19,487 research outputs found
Contract specification for compliance checking of business interactions
PhD ThesisIn the business world, contracts are used to regulate business interactions between trading parties.
When business transactions are conducted over an electronic channel, electronic forms of contracts
are needed; and because of the additional capabilities of an electronic means, their function can
be extended to include compliance checking for the interactions of the parties, and enforcement of
contractual clauses when needed.
A contract is assumed to be a document that stipulates a list of clauses stating rights, obligations
and prohibitions, and their associated constraints, that business partners are expected to honour.
Compliance checking is taken to mean checking if business operations executed by business partners
match with their rights, obligations and prohibitions as stipulated in the contract. We intend
enforcement as making sure that business operations match the rights, obligations, and prohibitions
of the parties, possibly compensating for deviations from expected behaviour.
In traditional business interactions, compliance checking and enforcement are carried out man-
ually. With electronic business interactions, such tasks can ideally be automated. This requires a
model for the process of checking contract compliance, and an electronic language for the speci ca-
tion of the actual contract.
The rst main contribution of this thesis is such a model. The EROP model (from Events,
Rights, Obligations and Prohibitions), composed of an ontology and an architecture, observes the
interactions between the business partners, forms an interpretation of their outcome from a neutral
perspective and checks their contractual compliance by matching executed operations with their sets
of rights, obligations, and prohibitions, and reacting accordingly to them. Implementations of the
EROP ontology and of an experimental prototype of the architecture are also presented.
The second main contribution of this thesis is the EROP language, designed to specify contractual
compliance, and to regulate execution of business operations through the manipulation of the sets
of rights, obligations and prohibitions of the business partners. The EROP language is rule-based
and event-driven, and, in a similar fashion to contracts in natural language, contractual clauses
are expressed as business rules, conditional statements associating events and conditions to lists of
actions altering the rights, obligations and prohibitions of the participants. The practicality of the
approach taken with the EROP language is evaluated presenting a larger, complete scenario and a number of smaller ones taken from comparable work. Notes on the translation of the EROP language
to one on a lower level of abstraction that relies on the implementation of the EROP ontology are also presented. The Appendix presents a formal grammar for the language.UK EPSRC e-Science Pilot Project: "GOLD (Grid-based Information Models to Support the Rapid Innovation of High Value
Added Chemicals)
A toolkit for model checking of electronic contracts
PhD ThesisIn the business world, contracts are used to regulate business interactions
between trading parties. In this context, an electronic contracting systems
can be used to monitor businessâtoâbusiness interactions to ensure that
they comply with the rights (permissions), obligations and prohibitions
stipulated in contract clauses. Such an electronic contracting system will
require an executable version of the contract (e-contract) for compliance
checking. It is important to be verify the correctness properties of an e-
contract before deploying it for compliance checking. Model checkers are
widely used for automatic verification of concurrent systems. However,
such tools for e-contracts with means for expressing directly and intu-
itively key concepts that appear recurrently in contracts, such as execu-
tions of business operations, granting (cancellation, suspension, fulfilment,
violation, etc.) of rights, obligations and prohibitions to role players are
not yet available.
This thesis rectifies the situation by developing a high-level e-contract
verification toolkit using the Spin model checker. A formal Contractual
Business-To-Business interaction (CB2B) model based on the concepts of
contract compliance checking developed earlier at Newcastle university
has been constructed. Further, Promela, the input language of the Spin
model checker, has been extended in a manner that enables specification
of contract clauses in terms of contract entities: role players, business
operations, rights, obligations and prohibitions. A given contract can now
be expressed using extended Promela as a set of declarations and a set of
Event-Condition-Action rules. In addition, the designer can specify the
correctness requirements to be verified in Linear-Temporal-Logic directly
in terms of the contract entities. A notable feature is that the CB2B model
automatically checks for contract independent properties: properties that
must hold for all contracts. For example, at run time, a contract should
not simultaneously grant a role player a right to perform an operation
and also prohibit it. Thus, the toolkit hides much of the intricate details
of dealing with Promela processes communicating through channels and
enables a designer to build verifiable abstract models directly in terms of
contract entities.
The usefulness of the toolkit is demonstrated by trying out a number of
contract examples used by researchers working on contract verification.
The thesis also shows how the toolkit can be used for generating test
cases for testing an implemented system
Recommended from our members
Contracts as threats: On a rationale for rewarding A while hoping for B
In this paper we explore theoretically the relationship between explicit and implicit/relational contracting distinguishing between the ex-ante decision to sign an explicit contract and the ex-post decision wheter to actually apply it. We show, among other things, that the relational efficient explicit contract tends to display overcontracting on tasks or qualitative requirements (A) that are verifiable but apparently of little use for the principal. The ex-post (non)implementation of such explicit contract can then be discretionally exchanged against the provision of non contractible tasks (B) that are highly valuable for the principal.
