  DS4: Ensure Continuous Services  DS5: Ensure Systems Security  DS7: Educate and Train Users  DS11: Manage Data SEITE 10

  11. I nform ation Managem ent  Information Technology Infrastructure Library (ITIL)  United Kingdom's Office of Government Commerce (OGC)  Books defining concepts, guidelines and practices for  Information Technology Services Management (ITSM)  Information Technology (IT)  IT operations  ISO/ IEC 20000, "IT Service Management"  Reflects ITIL best practice guidances  Generically enough to be able to support COBIT SEITE 11

  12. W S-SOA  Advent of the Internet  Public m: n-communication becomes possible  Worldwide  Cheaper compared to earlier infrastructures  Exploiting the Internet for carrying out business processes  Interfacing with own central servers  Exchanging data with own chain stores  Exchanging data with business partners  Exchanging data with customers  Need to standardize services in the context of the Web  Security (accessibility) of paramount interest SEITE 12

  13. W S-SOA  Web Services (WS) – Service Oriented Architecture (SOA)  Reengineering e-Commerce applications  Services (part of business processes) as building blocks  Open standards  World Wide Web Consortium (W3C)  Organization for the Advancement of Structured Information Standards (OASIS)  Security related standards, e.g.  Cross-Enterprise Security and Privacy Authorization (XSPA)  WS-SecurityPolicy  WS-Trust SEITE 13

  14. Role Based Access Control ( RBAC)  Role-based access control (RBAC)  Constituting elements  S (subject, user, a person, an agent)  R (role)  P (permission)  SA (subject assigned to a role)  PA (permission assigned to a role)  RH (role hierarchy)  Session  User excercising roles  Could also be used to implement  Discretionary access control (DAC)  Mandatory access control (MAC) SEITE 14

  15. NI ST/ I NCI TS 3 5 9 -2 0 0 4 RBAC

  16. W U  WU ("vey-ouh")  "Vienna University of Economics and Business Administration", Vienna  About 27.000 students  Organized into 12 Departments  Department of Information Systems  Four Institutes  "Information Business"  "Production Management"  "Management Information Systems"  "Information Systems and New Media" SEITE 16

  17. W U  Institute of "New Media and Information Systems"  Prof. Neumann, Prof. Strembeck  "learn@wu"  Lead-development of one of the largest and most intensively employed Web-based e-learning systems  Serving 27.000+ authorized participants  Hosting 4.600+ courses  Hosting 60.000+ learning resources SEITE 17

  18. W U  "learn@wu"  Need for flexible, efficient management, hence role-based  Access to courses and learning resources  Adding, changing, removing courses and learning resources  Services sold outside of the University  Need for controlling access in a very flexible manner  Adding, changing, removing and conducting tests and student evaluations  For student's training purposes  For managing  Research of RBAC  Prof. Strembeck SEITE 18

  19. W U RBAC-Research, Concepts  Scenario-driven role engineering  Scenario-technique for deriving permissions and roles  Scenario, applicable for business processes as well  Possible or actual action and sequence of events  Each action/ event in a scenario is a step which is associated with a particular access operation  A subject needs all permissions of all steps to carry out a scenario successfully  Task  Consists of one or more scenarios  Work profile  Consists of one or more tasks  May be used to derive a role SEITE 19

  20. Scenario-Driven RBAC

  21. W U RBAC-Research, Concepts  Engineer Context Constraints in RBAC environments  Conditional permissions are associated with context constraints  Context constraint  Clause containing one or more context conditions  Context attribute  A property of the environment (maybe a sensor to capture/ measure)  Context function  A function to obtain the current value of a context attribute  Context condition  A predicate consisting of one operator and two or more operands SEITE 21

