Reliability and security at the dawn of electronic bank transfers in the 1970s-1980s

From a historical perspective, the concept of reliability and computing security in the early 1970s, when electronic data transfer processes were in infancy, is especially interesting in terms of their implications in technological change and the business of banking. The cases of Japan, Spain and Germany, in terms of their national banking networks, provide an interesting field of analysis in terms of the implications that the online data transfer systems had for banking institutions. Concerns about the reliability of the computing processes and digital security were the key factors. These innovations laid the foundation for the advancement of networks and new banking services that would open up unprecedented horizons in what was to become known as service banking

Analysis, Selection, and Implementation of a Case Management System for Local City Government Attorney\u27s Office

This paper focuses on the business analysis, selection, and implementation of a case management system for a local government City Attorney\u27s Office which is a document management system in addition to calendaring, notes, tasks, and billing. Their current system relies on paper document organization and as well as some electronic documentation in a simple file folder structure on a windows network file server. A business analysis review demonstrated the need for a cost effective automated business system to support and manage daily business processes, automate document creation and filing, track deadlines and tasks, and comply with new document retention and discovery requirements. In addition to the automation of business processes, the document management system added a layer of security to document access as well as control over document retention and destruction in accordance with new federal regulations. Most importantly, the time and cost savings added by the case management system has allowed the City Attorney\u27s Office to add civil litigation to their services

Security Analysis of System Behaviour - From "Security by Design" to "Security at Runtime" -

The Internet today provides the environment for novel applications and processes which may evolve way beyond pre-planned scope and purpose. Security analysis is growing in complexity with the increase in functionality, connectivity, and dynamics of current electronic business processes. Technical processes within critical infrastructures also have to cope with these developments. To tackle the complexity of the security analysis, the application of models is becoming standard practice. However, model-based support for security analysis is not only needed in pre-operational phases but also during process execution, in order to provide situational security awareness at runtime. This cumulative thesis provides three major contributions to modelling methodology. Firstly, this thesis provides an approach for model-based analysis and verification of security and safety properties in order to support fault prevention and fault removal in system design or redesign. Furthermore, some construction principles for the design of well-behaved scalable systems are given. The second topic is the analysis of the exposition of vulnerabilities in the software components of networked systems to exploitation by internal or external threats. This kind of fault forecasting allows the security assessment of alternative system configurations and security policies. Validation and deployment of security policies that minimise the attack surface can now improve fault tolerance and mitigate the impact of successful attacks. Thirdly, the approach is extended to runtime applicability. An observing system monitors an event stream from the observed system with the aim to detect faults - deviations from the specified behaviour or security compliance violations - at runtime. Furthermore, knowledge about the expected behaviour given by an operational model is used to predict faults in the near future. Building on this, a holistic security management strategy is proposed. The architecture of the observing system is described and the applicability of model-based security analysis at runtime is demonstrated utilising processes from several industrial scenarios. The results of this cumulative thesis are provided by 19 selected peer-reviewed papers

Why Are Electronic Invoice Processes Risky? - Empirical Analysis and Discussion of Risk Factors

Electronic invoice processes are characterized by various software solutions, legal uncertainty, heter-ogeneous demands, lack of know how, and information system infrastructure incompatibilities. Due to this complexity and the uncertainty that companies face, a holistic map of risk factors of e-invoice processes is required. Companies must be conscious not only about potential opportunities but also about potential risks before they change their business processes and their information systems’ archi-tecture. Potential risk factors are identified theoretically and empirically evaluated with a quantitative expert survey that investigates risk probabilities and potential losses associated with these factors. The empirical analysis reveals that the investigated factors are valid and reliable. After conducting an ex-plorative factor analysis, 37 statistically significant risk factors are grouped into ten risk dimensions: process organization, standard, environment, project management, strategy, acceptance, system, pro-cess execution, security, and change management

Improving the Performance of Health Care Networks

Strategic alignment between business and IT is known to be important for achieving good business performance in one organization. It is not clear how strategic alignment influences the performance of networks consisting of multiple organizations. This paper presents a method to assess inter-organizational Extended Strategic Alignment (ESA) based on the analysis of inter-organizational alignment processes consisting of drivers, levers, and impacts. The method has been applied to a large e-government network for social security in the Netherlands. In this paper we propose to use the Extended Strategic Alignment method to assess the impact of IT on organizational and network performance in health care. The paper is work in progress: we have finished one large case study in social security on the national level. Two other cases on health care networks (the ‘payment services network of the national dentist association’ and the ‘the national electronic locum record for general practitioners’) are in progress

Towards a Security Engineering Process Model for Electronic Business Processes

Business process management (BPM) and accompanying systems aim at enabling enterprises to become adaptive. In spite of the dependency of enterprises on secure business processes, BPM languages and techniques provide only little support for security. Several complementary approaches have been proposed for security in the domain of BPM. Nevertheless, support for a systematic procedure for the development of secure electronic business processes is still missing. In this paper, we pinpoint the need for a security engineering process model in the domain of BPM and identify key requirements for such process model.Comment: Ninth European Dependable Computing Conference (EDCC 2012

Innovative public governance through cloud computing: Information privacy, business models and performance measurement challenges

Purpose: The purpose of this paper is to identify and analyze challenges and to discuss proposed solutions for innovative public governance through cloud computing. Innovative technologies, such as federation of services and cloud computing, can greatly contribute to the provision of e-government services, through scaleable and flexible systems. Furthermore, they can facilitate in reducing costs and overcoming public information segmentation. Nonetheless, when public agencies use these technologies, they encounter several associated organizational and technical changes, as well as significant challenges. Design/methodology/approach: We followed a multidisciplinary perspective (social, behavioral, business and technical) and conducted a conceptual analysis for analyzing the associated challenges. We conducted focus group interviews in two countries for evaluating the performance models that resulted from the conceptual analysis. Findings: This study identifies and analyzes several challenges that may emerge while adopting innovative technologies for public governance and e-government services. Furthermore, it presents suggested solutions deriving from the experience of designing a related platform for public governance, including issues of privacy requirements, proposed business models and key performance indicators for public services on cloud computing. Research limitations/implications: The challenges and solutions discussed are based on the experience gained by designing one platform. However, we rely on issues and challenges collected from four countries. Practical implications: The identification of challenges for innovative design of e-government services through a central portal in Europe and using service federation is expected to inform practitioners in different roles about significant changes across multiple levels that are implied and may accelerate the challenges' resolution. Originality/value: This is the first study that discusses from multiple perspectives and through empirical investigation the challenges to realize public governance through innovative technologies. The results emerge from an actual portal that will function at a European level. © Emerald Group Publishing Limited