Data protection risk modeling into business process analysis

We present a novel way to link business process model with data protection risk management. We use established body of knowledge regarding risk manager concepts and business process towards data protections. We try to contribute to the problems that today organizations should find a suitable data protection model that could be used in as a risk framework. The purpose of this document is to define a model to describe data protection in the context of risk. Our approach including the identification of the main concepts of data protection according to the scope of the with EU directive data protection regulation. We outline data protection model as a continuous way of protection valued organization information regarding personal identifiable information. Data protection encompass the preservation of personal data information from unauthorized access, use, modification, recording or destruction. Since this kind of service is offered in a continuous way, it is important to stablish a way to measure the effectiveness of awareness of data subject discloses regrading personal identifiable information.info:eu-repo/semantics/publishedVersio

Extensibility Interaction Flow Modeling Language Metamodels to Develop New Web Application Concerns

Web engineering is a systematic approach to develop web applications, and numerous web engineering methods have been proposed. These methods were extended through defining new models by using different mechanisms to capture the web application concepts. Due to the complexity rising of web applications, the web engineering methods cannot provide web solutions anymore. Even though Interaction Flow Modeling Language (IFML) is recently proposed as a new method for developing web applications, it has limitations. Therefore these methods need to be improved. In this paper, we present the ability of IFML extensibility to support new concerns from web applications. Moreover, we extend IFML through UML mechanisms to support new concerns from the context to the user interface. The new IFML solves the lack of context web application through defining a new model and becomes a new direction to develop concerns modern web applications

Adaptive model for web engineering methods to develop multi web applications in agile environment

Model Driven Web Engineering (MDWE) is an application of a model driven paradigm in the domain of web software development. MDWE is helpful because technologies and platforms of web applications constantly evolve into Web Engineering Methods (WEMs). The evolution of web applications has consequently introduced new features and challenges, therefore existing WEMs need to be improved. These WEMs have failed to develop modern web applications’ features. Furthermore, no single WEM is capable of covering the whole lifecycle phases. These issues decrease the usability. In addition, the Interaction Flow Modeling Language (IFML) as a recent method has also not been able to address them. This thesis developed a new WEM, Useable Adaptive Agile IFML (UAA-IFML) to solve these issues in several steps. In this research, mixed methods used were qualitative and quantitative methodologies. In the first step, a new adaptive model was defined for supporting the features of multi-web applications. The new model was developed via an adaptive model into the IFML metamodels known as Adaptive IFML (AIFML). In the second step, IFML was enriched through MockupDD for covering lifecycle, known as Agile IFML (A-IFML). This is because MockupDD provides an agile environment, hence agile lifecycle can solve the lifecycle issue. In the third step, a new adaptive model and agile process were combined as Adaptive Agile IFML (AAIFML). This integration increased the usability of the IFML method. In presenting the usability of AA-IFML, experimentation of the framework was extended to evaluate the usability of WEMs. Besides, feedbacks on the usability of AA-IFML were obtained from developers around the world using three instruments, namely performing tasks, answering questionnaires, and interviewing experts. Analysis on the feedback indicated a 20% improvement usability of the AA-IFML compared with current IFML. The findings have shown that the UAA-IFML is beneficial for developers, as they would only need to use one method to design modern web application features in the whole lifecycle phases

Extending the UML Statecharts Notation to Model Security Aspects

Model Driven Security has become an active area of research during the past decade. While many research works have contributed significantly to this objective by extending popular modeling notations to model security aspects, there has been little modeling support for state-based views of security issues. This paper undertakes a scientific approach to propose a new notational set that extends the UML (Unified Modeling Language) statecharts notation. An online industrial survey was conducted to measure the perceptions of the new notation with respect to its semantic transparency as well as its coverage of modeling state based security aspects. The survey results indicate that the new notation encompasses the set of semantics required in a state based security modeling language and was largely intuitive to use and understand provided very little training. A subject-based empirical evaluation using software engineering professionals was also conducted to evaluate the cognitive effectiveness of the proposed notation. The main finding was that the new notation is cognitively more effective than the original notational set of UML statecharts as it allowed the subjects to read models created using the new notation much quicker.submittedVersio

Information Systems as Representations: A Review of the Theory and Evidence

Representation theory proposes that the basic purpose of an information system (IS) is to faithfully represent certain real-world phenomena, allowing users to reason about these phenomena more cost- effectively than if they were observed directly. Over the past three decades, the theory has underpinned much research on conceptual modeling in IS analysis and design and, increasingly, research on other IS phenomena such as data quality, system alignment, IS security, and system use. The original theory has also inspired further development of its core premises and advances in methodological guidelines to improve its use and evaluation. Nonetheless, the theory has attracted repeated criticisms regarding its validity, relevance, usefulness, and robustness. Given the burgeoning literature on the theory over time, both positive and negative, the time is ripe for a narrative, developmental review. We review representation theory, examine how it has been used, and critically evaluate its contributions and limitations. Based on our findings, we articulate a set of recommendations for improving its application, development, testing, and evaluation

Modelização de Eventos: aplicação a modelos de interação do sistema com o ambiente

Neste trabalho propõe-se um conjunto de técnicas de modelização de eventos potencialmente utilizáveis em complemento a formalismos de modela-ção (Diagramas de Estado e redes de Petri, entre outros) de sistemas a eventos discretos. São definidos eventos de entrada e eventos de saída do sistema. Os eventos de entrada são originados pela análise da evolução de sinais e (outros) eventos de entrada e permitem representar comportamentos complexos das en-tradas do sistema, enquanto os eventos de saída permitem gerar sinais e (ou-tros) eventos de saída. São propostos eventos e condições elementares que detetam comporta-mentos elementares dos sinais e também composições de eventos e condições, incluindo relações de ordem temporal, de forma a obter caracterizações mais abstratas e melhorias na legibilidade e compactação do modelo. Para representar as técnicas de modelização propostas são definidas duas sintaxes diferentes (gráfica ou textual). A definição destes dois tipos de sintaxe permite a sua integração em diferentes ambientes de desenvolvimento de sis-temas. Desta forma, a principal contribuição deste trabalho foca-se na modeliza-ção da interação do sistema com o ambiente, partindo da decomposição do mo-delo do sistema em partes de interface e de execução (que comunicam através de eventos), e da adição de uma caracterização separada das dependências e dos comportamentos dos sinais de entrada e de saída com o ambiente resultan-do numa modelação estruturada do sistema, dando, assim, origem a modelos mais compactos e mais simples de interpretar e implementar