  22. Context-Sensitive RBAC

  23. Context-Driven RBAC

  24. Role Engineering Process Scenario-Driven

  25. W U RBAC-Research, Tools  Extended object RBAC (xoRBAC)  Concepts for engineering context constraints  XOTcl role based access control tool  Supporting  Principle of least privilege  Separation of duty (static, dynamic)  Definition of complex permissions  Extended object role engineering tool (xoRET)  Scenario-based XOTcl role engineering tool  Engineering of context constraints SEITE 25

  26. xoRET

  27. xoRET

  28. xoRET

  29. xoRET

  30. xoRET

  31. xoRET

  32. xoRET

  33. xoRET

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

I nform ation & Referral I nform ation & Referral - Building on our Mandate Building on

I nform ation & Referral I nform ation & Referral - Building on our Mandate Building on

I nform ation & Referral I nform ation & Referral - Building on our Mandate Building on our Mandate - Why Focus on Information and Referral? Recent studies have indicated that older adults are unable to identify services or

565 views • 21 slides
Product I nform ation 4 .0 Gebrauchsinform ation 4 .0 ( GI 4 .0 ) Digital Product

Product I nform ation 4 .0 Gebrauchsinform ation 4 .0 ( GI 4 .0 ) Digital Product

Product I nform ation 4 .0 Gebrauchsinform ation 4 .0 ( GI 4 .0 ) Digital Product Information System for Pharmaceuticals Dr. Georg Lang November 2018 I downloaded the App and tested it with my medicines. I see an additional benefit

78 views • 7 slides
Acquisition of Fishers Novem ber 2 1 2 0 1 7 Forw ard Looking I nform ation This presentation

Acquisition of Fishers Novem ber 2 1 2 0 1 7 Forw ard Looking I nform ation This presentation

Acquisition of Fishers Novem ber 2 1 2 0 1 7 Forw ard Looking I nform ation This presentation contains forward-looking information that represents internal expectations, estimates or beliefs concerning, among other things, future activities or

443 views • 11 slides
W elcom e to the W ide W orld of Rotary An I nform ation Exchange for Nearly, New , and Renew

W elcom e to the W ide W orld of Rotary An I nform ation Exchange for Nearly, New , and Renew

W elcom e to the W ide W orld of Rotary An I nform ation Exchange for Nearly, New , and Renew ing Rotarians October 2 3 , 2 0 1 5 I ntroductions- Expectations of new members- Club services, activities, and fundraisers- District and I

383 views • 10 slides
The Technology Challenge: Privacy, I nform ation Security and Com pliance Pierce Atw ood Em

The Technology Challenge: Privacy, I nform ation Security and Com pliance Pierce Atw ood Em

The Technology Challenge: Privacy, I nform ation Security and Com pliance Pierce Atw ood Em ploym ent Group October 1 2 , 2 0 1 7 INFORMATION SECURITY Risks, Systems, Breaches, Training Presented by: Vivek J. Rao Pierce Atw ood LLP ( 2 0 7

1.38k views • 108 slides
LED Means Business Planning in a W orld of I nform ation Overload Presentation to: Local

LED Means Business Planning in a W orld of I nform ation Overload Presentation to: Local

LED Means Business Planning in a W orld of I nform ation Overload Presentation to: Local Employment Dynamics Partnership Maggie Moree Director of Federal Affairs Business Council of NYS March 6 , 2 0 0 8 W hy am I here? Many years as

269 views • 16 slides
Personalized I nform ation Delivery on Objectives of this Talk the Static and Mobile W eb

Personalized I nform ation Delivery on Objectives of this Talk the Static and Mobile W eb

Personalized I nform ation Delivery on Objectives of this Talk the Static and Mobile W eb Traditional IR vs. mobile IR Information Push as the default information access model Estimating user interests via search engine

432 views • 8 slides
I NSPI RE for Reporting and Dissem ination of Urban W aste W ater I nform ation Benot

I NSPI RE for Reporting and Dissem ination of Urban W aste W ater I nform ation Benot

Under contract for Thematic Plenary I: INSPIRE for Environment closing the implementation gap I NSPI RE for Reporting and Dissem ination of Urban W aste W ater I nform ation Benot Fribourg-blanc 1 & Bruno Rakedjian 2 ( 1) Office

367 views • 12 slides
Fundam ental, Technical, and Com bined I nform ation for Separating W inners from Losers Prof.

