Requirements of Process Modeling Languages – Results from an Empirical Investigation

The majority of large and mid-sized companies are active in BusinessProcess Management (BPM). Documenting business processesis a key task of BPM, but the variety of process modelinglanguages makes it difficult to determine ‘the best’ one. Basically,the suitability of a process modeling language depends on thecompanies’ requirements. In this paper we adopt a bird’s eye viewon the issue: By an empirical investigation of 130 publiccompanies from all over the world and any sector, we gather thecommon requirements of process modeling languages and usethem to assess the most popular ones (i.e., BPMN, UML ActivityDiagrams, Event-driven Process Chains). Our results show thatthese languages are (1) equally expressive and (2) presumablyequally understandable concerning the common core notion of‘business process’; thus, they can be used interchangeably.However, the BPMN is the most complex process modelinglanguage

Towards performance evaluation of cloud service providers for cloud data security

© 2016, Elsevier Ltd. All rights reserved. Today's data is sensitive that requires privacy and security both from the cloud service providers (CSP) as well as from users in its all the form of data states: data at rest, while transferring data, enquiring data, and processing the data. Cloud computing has been applied in the health sector, national security services, banking and other business and companies that store confidential data into the cloud as we have seen in recent years. Therefore, information and data security is a crucial issue that needs to be addressed thoroughly in the cloud computing business. This research deals with the performance analysis of recent cloud data security models. This paper proposes cloud data security models based on Business Process Modeling Notations (BPMN) and simulation results can reveal performances issues related to data security as part of any organizations initiative on Business process management (BPM)

Workaround Aware Business Process Modeling

Workarounds are an omnipresent part of organizational settings where formal rules and regulations describe standardized processes. Still, only few studies have focused on incorporating workarounds in designing information systems (IS) or as a part of management decisions. Therefore, this study provides an extension to the Business Process Modeling Notation (BPMN) by conducting a metamodel transformation, which includes workarounds. As a result, the Workaround Process Modeling Notation (WPMN) (1) leads organizations in designing workaround aware systems, (2) supports managers in deciding how to deal with workarounds, and (3) provides auditors with visualizations of non-compliance. We exemplify how this technique can be used to model a workaround in the process of accessing patient-identifying data in a hospital. We evaluated the model and find it particular suitable as an empirically grounded BPMN extension

Application of an Enterprise Modelling approach to deploy Systems Engineering processes in large organizations

Enterprise Modelling (EM) enables the representation of companies' activities, of their resources along with their roles and responsibilities in order to share the company's knowledge and support performance analysis. For this, EM promotes various concepts, techniques, frameworks, modelling languages and tools today widely used in companies. Currently, even a partial model of an enterprise constitutes a way to communicate, to share advices, to analyse and to make decisions. Therefore, EM appears to be a privileged tool to support any business change management. In a complementary way, Systems Engineering (SE) is a tried and tested methodological approach to design and test new products whatever their complexity or nature. Nowadays SE is considered in industry as a competitive and structured approach enabling a company to manage design activities and more generally to improve its capacity and ability to design complex systems efficiently. SE acts as a model-based engineering approach and promotes to this end a set of standardized collaborative processes, modelling languages and frameworks. Thus, when considering large companies designing complex systems such as a helicopter manufacturer, first it appears critical to be able to adapt processes proposed by SE standardization according to the business specific needs. This tailoring must be guided in order to consider the inherent complexity of the organization, the various human actors' profiles and skills, tools and stakeholders involved in the design of new products. As they all have to communicate and interact efficiently together their abilities and capacities to be interoperable i.e. to really work together should be analysed and improved accordingly before going further. Then, it appears necessary to prepare the company for the required changes, and to deploy in situ the adopted SE processes taking into account not only company's classical constrains and objectives but also the current level of interoperability of its elements. Finally, company managers must become able to control and adjust these processes from the cradle to the grave according to feedbacks from their stakeholders. To support all these activities, Enterprise Modelling (EM) provides several techniques, modelling languages, reference models and interoperability assessment methods which have been adapted and applied in this research work. The purpose of this article is threefold: 1) to provide a state of the art in interoperability, Systems Engineering (SE), and EM to illustrate how these disciplines are interrelated, to identify the needs they imply in the deployment, to discuss lacks in existing works considering these needs and thus to formulate how we aim to meet them, 2) to present an approach based on EM helping companies to lead changes required to apply SE principles and aiming to promote interoperability; and 3) to introduce the modelling environment proposed to support the approach including an ontology, an extension of BPMN 2.0 and software tools

Reasoning on the usage control security policies over data artifact business process models

