UML-SOA-Sec and Saleem's MDS Services Composition Framework for Secure Business Process Modelling of Services Oriented Applications

In Service Oriented Architecture (SOA) environment, a software application is a composition of services, which are scattered across enterprises and architectures. Security plays a vital role during the design, development and operation of SOA applications. However, analysis of today's software development approaches reveals that the engineering of security into the system design is often neglected. Security is incorporated in an ad-hoc manner or integrated during the applications development phase or administration phase or out sourced. SOA security is cross-domain and all of the required information is not available at downstream phases. The post-hoc, low-level integration of security has a negative impact on the resulting SOA applications. General purpose modeling languages like Unified Modeling Language (UML) are used for designing the software system; however, these languages lack the knowledge of the specific domain and "security" is one of the essential domains. A Domain Specific Language (DSL), named the "UML-SOA-Sec" is proposed to facilitate the modeling of security objectives along the business process modeling of SOA applications. Furthermore, Saleem's MDS (Model Driven Security) services composition framework is proposed for the development of a secure web service composition

Creating a sustainable digital infrastructure: The role of service-oriented architecture

The United Nations’ goal of generating sustainable industry, innovation, and infrastructure is the point of departure for our reflective paper. The paper elaborates on the concepts of digital infrastructure, service-oriented architecture, and microservices. It emphasizes the benefits and challenges of creating a sustainable infrastructure based on a service-oriented environment, in which cloud services constitute an important part. We outline the prerequisites for obtaining a sustainable digital infrastructure based on services. Service-oriented architecture (SOA) and recently, microservice architecture, and cloud services, can provide organizations with the improved agility and flexibility essential for generating sustainability in a market focusing on digitalization. The reuse capability of SOA provides a common pool of information technology (IT) resources and qualifies as a green IT approach that impacts environmental protection. Previous research has identified IT and business alignment together with SOA governance as the most critical criteria when implementing SOA. This paper discusses these issues in-depth to explain sustainability.publishedVersio

Factors Affecting Success in Migration of Legacy Systems to Service-Oriented Architecture (SOA) - Shared Experiences from Five Case Companies

Background: The term ‘legacy systems’ refers to existing Information Systems that have been deployed in the past and have been running critical business processes within an enterprise in its current IT architecture. Based on their important role, legacy systems are considered the heart of a company’s operating enterprise system and therefore are of significant business value to the company. Therefore IT architects have not neglected the value these existing assets can bring to the adoption of service-oriented architecture and have been studying different methods and factors to migrate the legacy investments into the new architecture and take advantage of their business value. However, not in all cases has the process of migrating legacy systems into SOA been successful. In fact, the level of success in adapting the legacy systems in a company with the new service-oriented architecture is dependant on some factors which vary from one legacy infrastructure and series of business processes to another. There is no quick fix to transforming the existing legacy assets which highlights the fact that considering the right factors to reach legacy system migration success in a specific company is of key value. Therefore, we hereby studied the factors influencing success of migrating these legacy investments into SOA in five different companies which include a Large European Bank, SAS, a Large globally-known Company in Sweden, Sandvik AB and a large UK Bank. Purpose: To identify factors affecting successful migration of legacy systems into SOA in five companies. Method: The main adopted research method in this study has been interviews for different case studies. Through separate interviews, critical success factors of migrating legacy systems into SOA have been collected and identified in each case. Finally collected results are analyzed and presented as the recognized factors affecting successful migration of legacy assets into SOA in five different enterprises with their own Information System infrastructures. Conclusion: The success factors identified include potential of legacy systems for being migrated, strategy of migration, SOA governance, the business process of the company, budgeting and resources, legacy architecture, close monitoring, dependence on commercial products, information architecture, testing and technical skills of the personnel. Out of all these factors, only three factors have been applied and mentioned by all the case companies in this study, which are the potential of legacy systems for being migrated into SOA, strategy of migration and SOA Governance

When Is an Enterprise Service Bus (Esb) the Right Choice for an Integrated Technology Solution?

The Enterprise Service Bus (ESB) is an important systems integration technology often closely associated with Service Oriented Architecture (SOA). Some maintain that an ESB should not be used apart from SOA. Others see the ESB simply as the next generation of middleware, incorporating the best of its predecessors, Enterprise Application Integration (EAI) and Message Oriented Middleware (MOM), and a candidate for any integration requirement. Is the ESB a one-size-fits-all solution to be trusted for any integration requirement, or must its use be carefully considered with proper due diligence based on application complexity and/or the presence or absence of a defined SOA? This thesis probes these questions in an analysis of a world-wide survey of 230 industry SOA and middleware professionals conducted via the LinkedIn Professional Network during a six week period in November and December of 2010. In addition, the thesis applies a review of the survey results and current SOA and ESB literature to an architectural decision being made within the Systems Engineering and Application Development (SEAD) Practicum in the Master of Science program in Computer Information Systems at Regis University in Denver, which provides support for the University\u27s Academic Research Network (ARN). An ESB has been proposed as a new architectural component for the ARN infrastructure and this paper reviews the merit of this proposal. This thesis employs an interpretivist epistemology, understanding that there may be more than one acceptable answer to the question, When is an Enterprise Service Bus an appropriate component of an integrated technology solution