Fundam ental, Technical, and Com bined I nform ation for Separating W inners from Losers Prof.

Fundam ental, Technical, and Com bined I nform ation for Separating W inners from Losers Prof. Cheng-Few Lee and Wei-Kang Shih Rutgers Business School Oct. 16, 2009 Outline of Presentation Introduction and Motivation Summary of

570 views • 31 slides
I nform ation Society Statistical Profiles 2 0 0 9 Arab States Dam ascus, Syria 1 7 -1 9

I nform ation Society Statistical Profiles 2 0 0 9 Arab States Dam ascus, Syria 1 7 -1 9

Committed to Connecting the World Regional Preparatory Meeting for the ITU World Telecommunication Development Conference 2010 (WTDC-10) I nform ation Society Statistical Profiles 2 0 0 9 Arab States Dam ascus, Syria 1 7 -1 9 January 2 0 1 0

768 views • 45 slides
Application of Fuzzy Logic and Uncertainties Measurem ent in Environm ental I nform ation System

Application of Fuzzy Logic and Uncertainties Measurem ent in Environm ental I nform ation System

Fakultt Forst-, Geo- und Hydrowissenschaften , Fachrichtung Wasserwesen, Institut fr Abfallwirtschaft und Altlasten , Professur Systemanalyse Application of Fuzzy Logic and Uncertainties Measurem ent in Environm ental I nform ation System s

686 views • 36 slides
GALATEAS - EU Project Part of the European Commission s I nform ation and Com m unication

GALATEAS - EU Project Part of the European Commission s I nform ation and Com m unication

G eneralized A nalysis of L ogs for A utomatic y g T ranslation and E pisodic A nalysis of S earches http: / / www.galateas.eu GALATEAS - EU Project Part of the European Commission s I nform ation and Com m unication Technologies

296 views • 12 slides
Pollinator I nform ation Netw ork of the Am ericas Vital inform ation for a vital ecosystem

Pollinator I nform ation Netw ork of the Am ericas Vital inform ation for a vital ecosystem

IABIN Pollinators Thematic Network IABIN Pollinators Thematic Network Pollinator I nform ation Netw ork of the Am ericas Vital inform ation for a vital ecosystem service Vital inform ation for a vital ecosystem service Antonio Saraiva, Pedro

326 views • 17 slides
Using CVS Historical I nform ation to Understand How Students Develop Softw are Y. Liu, E.

Using CVS Historical I nform ation to Understand How Students Develop Softw are Y. Liu, E.

Using CVS Historical I nform ation to Understand How Students Develop Softw are Y. Liu, E. Stroulia, K. W ong D. Germ an Department of Computing Science Department of Computer Science University of Alberta University of Victoria JRefleX

277 views • 25 slides
I nform ation Services FY1 4 -1 5 Budget Com m ittee Presentation Free Powerpoint Templates

I nform ation Services FY1 4 -1 5 Budget Com m ittee Presentation Free Powerpoint Templates

I nform ation Services FY1 4 -1 5 Budget Com m ittee Presentation Free Powerpoint Templates Free Powerpoint Templates Page 1 Agenda IS Department Structure Strategic Plan Collaboration & Partnerships Current Year Successes

698 views • 36 slides
Privacy and EHR I nform ation Flow s in Canada EHI L W ebinar Series Presented by: Joan Roch,

Privacy and EHR I nform ation Flow s in Canada EHI L W ebinar Series Presented by: Joan Roch,

Privacy and EHR I nform ation Flow s in Canada EHI L W ebinar Series Presented by: Joan Roch, Chief Privacy Strategist, Canada Health I nfow ay March 1 , 2 0 1 1 Outline 1. Background 2. Infoways privacy mandate and work 3. The Common