The inclusion of security aspects in organizations is a crucial aspect to ensure compliance with both internal and external regulations. Business process models are a well-known mechanism to describe and automate the activities of the organizations, which should include security policies to ensure the correct performance of the daily activities. Frequently, these security policies involve complex data which cannot be represented using the standard Business Process Model Notation (BPMN). In this paper, we propose the enrichment of the BPMN with a UML class diagram to describe the data model, that is also combined with security policies defined using the UCONABC framework annotated within the business process model. The integration of the business process model, the data model, and the security policies provides a context where more complex reasoning can be applied about the satisfiability of the security policies in accordance with the business process and data models. To do so, wetransform the original models, including security policies, into the BAUML framework (an artifact-centric approach to business process modelling). Once this is done, it is possible to ensure that there are no inherent errors in the model (verification) and that it fulfils the business requirements (validation), thus ensuring that the business process and the security policies are compatible and that they are aligned with the business security requirements.This work has been supported by Project PID2020-112540RB-C44 funded by MCIN/AEI/ 10.13039/501100011033, Project TIN2017-87610-R funded by MCIN/AEI/10.13039/501100011033 and FEDER “Una manera de hacer Europa”, Project 2017-SGR-1749 by the Generalitat de Catalunya, Projects COPERNICA (P20 01224) and METAMORFOSIS by the Junta de Andalucía.Peer ReviewedPostprint (published version

Synergizing the logistics processes and process management – framework of BPM course based on business cases, BPM standards and tools

Better processes produce lower costs, higher revenues, motivated employees, and happier customers. Logistics companies operating on very competitive market are continuously seeking opportunities to ensure the process reliability while improving their productivity. Due to increasing process complexity it is necessary to apply a systematic approach to designing, implementation, monitoring and improvement of processes in the organization. Such approach may be realized through Business Process Management (BPM) techniques and tools. An investment in BPM software, coupled with new approaches to project implementation, enables companies to introduce a sustainable business process improvement program. However,  the  implementation  of BPM is  not  easy because of process complexity and multiplication of interaction specific for each organization.    In this paper we propose some teaching frameworks, that can be used during the education process to enhance the practical skills in BPMN and in the application of process management in the field of logistics. Our solution is based on practical cases and BPM worldwide standards. It provides students with the opportunity to use the BPM suites software in complex environment and practice the techniques of modelling and analyzing processes. The presented framework may address many of requirements of learning environments for business process analysts. In the second part of the article we present also the analysis of students’ (attendants’ of BPM classes) opinions about gaining knowledge and skills on BPM. Performed research indicate that young people were keen on business process modeling classes organized in a form of problem-based laboratories and they would like to use learned BPM methods and tools in their future education or work

Patient Pathways for Comprehensive Care Networks - A Development Method and Lessons from its Application in Oncology Care

Patient pathways are recognized as a valuable tool to support standardization, comparability, quality, and transparency of care processes in comprehensive care networks. Still, existing development approaches lack real practical guidance as well as an integration of the network and patient perspectives. Therefore, a user-centered and requirements-based approach was chosen to design a patient pathway development method. It defines a role model and procedural steps. The method’s innovative character lies in the development of generic patient pathway templates to be adapted to national, regional, and local conditions of specific comprehensive care networks. The method was positively assessed in terms of demonstrating its applicability and the fulfilment of user requirements with a use case from oncology care – the development of a colorectal cancer patient pathway template. This work drives the standardization of patient pathway development and their large-scale implementation in comprehensive care networks, supporting the analysis, design, and optimization of healthcare processes

A Privacy by Design Methodology Application in Telecom Domain

Telecommunication has been considerably developed over the last decades, notably through optical fiber submarine cables and wireless connections offering voice and data wide range services. Telecommunication infrastructures are the necessary backbone that make possible any voice and data exchange. Unfortunately, these infrastructures are still suffering from various vulnerabilities and continue to be target of specific cyber-attacks. Some of these attacks could lead to service deniability, integrity and privacy loss. Against this fact, it’s also established that telecom service providers, as the owner of this infrastructure,can have access to huge data,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            even personal data related to customer and  to their employees. Basically, this personal data is related directly to the customer’s and employee’s identity, geolocation, interest areas and contact circle, etc.,  when it comes to the use of this personal data, the privacy concerns become a big challenge for telecom service providers due to heavy impact that can induce. Given the personal data protection criticality in telecom domain, privacy by design PbD should be incorporate. Then, this article aims to apply in telecom service providers ISPM methodology "Information System Privacy Methodology" which focuses on PbD implementation in enterprises architecture, specifically in information systems taking into account all technical and organizational aspects