Agent-based workflow model for enterprise collaboration

Workflow management system supports the automation of business processes where a collection of tasks is organized between participants according to a defined set of rules to accomplish some business goals. The service-orientated computing paradigm is transforming traditional workflow management from a close, centralized control system into a dynamic information exchange and business process. Moreover, agent based workflow, from another point of view, provides a flexible mechanism for dynamic workflow coordination at run time. In this context, the combination of Web services and software agents provides great flexibility to discover and establish relationships among business partners. This thesis proposes an agent-based workflow model in support of inter-enterprise workflow management. In the proposed model, agent-based technology enables the workflow coordination at both inter- and intra- enterprise levels while semantic Web and Web services based technologies provide infrastructures for messaging, service description, service discovery, workflow ontology, and workflow enactment. Coordination agents and resource agents are used with a Contract Net protocol based bidding mechanism for constructing a dynamic workflow process among business partners. The agent system architecture, workflow models and related components are described. A prototype system is implemented for the purpose of designing and developing role-feasible agents for simulating the formation process of a virtual enterprise

Automating Security Risk and Requirements Management for Cyber-Physical Systems

Cyber-physische Systeme ermöglichen zahlreiche moderne Anwendungsfälle und Geschäftsmodelle wie vernetzte Fahrzeuge, das intelligente Stromnetz (Smart Grid) oder das industrielle Internet der Dinge. Ihre Schlüsselmerkmale Komplexität, Heterogenität und Langlebigkeit machen den langfristigen Schutz dieser Systeme zu einer anspruchsvollen, aber unverzichtbaren Aufgabe. In der physischen Welt stellen die Gesetze der Physik einen festen Rahmen für Risiken und deren Behandlung dar. Im Cyberspace gibt es dagegen keine vergleichbare Konstante, die der Erosion von Sicherheitsmerkmalen entgegenwirkt. Hierdurch können sich bestehende Sicherheitsrisiken laufend ändern und neue entstehen. Um Schäden durch böswillige Handlungen zu verhindern, ist es notwendig, hohe und unbekannte Risiken frühzeitig zu erkennen und ihnen angemessen zu begegnen. Die Berücksichtigung der zahlreichen dynamischen sicherheitsrelevanten Faktoren erfordert einen neuen Automatisierungsgrad im Management von Sicherheitsrisiken und -anforderungen, der über den aktuellen Stand der Wissenschaft und Technik hinausgeht. Nur so kann langfristig ein angemessenes, umfassendes und konsistentes Sicherheitsniveau erreicht werden. Diese Arbeit adressiert den dringenden Bedarf an einer Automatisierungsmethodik bei der Analyse von Sicherheitsrisiken sowie der Erzeugung und dem Management von Sicherheitsanforderungen für Cyber-physische Systeme. Das dazu vorgestellte Rahmenwerk umfasst drei Komponenten: (1) eine modelbasierte Methodik zur Ermittlung und Bewertung von Sicherheitsrisiken; (2) Methoden zur Vereinheitlichung, Ableitung und Verwaltung von Sicherheitsanforderungen sowie (3) eine Reihe von Werkzeugen und Verfahren zur Erkennung und Reaktion auf sicherheitsrelevante Situationen. Der Schutzbedarf und die angemessene Stringenz werden durch die Sicherheitsrisikobewertung mit Hilfe von Graphen und einer sicherheitsspezifischen Modellierung ermittelt und bewertet. Basierend auf dem Modell und den bewerteten Risiken werden anschließend fundierte Sicherheitsanforderungen zum Schutz des Gesamtsystems und seiner Funktionalität systematisch abgeleitet und in einer einheitlichen, maschinenlesbaren Struktur formuliert. Diese maschinenlesbare Struktur ermöglicht es, Sicherheitsanforderungen automatisiert entlang der Lieferkette zu propagieren. Ebenso ermöglicht sie den effizienten Abgleich der vorhandenen Fähigkeiten mit externen Sicherheitsanforderungen aus Vorschriften, Prozessen und von Geschäftspartnern. Trotz aller getroffenen Maßnahmen verbleibt immer ein gewisses Restrisiko einer Kompromittierung, worauf angemessen reagiert werden muss. Dieses Restrisiko wird durch Werkzeuge und Prozesse adressiert, die sowohl die lokale und als auch die großräumige Erkennung, Klassifizierung und Korrelation von Vorfällen verbessern. Die Integration der Erkenntnisse aus solchen Vorfällen in das Modell führt häufig zu aktualisierten Bewertungen, neuen Anforderungen und verbessert weitere Analysen. Abschließend wird das vorgestellte Rahmenwerk anhand eines aktuellen Anwendungsfalls aus dem Automobilbereich demonstriert.Cyber-Physical Systems enable various modern use cases and business models such as connected vehicles, the Smart (power) Grid, or the Industrial Internet of Things. Their key characteristics, complexity, heterogeneity, and longevity make the long-term protection of these systems a demanding but indispensable task. In the physical world, the laws of physics provide a constant scope for risks and their treatment. In cyberspace, on the other hand, there is no such constant to counteract the erosion of security features. As a result, existing security risks can constantly change and new ones can arise. To prevent damage caused by malicious acts, it is necessary to identify high and unknown risks early and counter them appropriately. Considering the numerous dynamic security-relevant factors requires a new level of automation in the management of security risks and requirements, which goes beyond the current state of the art. Only in this way can an appropriate, comprehensive, and consistent level of security be achieved in the long term. This work addresses the pressing lack of an automation methodology for the security-risk assessment as well as the generation and management of security requirements for Cyber-Physical Systems. The presented framework accordingly comprises three components: (1) a model-based security risk assessment methodology, (2) methods to unify, deduce and manage security requirements, and (3) a set of tools and procedures to detect and respond to security-relevant situations. The need for protection and the appropriate rigor are determined and evaluated by the security risk assessment using graphs and a security-specific modeling. Based on the model and the assessed risks, well-founded security requirements for protecting the overall system and its functionality are systematically derived and formulated in a uniform, machine-readable structure. This machine-readable structure makes it possible to propagate security requirements automatically along the supply chain. Furthermore, they enable the efficient reconciliation of present capabilities with external security requirements from regulations, processes, and business partners. Despite all measures taken, there is always a slight risk of compromise, which requires an appropriate response. This residual risk is addressed by tools and processes that improve the local and large-scale detection, classification, and correlation of incidents. Integrating the findings from such incidents into the model often leads to updated assessments, new requirements, and improves further analyses. Finally, the presented framework is demonstrated by a recent application example from the automotive domain

Proceedings of RSEEM 2006 : 13th Research Symposium on Emerging Electronic Markets

Electronic markets have been a prominent topic of research for the past decade. Moreover, we have seen the rise but also the disappearance of many electronic marketplaces in practice. Today, electronic markets are a firm component of inter-organisational exchanges and can be observed in many branches. The Research Symposium on Emerging Electronic Markets is an annual conference bringing together researchers working on various topics concerning electronic markets in research and practice. The focus theme of the13th Research Symposium on Emerging Electronic Markets (RSEEM 2006) was ?Evolution in Electronic Markets?. Looking back at more than 10 years of research activities in electronic markets, the evolution can be well observed. While electronic commerce activities were based largely on catalogue-based shopping, there are now many examples that go beyond pure catalogues. For example, dynamic and flexible electronic transactions such as electronic negotiations and electronic auctions are enabled. Negotiations and auctions are the basis for inter-organisational trade exchanges about services as well as products. Mass customisation opens up new opportunities for electronic markets. Multichannel electronic commerce represents today?s various requirements posed on information and communication technology as well as on organisational structures. In recent years, service-oriented architectures of electronic markets have enabled ICT infrastructures for supporting flexible e-commerce and e-market solutions. RSEEM 2006 was held at the University of Hohenheim, Stuttgart, Germany in September 2006. The proceedings show a variety of approaches and include the selected 8 research papers. The contributions cover the focus theme through conceptual models and systems design, application scenarios as well as evaluation research approaches

Generic Methods for Adaptive Management of Service Level Agreements in Cloud Computing