811 views • 33 slides
Challenges in Implementing Challenges in Implementing Trade Facilitation & Trade

Challenges in Implementing Challenges in Implementing Trade Facilitation & Trade

Challenges in Implementing Challenges in Implementing Trade Facilitation & Trade Facilitation & e- -Business over the Internet Business over the Internet e 13 th Northeast Asia Economic Forum 17-18 September 2004, Seoul, Korea Kenji

1.03k views • 43 slides
Welcome! NERC 2015 Standards and Compliance Fall Workshop The Westin San Diego, CA October

Welcome! NERC 2015 Standards and Compliance Fall Workshop The Westin San Diego, CA October

Welcome! NERC 2015 Standards and Compliance Fall Workshop The Westin San Diego, CA October 20-22, 2015 Todays Agenda 8:459:15 a.m.: Compliance Guidance Patti Metro 9:159:45 a.m.: Risk-Based Registration Val Agnew

1.86k views • 166 slides
QuickBooks EDI for Intuit Partners A simple guide to the advantages of becoming a B2BGateway

QuickBooks EDI for Intuit Partners A simple guide to the advantages of becoming a B2BGateway

QuickBooks EDI for Intuit Partners A simple guide to the advantages of becoming a B2BGateway QuickBooks EDI VAR Jon Bellemore Sales & Marketing Strategist B2bgateway EDI services Todays presenter and agenda Todays Topics What s

426 views • 28 slides
Draft Recom m endations for the Predictability Roadmap Presented to NCVHS September 14, 2018

Draft Recom m endations for the Predictability Roadmap Presented to NCVHS September 14, 2018

Draft Recom m endations for the Predictability Roadmap Presented to NCVHS September 14, 2018 1 Agenda Historical Review how we got here? Present Draft recommendations Proposed next steps/plans for fall hearing 2 The NCVHS

393 views • 15 slides
Unicode Localization Data Interoperability TC Overview (ULI) Whats a word? Whats a

Unicode Localization Data Interoperability TC Overview (ULI) Whats a word? Whats a

Unicode Localization Data Interoperability TC Overview (ULI) Whats a word? Whats a sentence? Why is this business-relevant? Christian Lieske, SAP (Walldorf, Germany) Helena Shih Chapman, IBM (Waltham, Massachusetts, USA) META-FORUM 2013

214 views • 10 slides
Aviation Services & Payments Conference Radisson Blu Hotel - Nairobi, Kenya John Kiss

Aviation Services & Payments Conference Radisson Blu Hotel - Nairobi, Kenya John Kiss

Aviation Services & Payments Conference Radisson Blu Hotel - Nairobi, Kenya John Kiss Director, Business Development A Little Background Company Profile MIS Choice, Inc. Founded in 1999 Three Lines of Business Headquartered in Chicago

554 views • 30 slides
The FAIR data scientist Dr Rebecca Lange Curtin Institute for Computation WAGUL Research Forum -

The FAIR data scientist Dr Rebecca Lange Curtin Institute for Computation WAGUL Research Forum -

The FAIR data scientist Dr Rebecca Lange Curtin Institute for Computation WAGUL Research Forum - 23 July 2019 CC BY-SA 4.0 What do Astronomy, Art Conservation and Smart Cities have in common? CC BY-SA 4.0 one data scientist CC BY-SA 4.0

335 views • 21 slides
Telematic Applications for Freight (TAF TSI) OSJD UNESCAP Regional Meeting on Harmonization of

Telematic Applications for Freight (TAF TSI) OSJD UNESCAP Regional Meeting on Harmonization of

Telematic Applications for Freight (TAF TSI) OSJD UNESCAP Regional Meeting on Harmonization of Rules and Regulations for Facilitation of International Railway Transport Astana (Kazakhstan), 20 21 December 2017 A full package of products

425 views • 27 slides

More recommend