Dependability Auditing with Model Checking

Model checking offers a methodology for determining whether a model satisfies a list of correctness requirements. We propose a theory of dependability auditing with model checking based on four principles: (1) The modeling process should be partitioned into computational components and behavioral components as an aid to system understanding; (2) The complex system will be abstracted to create a model; (3) A language must be available that can represent and evaluate states and processes that evolve over time; (4) Given an adequate model and temporal specifications, a model checker can verify whether or not the input model is a model of that specification: the specification will not fail in the model. We demonstrate this theoretical framework with Web Services and electronic contracting

How Grant Recipients Can Satisfy Compliance Requirements for U.S. Federal Awards

Improper grants payments stemming from weaknesses in business processes have been a focus of the U.S. president, Congress, and federal and state governments since 2009. Researchers have demonstrated that the internal control weakness at the federal, state, and local government level has contributed to the problem of compliance. The Office of Management and Budget issued federal rules effective in December 2014 to address the problem of federal award compliance. Despite these measures, there is a gap in the literature on strategies for recipients of federal grants to meet compliance requirements. The purpose of the qualitative descriptive study was to explore how recipients can satisfy compliance requirements across the full life cycle of their grants. Systems thinking and compliance theories were selected to analyze data. Participants were 20 certified grants management specialists. The research questions included inquiry on the strategies for federal award compliance. Described were participants\u27 strategies to improve business processes for grant compliance. Emergent thematic findings included staff and leadership training- as participants\u27 main strategy for complying with uniform requirements, while written policies and procedures and use of grant management software- emerged as secondary strategies. Grant managers may benefit from learning about the strategies described in this study by implementing business process improvements in their organizations. Compliant recipients of grants may have a positive effect on social change with more grant funds becoming available to states, local governments, higher education, and nonprofit organizations for the public good

QServ: Integrating Testing and Auditing into QoS Management of Web Services

In a web service environment, service requesters are able to locate functionally equivalent services dynamically making quality of service (QoS) the differentiating factor amongst the web services. Service providers need to formulate QoS aware services in order to remain competitive and to achieve the highest possible profit from their offerings. There are several quality attributes to consider in any operating environment and we’ve grouped these requirements into 5 major categories: Service Dependability, Architectural Flexibility, Operational Capability, Risk Exposure and Financial Accountability. In the web services environment the realization of the attributes in these quality categories has increased in complexity due to the distributed and dynamic nature of the environment. While much of the research, standards and specifications address these issues, to the knowledge of the authors, an end to end solution for managing the quality attributes in a web service environment that include both testing and auditing has not been proposed. This paper will describe some of the current research that has been conducted to address the various aspects of quality as well as introduce the design for an end-to-end solution that will include testing and auditing

A Noval Method for Data Auditing and Integrity Checking in Public Cloud

Data plays a huge role in today’s era. All business requires to deal with lot of business. So data has to be secured correctly. In this paper we aim to design a system to help to protect the data in the cloud. The public cloud is used in which the users stores the data and the data is secured by using the cryptographic method. Every customer wants to store the data and access or process the data from the cloud, but the major setback is security issues. In this paper we present a novel algorithm which helps the data to be accessed securely from the cloud

Audit evidence – top argument for final audit opinion

The following research aims to emphasize the importance of audit evidences, their quality characteristics and the professional judgment used to measure and to evaluate them in order to express their final audit opinion. There is no mathematical formula, neither a specific model in order to evaluate the quality of audit evidences. Their quality depends upon the professional judgment concerning the audit technical standards, the accounting references and nevertheless upon the auditor’s ethics. This is one of the reasons for which the financial audit is one of the edges of economical research, highlighting the credibility of financial statements.audit evidence, documentation, quality characteristics, audit procedures, professional judgment.

Defining Professional Communication Skills for Malaysian Gradu­ates: Looking at trustworthiness

Lincoln and Guba (1985) posit that trustworthiness of a qualitative research study is important to evaluate its worth. The use of data analysis software like ATLAS.ti raises the issue of trustworthiness–specifically: credibility, transferability, dependability, and confirmability–in defining the Professional Communication Skills (PCS) for Malaysian graduates. In this study, PCS for the workplace is defined by the Malaysian stakeholders: employers of the private sector, the Malaysian government, and academia. ATLAS.ti was utilised to analyze and triangulate data from in-depth interview recordings, annual reports, Human Resource documents, government policies as well as documents from academia. By using ATLAS.ti, meticulous, yet rapid and concise data analysis can be carried out without risking trustworthiness. It is believed that ATLAS.ti has helped to develop the PCS framework in order to help instructors and policy makers of Malaysian HEIs in making a sound judgment in teaching PCS in classrooms. Since ATLAS.ti covers the issue of transferability, a similar study can be replicated from time to time to ensure that the PCS framework is updated, based on the needs of the stakeholders, which then help to develop the graduates’ potential to be more marketable employees

Strategies to Reduce Occupational Fraud in Small Restaurants

Occupational fraud is a growing business risk that is causing greater financial losses in small businesses than large businesses. Business owners lose approximately 5% of their revenues due to occupational fraud. The purpose of this multiple case study was to explore the strategies used by some business owners of small restaurants to reduce occupational fraud. The fraud triangle theory was the conceptual framework for this study. Three small restaurant owners from Puerto Rico participated in face-to-face, semistructured interviews to reveal their successful strategies to minimize fraud. The data collection process also included business documents and researcher observations that assisted in establishing methodological triangulation. Using Yin\u27s 5-step process, data were coded and analyzed to identify emergent themes. The primary emergent themes obtained from data analysis revealed that owner monitoring, analytical procedures, and segregation of duties are effective strategies to minimize employee fraud. Participants revealed that the implementation of these strategies may reduce organizational losses associated to fraud. The findings of this study may contribute to social change by reducing fraud activities, business failures, unemployment level, and criminality rate while promoting trust between community members and their institutions

METHOD TO ACHIEVE SECURITY AND STORAGE SERVICES IN CLOUD COMPUTING

Cloud storage enables users to remotely store their data and enjoy the on-demand high quality cloud applications without the burden of local hardware and software management. Though the benefits are clear, such a service is also relinquishing users ‘physical possession of their outsourced data, which inevitably poses new security risks toward the correctness of the data in cloud. In order to address this new problem and further achieve a secure and dependable cloud storage service, we propose in this paper a flexible distributed storage integrity auditing mechanism, utilizing the homomorphism token and distributed erasure-coded data. The proposed design allows users to audit the cloud storage with very lightweight communication and computation cost. The auditing result not only ensures strong cloud storage correctness guarantee, but also simultaneously achieves fast data error localization, i.e., the identification of misbehaving server. Considering the cloud data are dynamic in nature, the proposed design further supports secure and efficient dynamic operations on outsourced data, including block modification, deletion, and append. Analysis shows the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks