A framework for abstracting complexities in service delivery platforms

The telecommunication (telco) and Information Technology (IT) industries are converging into a single highly competitive market, where service diversity is the critical success factor. To provide diverse services, the telco network operator must evolve the traditional voice service centric network into a generic service centric network. An appropriate, but incomplete, architecture for this purpose is the Service Delivery Platform (SDP). The SDP represents an IT-based system that simplifies access to telco capabilities using services. SDP services offer technology independent interfaces to external entities. The SDP has vendor-specific interpretations that mix standards-based and proprietary interfaces to satisfy specific requirements. In addition, SDP architectural representations are technology-specific. To be widely adopted the SDP must provide standardised interfaces. This work contributes toward SDP standardisation by defining a technology independent and extendable architecture, called the SDP Framework. To define the framework we first describe telecom-IT convergence and a strategy to manage infrastructure integration. Second, we provide background on the SDP and its current limitations. Third, we treat the SDP as a complex system and determine a viewpoint methodology to define its framework. Fourth, we apply viewpoints by extracting concepts and abstractions from various standard-based telecom and IT technologies: the Intelligent Network (IN), Telecommunication Information Networking Architecture (TINA), Parlay, enhanced Telecommunications Operations Map (eTOM), Service Oriented Architecture (SOA) and Internet Protocol Multimedia Subsystem (IMS). Fifth, by extending the concepts and abstractions we define the SDP framework. The framework is based on a generic business model and reference model. The business model shows relationships between SDP, telco and external entities using business relationships points. The reference model extends the business model by formalising relationships as reference points. Reference points expand into interfaces exposed by services. Applications orchestrate service functions via their interfaces. Service and application distribution is abstracted by middleware that operates across business model domains. Services, interfaces, applications and middleware are managed in Generic Service Oriented Architectures (GSOA). Multiple layered GSOAs structure the SDP framework. Last, we implement the SDP framework using standard-based technologies with open service interfaces. The implementation proves framework concepts, promotes SDP standardisation and identifies research areas

Towards a framework for building security operation centers

In this thesis a framework for Security Operation Centers (SOCs) is proposed. It was developed by utilising Systems Engineering best practices, combined with industry-accepted standards and frameworks, such as the TM Forum’s eTOM framework, CoBIT, ITIL, and ISO/IEC 27002:2005. This framework encompasses the design considerations, the operational considerations and the means to measure the effectiveness and efficiency of SOCs. The intent is to provide guidance to consumers on how to compare and measure the capabilities of SOCs provided by disparate service providers, and to provide service providers (internal and external) a framework to use when building and improving their offerings. The importance of providing a consistent, measureable and guaranteed service to customers is becoming more important, as there is an increased focus on holistic management of security. This has in turn resulted in an increased number of both internal and managed service provider solutions. While some frameworks exist for designing, building and operating specific security technologies used within SOCs, we did not find any comprehensive framework for designing, building and managing SOCs. Consequently, consumers of SOCs do not enjoy a constant experience from vendors, and may experience inconsistent services from geographically dispersed offerings provided by the same vendor

A national cybersecurity management framework for developing countries

Abstract : Please refer to full text to view abstract.D.Phil. (Computer Science

ICE-B 2010:proceedings of the International Conference on e-Business

The International Conference on e-Business, ICE-B 2010, aims at bringing together researchers and practitioners who are interested in e-Business technology and its current applications. The mentioned technology relates not only to more low-level technological issues, such as technology platforms and web services, but also to some higher-level issues, such as context awareness and enterprise models, and also the peculiarities of different possible applications of such technology. These are all areas of theoretical and practical importance within the broad scope of e-Business, whose growing importance can be seen from the increasing interest of the IT research community. The areas of the current conference are: (i) e-Business applications; (ii) Enterprise engineering; (iii) Mobility; (iv) Business collaboration and e-Services; (v) Technology platforms. Contributions vary from research-driven to being more practical oriented, reflecting innovative results in the mentioned areas. ICE-B 2010 received 66 submissions, of which 9% were accepted as full papers. Additionally, 27% were presented as short papers and 17% as posters. All papers presented at the conference venue were included in the SciTePress Digital Library. Revised best papers are published by Springer-Verlag in a CCIS Series book

Formalising non-functional requirements embedded in user requirements notation (URN) models

The growing need for computer software in different sectors of activity, (health, agriculture, industries, education, aeronautic, science and telecommunication) together with the increasing reliance of the society as a whole on information technology, is placing a heavy and fast growing demand on complex and high quality software systems. In this regard, the anticipation has been on non-functional requirements (NFRs) engineering and formal methods. Despite their common objective, these techniques have in most cases evolved separately. NFRs engineering proceeds firstly, by deriving measures to evaluate the quality of the constructed software (product-oriented approach), and secondarily by improving the engineering process (process-oriented approach). With the ability to combine the analysis of both functional and non-functional requirements, Goal-Oriented Requirements Engineering (GORE) approaches have become de facto leading requirements engineering methods. They propose through refinement/operationalisation, means to satisfy NFRs encoded in softgoals at an early phase of software development. On the other side, formal methods have kept, so far, their promise to eliminate errors in software artefacts to produce high quality software products and are therefore particularly solicited for safety and mission critical systems for which a single error may cause great loss including human life. This thesis introduces the concept of Complementary Non-functional action (CNF-action) to extend the analysis and development of NFRs beyond the traditional goals/softgoals analysis, based on refinement/operationalisation, and to propagate the influence of NFRs to other software construction phases. Mechanisms are also developed to integrate the formal technique Z/Object-Z into the standardised User Requirements Notation (URN) to formalise GRL models describing functional and non-functional requirements, to propagate CNF-actions of the formalised NFRs to UCMs maps, to facilitate URN construction process and the quality of URN models.School of ComputingD. Phil (Computer Science