The adoption of cloud computing to build and deliver application services has been nothing less than phenomenal. Service oriented systems are being built using disparate sources composed of web services, replicable datastores, messaging, monitoring and analytics functions and more. Clouds augment these systems with advanced features such as high availability, customer affinity and autoscaling on a fair pay-per-use cost model. The challenge lies in using the utility paradigm of cloud beyond its current exploit. Major trends show that multi-domain synergies are creating added-value service propositions. This raises two questions on autonomic behaviors, which are specifically ad- dressed by this thesis. The first question deals with mechanism design that brings the customer and provider(s) together in the procurement process. The purpose is that considering customer requirements for quality of service and other non functional properties, service dependencies need to be efficiently resolved and legally stipulated. The second question deals with effective management of cloud infrastructures such that commitments to customers are fulfilled and the infrastructure is optimally operated in accordance with provider policies. This thesis finds motivation in Service Level Agreements (SLAs) to answer these questions. The role of SLAs is explored as instruments to build and maintain trust in an economy where services are increasingly interdependent. The thesis takes a wholesome approach and develops generic methods to automate SLA lifecycle management, by identifying and solving relevant research problems. The methods afford adaptiveness in changing business landscape and can be localized through policy based controls. A thematic vision that emerges from this work is that business models, services and the delivery technology are in- dependent concepts that can be finely knitted together by SLAs. Experimental evaluations support the message of this thesis, that exploiting SLAs as foundations for market innovation and infrastructure governance indeed holds win-win opportunities for both cloud customers and cloud providers

A Framework for Grid-Enabling Scientific Workflow Systems. Architecture and application case studies on interoperability and heterogeneity in support for Grid workflow automation.

Since the early 2000s, Service Oriented Architectures (SOAs) have played a key role in the development of complex applications within a virtual organization (VO) context. Grids and workflows have emerged as vital technologies for addressing the (SOA) paradigm. Given the variety of Grid middleware, scientific workflow systems and Grid workflows available, bringing the two technologies together in a flexible, reusable and generalized way has been largely overlooked, particularly from a scientific end user perspective. The lack of domain focus in this area has led to a slow uptake of Grid technologies. This thesis aims to design a framework for Grid-enabling workflows, which identifies the essential technological components, how these components fit together in layered architecture and the interactions between them. To produce such a framework, this thesis first investigates the definition of a Grid-workflow architecture and mapping Grid functionality to workflow nodes, focusing on striking a balance between performance, usability and the Grid functionality supported. Next, it presents an examination of framework extensions for supporting various forms of Grid heterogeneity, essential for ii VO based collaboration. Given the complex nature of Grid technologies, the work presented here investigates abstracting Grid based workflows through high-level definitions and resolution using semantic technologies. Finally, this thesis presents a way to resolves abstract Grid workflows using semantic technologies and intelligent, autonomous agents. The frameworks presented in this thesis are tested and evaluated within the context of domain-based case studies defined in the SIMDAT, BRIDGE and ARGUGRID EU funded research projects

