Designing and generating prototype for E-Governance based election strategy using biometric authentication and smart card device

Not availabl

Combining SOA and BPM Technologies for Cross-System Process Automation

This paper summarizes the results of an industry case study that introduced a cross-system business process automation solution based on a combination of SOA and BPM standard technologies (i.e., BPMN, BPEL, WSDL). Besides discussing major weaknesses of the existing, custom-built, solution and comparing them against experiences with the developed prototype, the paper presents a course of action for transforming the current solution into the proposed solution. This includes a general approach, consisting of four distinct steps, as well as specific action items that are to be performed for every step. The discussion also covers language and tool support and challenges arising from the transformation

Internet Voting in Austria: History, Development, and Building Blocks for the Future

This dissertation aims to investigate the origins of Internet voting, analyze several deployments of Internet voting technology in Austria and identify - based on these accumulated experiences - building blocks that can be useful in decision-making on and planning of future uses of Internet voting technology within Austria and throughout the world. In line with the goals of this thesis, it will address the following research questions: - How did Internet voting originate? - What experiences were noted in the process of implementing Internet voting in Austria? - What building blocks can be identified for developing future Internet voting both inside and outside Austria? Internet voting is part of a transformational movement that applies information and communication technologies to daily business activities. It is only logical that elections are also considered for applying electronic (remote) communication technologies. While early efforts were driven by the belief that elections could make easy use of the Internet, it was shown that while the principles have to be interpreted and consequently applied in a different way, the same principles can still be derived for Internet voting, like integrity, secrecy, transparency, accountability and public confidence. The need to have forms of decision making in electronic networks has been identified in its beginnings and has received continuous attention throughout its development. At the height of the excitement about the possibilities of the Internet, countries raced to become the first to run a legally binding election using electronic voting systems. While several candidates emerged (e.g., Costa Rica, Bosnia Herzegovina, Germany, United States), Estonia was victorious in 2005. To date, Estonia is the only country that has introduced this form of voting without any preconditions or other limitations. In Austria, the intentions to use information and communication technologies (ICT) in elections concentrated on parliamentary affairs. Spurred by the efforts around student elections in Germany, Austria sought to conduct Internet voting in 2000. In the years thereafter, considerable progress was made at WU Vienna University of Economics and Business (WU), and this progress spearheaded the debate in the early 2000s. At the beginning in the years 2001-2003, technical solutions were sought to verify voter eligibility and maintain voter privacy. Later, more sophisticated algorithms were developed, and functionalities like quotas in election commissions were added. The Federation of Students' elections in 2009 were a remarkable event that demonstrated highly contentious political debate around the topic. This debate continued after the elections, which were held in May 2009 and suffered from the intense debate and protests and consequential organizational shortcomings. The experiences also showed that accurate legal regulations are needed to show interaction with the constitutional legal texts and to ensure accountability to a remote electronic voting channel through legal means. International standards were a first step, but regulations based on actual experience were needed to show how remote electronic voting channels could be realized and how to avoid problems identified in pilot implementations. This practical knowledge also shows that sophisticated algorithms are not always the key to success. Rather, several key implementations make use of very basic technical means to realize the tasks given by law. One should not forget about the voters. They not only need to use such systems, but they also need to understand the processes in order to build trust. The constitutional court ruling lifted the election and ruled that the respective ordinance was not in line with the requirements of the law. Hereby, the court established higher requirements resulting barriers for offering Internet voting channels in future elections. While the election administration system, which was a pre-requisite for the Internet voting system, was discontinued in the election thereafter, it returned in recent elections where postal voting was offered. On the basis of the aforementioned experiences, twelve building blocks were compiled discovered. These include design decisions, such as the following: the form of electronic voting, adaptations of the legal base, the technical means for identification and secrecy, observation, control functions for the electoral commission, evaluation processes, transparency functions, ballot sheet designs, controlling the organizational context as well as providing options for planning and implementation. This framework therefore facilitates and eases the generation of feasibility studies and other analyses and decision making ahead of using Internet voting in an election. With little adaption it can also be used for the use of other voting technologies. This work utilizes theoretical work and knowledge from adaptations of legal texts. These texts cover a wide range of topics, including methods for implementing identification and anonymity functions in remote electronic voting as well as testing and certifying systems that require transparent procedures. The findings also show that implementing remote an electronic voting system is a complex topic. It requires trust in the election administration; otherwise, suspicion will arise when more technology is introduced and implemented in an election process. Remote electronic voting is one of the most challenging information technology (IT) projects

Pervasive computing reference architecture from a software engineering perspective (PervCompRA-SE)

Pervasive computing (PervComp) is one of the most challenging research topics nowadays. Its complexity exceeds the outdated main frame and client-server computation models. Its systems are highly volatile, mobile, and resource-limited ones that stream a lot of data from different sensors. In spite of these challenges, it entails, by default, a lengthy list of desired quality features like context sensitivity, adaptable behavior, concurrency, service omnipresence, and invisibility. Fortunately, the device manufacturers improved the enabling technology, such as sensors, network bandwidth, and batteries to pave the road for pervasive systems with high capabilities. On the other hand, this domain area has gained an enormous amount of attention from researchers ever since it was first introduced in the early 90s of the last century. Yet, they are still classified as visionary systems that are expected to be woven into people’s daily lives. At present, PervComp systems still have no unified architecture, have limited scope of context-sensitivity and adaptability, and many essential quality features are insufficiently addressed in PervComp architectures. The reference architecture (RA) that we called (PervCompRA-SE) in this research, provides solutions for these problems by providing a comprehensive and innovative pair of business and technical architectural reference models. Both models were based on deep analytical activities and were evaluated using different qualitative and quantitative methods. In this thesis we surveyed a wide range of research projects in PervComp in various subdomain areas to specify our methodological approach and identify the quality features in the PervComp domain that are most commonly found in these areas. It presented a novice approach that utilizes theories from sociology, psychology, and process engineering. The thesis analyzed the business and architectural problems in two separate chapters covering the business reference architecture (BRA) and the technical reference architecture (TRA). The solutions for these problems were introduced also in the BRA and TRA chapters. We devised an associated comprehensive ontology with semantic meanings and measurement scales. Both the BRA and TRA were validated throughout the course of research work and evaluated as whole using traceability, benchmark, survey, and simulation methods. The thesis introduces a new reference architecture in the PervComp domain which was developed using a novel requirements engineering method. It also introduces a novel statistical method for tradeoff analysis and conflict resolution between the requirements. The adaptation of the activity theory, human perception theory and process re-engineering methods to develop the BRA and the TRA proved to be very successful. Our approach to reuse the ontological dictionary to monitor the system performance was also innovative. Finally, the thesis evaluation methods represent a role model for researchers on how to use both qualitative and quantitative methods to evaluate a reference architecture. Our results show that the requirements engineering process along with the trade-off analysis were very important to deliver the PervCompRA-SE. We discovered that the invisibility feature, which was one of the envisioned quality features for the PervComp, is demolished and that the qualitative evaluation methods were just as important as the quantitative evaluation methods in order to recognize the overall quality of the RA by machines as well as by human beings

Semantic discovery and reuse of business process patterns

Patterns currently play an important role in modern information systems (IS) development and their use has mainly been restricted to the design and implementation phases of the development lifecycle. Given the increasing significance of business modelling in IS development, patterns have the potential of providing a viable solution for promoting reusability of recurrent generalized models in the very early stages of development. As a statement of research-in-progress this paper focuses on business process patterns and proposes an initial methodological framework for the discovery and reuse of business process patterns within the IS development lifecycle. The framework borrows ideas from the domain engineering literature and proposes the use of semantics to drive both the discovery of patterns as well as their reuse

Security Risk Management for the Internet of Things

In recent years, the rising complexity of Internet of Things (IoT) systems has increased their potential vulnerabilities and introduced new cybersecurity challenges. In this context, state of the art methods and technologies for security risk assessment have prominent limitations when it comes to large scale, cyber-physical and interconnected IoT systems. Risk assessments for modern IoT systems must be frequent, dynamic and driven by knowledge about both cyber and physical assets. Furthermore, they should be more proactive, more automated, and able to leverage information shared across IoT value chains. This book introduces a set of novel risk assessment techniques and their role in the IoT Security risk management process. Specifically, it presents architectures and platforms for end-to-end security, including their implementation based on the edge/fog computing paradigm. It also highlights machine learning techniques that boost the automation and proactiveness of IoT security risk assessments. Furthermore, blockchain solutions for open and transparent sharing of IoT security information across the supply chain are introduced. Frameworks for privacy awareness, along with technical measures that enable privacy risk assessment and boost GDPR compliance are also presented. Likewise, the book illustrates novel solutions for security certification of IoT systems, along with techniques for IoT security interoperability. In the coming years, IoT security will be a challenging, yet very exciting journey for IoT stakeholders, including security experts, consultants, security research organizations and IoT solution providers. The book provides knowledge and insights about where we stand on this journey. It also attempts to develop a vision for the future and to help readers start their IoT Security efforts on the right foot