Encryption schemes secure against chosen-ciphertext selective opening attacks

Imagine many small devices send data to a single receiver, encrypted using the receiver's public key. Assume an adversary that has the power to adaptively corrupt a subset of these devices. Given the information obtained from these corruptions, do the ciphertexts from uncorrupted devices remain secure? Recent results suggest that conventional security notions for encryption schemes (like IND-CCA security) do not suffice in this setting. To fill this gap, the notion of security against selective-opening attacks (SOA security) has been introduced. It has been shown that lossy encryption implies SOA security against a passive, i.e., only eavesdropping and corrupting, adversary (SO-CPA). However, the known results on SOA security against an active adversary (SO-CCA) are rather limited. Namely, while there exist feasibility results, the (time and space) complexity of currently known SO-C

ERP implementation methodologies and frameworks: a literature review

Enterprise Resource Planning (ERP) implementation is a complex and vibrant process, one that involves a combination of technological and organizational interactions. Often an ERP implementation project is the single largest IT project that an organization has ever launched and requires a mutual fit of system and organization. Also the concept of an ERP implementation supporting business processes across many different departments is not a generic, rigid and uniform concept and depends on variety of factors. As a result, the issues addressing the ERP implementation process have been one of the major concerns in industry. Therefore ERP implementation receives attention from practitioners and scholars and both, business as well as academic literature is abundant and not always very conclusive or coherent. However, research on ERP systems so far has been mainly focused on diffusion, use and impact issues. Less attention has been given to the methods used during the configuration and the implementation of ERP systems, even though they are commonly used in practice, they still remain largely unexplored and undocumented in Information Systems research. So, the academic relevance of this research is the contribution to the existing body of scientific knowledge. An annotated brief literature review is done in order to evaluate the current state of the existing academic literature. The purpose is to present a systematic overview of relevant ERP implementation methodologies and frameworks as a desire for achieving a better taxonomy of ERP implementation methodologies. This paper is useful to researchers who are interested in ERP implementation methodologies and frameworks. Results will serve as an input for a classification of the existing ERP implementation methodologies and frameworks. Also, this paper aims also at the professional ERP community involved in the process of ERP implementation by promoting a better understanding of ERP implementation methodologies and frameworks, its variety and history

Diseño e implementación de una arquitectura empresarial para la entidad financiera Multibanca Colpatria de Bogotá

Práctica EmpresarialEl Banco financiero tiene como objetivo adaptar un Framework de arquitectura empresarial enfocada para el sector financiero que permita adecuarse a los procesos TI del banco y se lleva a la decisión de optar un Framework orientado a SOA que sirva para establecer un lenguaje común de operación a través de servicios de negocio y que se encuentran definidos en lo que se conoce como el Service Landscape el core del Framework BIAN SOA y que ofrece la jerarquización de los servicio financieros que debe y ofrece un banco.PregradoIngeniero de Sistema

Neo-Prophetism, Gender and ‘Anointed Condoms’: Towards a Missio Spiritus of Just-Sex in the African Context of HIV and AIDS

Until recently, African pentecostalism was recognized for its militant advancement of conformist norms and corrective measures in relation to sex and sexuality of congregants. However, the continuous threat of HIV, which has claimed more lives in the context of heterosexual Sub-Saharan Africa than any part of world, is forcing some neo-prophets to become more open and often explicit on issues of sex and sexuality. One such daring voice is Pastor Paul Sanyangore of VictoryWorld International Ministries in Harare, Zimbabwe, who ‘anoints condoms’ as a response to issues of gender and sexuality in the Zimbabwean context of HIV. This article engages Sanyangore’s theology of safe sex from Pneumatological missiological perspectives. It concludes with some proposals for mission practice for engaging issues of sex and sexuality

Some empirical evidence on business-IT alignment processes in the public sector: A case study report

An empirical study that explores business-IT alignment processes in a networked organization among the province Overijssel, the municipalities Zwolle and Enschede, the water board district Regge & Dinkel and Royal Grolsch N.V. in The Netherlands, is summarized in this report. The aim of the study was to identify processes that contribute to improve such alignment. This study represents a continuation of previous validation efforts that help us to confirm the business-IT alignment process areas that should ultimately be included in the ICoNOs MM. Evidence was sought for the alignment of business and IT through the use of information systems to support the requirements of the organization in a specific project. The results of this study in the public sector also are relevant to the private sector where (i) business-IT alignment plays an increasingly valuable role, and (ii) the characteristics of collaborative networked organizations are present