Caractérisation et logique d'une situation collaborative

Initié en 2009, le projet MISE 2.0 (deuxième itération du projet Mediation Information System Engineering) s’articule autour d’une approche BPM (pour Business Process Management) et d’une vision MDE (pour Model-Driven Engineering). La réalisation d’une démarche BPM classique au sein d’une organisation nécessite de recueillir une connaissance couvrant à la fois les aspects structurel, informationnel et fonctionnel afin de définir des modèles de processus caractéristiques du comportement de l’organisation. Concernant le projet MISE 2.0, l’approche BPM considérée concerne un ensemble d’organisations collaboratives. Quant à la composante MDE, elle est destinée à faciliter l’automatisation des différentes étapes de la démarche : i) Recueil de la connaissance (caractérisation de la situation) : Il s’agit de collecter les information concernant la situation collaborative considérée, ii) Déduction de la cartographie de processus collaboratifs (définition de la solution) : il s’agit de définit les processus collaboratifs adaptés à la situation collaboratives caractérisée au niveau précedent and iii) Déploiement du SI de médiation (implémentation de la solution) : il s’agit d’implémenter le SI de médiation sous la forme d’une plateforme informatique capable d’orchestrer les processus collaboratif définis. La problématique scientifique relève des deux transitions entre ces trois niveaux d’abstractions : la première transition est prise en charge au niveau abstrait de la démarche MISE 2.0 alors que la seconde est traitée au niveau concret. Les travaux de thèse dont il est ici question se focalisent sur le niveau abstrait : déduction d’une cartographie de processus collaboratifs satisfaisant la situation collaborative considérée. Ce type d’objectif relève généralement d’activités entièrement manuelles qui nécessitent une importante quantité de travail afin d’obtenir les modèles de processus escomptés. Les travaux de recherches présentés ambitionnent d’automatiser cette démarche. Le principe est le suivant : (i) recueil, sous la forme de modèles, de la connaissance nécessaire à la caractérisation de la situation collaborative (informations sur les partenaires, les fonctions qu’ils partagent et leurs objectifs), (ii) déduction de la connaissance complémentaire relative à la dynamique collaborative qui pourrait satisfaire ces objectifs selon les moyens disponibles (cette phase s’appuie sur un métamodèle collaboratif, sur l’ontologie associée et sur des règles de transformation) et (iii) structuration de cette connaissance générée sous la forme d’une cartographie de processus collaboratifs (grâce à des algorithmes dédiés). ABSTRACT : MISE 2.0 (for Mediation Information System Engineering, second iteration) project has been launched in 2009. The MISE 2.0 engineering approach is based on BPM (Business Process Management) and MDE (Model-Driven Engineering). Running a regular BPM approach on a specific organization consists in gathering structural, informational, and functional knowledge in order to design cartography of processes covering the behavior of the modeled organization. Regarding the MISE 2.0 project the BPM approach concerns a set of organizations and MDE helps in automatizing the different steps: i) Knowledge gathering (situation layer): collect information concerning the collaborative situation, ii) Processes cartography design (solution layer): design the processes according to the knowledge gathered and iii) MIS deployment (implementation layer): implement an IT structure able to run the processes cartography. Both the transitions between these layers are the hard-points of this approach: The first gap is managed at the abstract level of MISE 2.0 while the second one is managed at the concrete level of MISE 2.0. The current PhD is focused on the first issue: designing a relevant processes cartography from the modeled collaborative situation. However, this is usually a manual activity, which requires a large amount of work to draw the processes and their links. The current research works aim at building such collaborative process cartography in an automated manner. Our principles are (i) to gather the essential and minimum initial collaborative knowledge (e.g. partners, shared functions and collaborative objectives) in models, ii) to deduce the missing knowledge with the help of a collaborative metamodel, an associated ontology and transformation rules and iii) to structure the deduced knowledge in a collaborative process cartography thanks to dedicated algorithms

Business and logic charateristic in an collaborative situation

MISE 2.0 (for Mediation Information System Engineering, second iteration) project has been launched in 2009. The MISE 2.0 engineering approach is based on BPM (Business Process Management) and MDE (Model-Driven Engineering). Running a regular BPM approach on a specific organization consists in gathering structural, informational, and functional knowledge in order to design cartography of processes covering the behavior of the modeled organization. Regarding the MISE 2.0 project the BPM approach concerns a set of organizations and MDE helps in automatizing the different steps: i) Knowledge gathering (situation layer): collect information concerning the collaborative situation, ii) Processes cartography design (solution layer): design the processes according to the knowledge gathered and iii) MIS deployment (implementation layer): implement an IT structure able to run the processes cartography. Both the transitions between these layers are the hard-points of this approach: The first gap is managed at the abstract level of MISE 2.0 while the second one is managed at the concrete level of MISE 2.0. The current PhD is focused on the first issue: designing a relevant processes cartography from the modeled collaborative situation. However, this is usually a manual activity, which requires a large amount of work to draw the processes and their links. The current research works aim at building such collaborative process cartography in an automated manner. Our principles are (i) to gather the essential and minimum initial collaborative knowledge (e.g. partners, shared functions and collaborative objectives) in models, ii) to deduce the missing knowledge with the help of a collaborative metamodel, an associated ontology and transformation rules and iii) to structure the deduced knowledge in a collaborative process cartography thanks to dedicated algorithms