An empirical implication of the result, consistent with casual observation in procurement, is that penalties for infringements established by explicit contracts are seldom exercised, even though violations take place and are easy to monitor and verify
CamFlow: Managed Data-sharing for Cloud Services
A model of cloud services is emerging whereby a few trusted providers manage
the underlying hardware and communications whereas many companies build on this
infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS
applications. From the start, strong isolation between cloud tenants was seen
to be of paramount importance, provided first by virtual machines (VM) and
later by containers, which share the operating system (OS) kernel. Increasingly
it is the case that applications also require facilities to effect isolation
and protection of data managed by those applications. They also require
flexible data sharing with other applications, often across the traditional
cloud-isolation boundaries; for example, when government provides many related
services for its citizens on a common platform. Similar considerations apply to
the end-users of applications. But in particular, the incorporation of cloud
services within `Internet of Things' architectures is driving the requirements
for both protection and cross-application data sharing.
These concerns relate to the management of data. Traditional access control
is application and principal/role specific, applied at policy enforcement
points, after which there is no subsequent control over where data flows; a
crucial issue once data has left its owner's control by cloud-hosted
applications and within cloud-services. Information Flow Control (IFC), in
addition, offers system-wide, end-to-end, flow control based on the properties
of the data. We discuss the potential of cloud-deployed IFC for enforcing
owners' dataflow policy with regard to protection and sharing, as well as
safeguarding against malicious or buggy software. In addition, the audit log
associated with IFC provides transparency, giving configurable system-wide
visibility over data flows. [...]Comment: 14 pages, 8 figure
Implementation of Smart Contracts Using Hybrid Architectures with On- and Off-Blockchain Components
Recently, decentralised (on-blockchain) platforms have emerged to complement
centralised (off-blockchain) platforms for the implementation of automated,
digital (smart) contracts. However, neither alternative can individually
satisfy the requirements of a large class of applications. On-blockchain
platforms suffer from scalability, performance, transaction costs and other
limitations. Off-blockchain platforms are afflicted by drawbacks due to their
dependence on single trusted third parties. We argue that in several
application areas, hybrid platforms composed from the integration of on- and
off-blockchain platforms are more able to support smart contracts that deliver
the desired quality of service (QoS). Hybrid architectures are largely
unexplored. To help cover the gap, in this paper we discuss the implementation
of smart contracts on hybrid architectures. As a proof of concept, we show how
a smart contract can be split and executed partially on an off-blockchain
contract compliance checker and partially on the Rinkeby Ethereum network. To
test the solution, we expose it to sequences of contractual operations
generated mechanically by a contract validator tool.Comment: 12 pages, 7 figure
The interaction of lean and building information modeling in construction
Lean construction and Building Information Modeling are quite different initiatives, but both are having profound impacts on the construction industry. A rigorous analysis of the myriad specific interactions between them indicates that a synergy exists which, if properly understood in theoretical terms, can be exploited to improve construction processes beyond the degree to which it might be improved by application of either of these paradigms independently. Using a matrix that juxtaposes BIM functionalities with prescriptive lean construction principles, fifty-six interactions have been identified, all but four of which represent constructive interaction. Although evidence for the majority of these has been found, the matrix is not considered complete, but rather a framework for research to
explore the degree of validity of the interactions. Construction executives, managers, designers and developers of IT systems for construction can also benefit from the framework as an aid to recognizing the potential synergies when planning their lean and BIM adoption strategies
Towards an integrated perspective on fleet asset management: engineering and governance considerations
The traditional engineering perspective on asset management concentrates on the operational performance the assets. This perspective aims at managing assets through their life-cycle, from technical specification, to acquisition, operation including maintenance, and disposal. However, the engineering perspective often takes for granted organizational-level factors. For example, a focus on performance at the asset level may lead to ignore performance measures at the business unit level. The governance perspective on asset management usually concentrates on organizational factors, and measures performance in financial terms. In doing so, the governance perspective tends to ignore the engineering considerations required for optimal asset performance. These two perspectives often take each other for granted. However experience demonstrates that an exclusive focus on one or the other may lead to sub-optimal performance. For example, the two perspectives have different time frames: engineering considers the long term asset life-cycle whereas the organizational time frame is based on a yearly financial calendar. Asset fleets provide a relevant and important context to investigate the interaction between engineering and governance views on asset management as fleets have distributed system characteristics. In this project we investigate how engineering and governance perspectives can be reconciled and integrated to enable optimal asset and organizational performance in the context of asset fleets
- âŠ