A service oriented approach for guidelines-based clinical decision support using BPMN

Evidence-based medical practice requires that clinical guidelines need to be documented in such a way that they represent a clinical workflow in its most accessible form. In order to optimize clinical processes to improve clinical outcomes, we propose a Service Oriented Architecture (SOA) based approach for implementing clinical guidelines that can be accessed from an Electronic Health Record (EHR) application with a Web Services enabled communication mechanism with the Enterprise Service Bus. We have used Business Process Modelling Notation (BPMN) for modelling and presenting the clinical pathway in the form of a workflow. The aim of this study is to produce spontaneous alerts in the healthcare workflow in the diagnosis of Chronic Obstructive Pulmonary Disease (COPD). The use of BPMN as a tool to automate clinical guidelines has not been previously employed for providing Clinical Decision Support (CDS)

Electronic Construction Collaboration System – Phase III, December 2011

This phase of the electronic collaboration project involved two major efforts: 1) implementation of AEC Sync (formerly known as Attolist), a web-based project management system (WPMS), on the Broadway Viaduct Bridge Project and the Iowa Falls Arch Bridge Project and 2) development of a web-based project management system for bridge and highway construction projects with less than $10 million in contract value. During the previous phase of this project (fiscal year 2010), the research team helped with the implementation process for AEC Sync and collected feedback from the Broadway Viaduct project team members before the start of the project. During the 2011 fiscal year, the research team collected the post-project surveys from the Broadway Viaduct project members and compared them to the pre-project survey results. The results of the AEC Sync implementation on the Broadway project were positive. The project members were satisfied with the performance of the AEC Sync software and how it facilitated document management and its transparency. In addition, the research team distributed, collected, and analyzed the pre-project surveys for the Iowa Falls Arch Bridge Project. The implementation of AEC Sync for the Iowa Falls Arch Bridge Project appears to also be positive, based on the pre-project surveys. The fourth phase of this electronic collaboration project involves the identification and implementation of a WPMS solution for smaller bridge and highway projects. The workflow for the shop drawing approval process for sign truss projects was documented and used to identify possible WPMS solutions. After testing and evaluating several WPMS solutions, Microsoft SharePoint Foundation’s site pages were selected to be pilot-tested on sign truss projects. Due to the limitation on the SharePoint license that the Iowa Department of Transportation (DOT) has, a file transfer protocol (FTP) site will be developed alongside this site to allow contractors to upload shop drawings to the Iowa DOT. The SharePoint site pages are expected to be ready for implementation during the 2012 calendar year

Performance modeling of e-procurement workflow using Generalised Stochastic Petri net (GSPN)

This paper proposes a Generalised Stochastic Petri net (GSPN) model representing a generic e-procurement workflow process. The model displays the dynamic behaviour of the system and shows the inter relationship of process activities. An analysis based on matrix equation approach enabled users to analyse the critical system's states, and thus justify the process performance. The results obtained allow users for better decision making in improving e-procurement workflow performance

Master of Puppets: Analyzing And Attacking A Botnet For Fun And Profit

A botnet is a network of compromised machines (bots), under the control of an attacker. Many of these machines are infected without their owners' knowledge, and botnets are the driving force behind several misuses and criminal activities on the Internet (for example spam emails). Depending on its topology, a botnet can have zero or more command and control (C&C) servers, which are centralized machines controlled by the cybercriminal that issue commands and receive reports back from the co-opted bots. In this paper, we present a comprehensive analysis of the command and control infrastructure of one of the world's largest proprietary spamming botnets between 2007 and 2012: Cutwail/Pushdo. We identify the key functionalities needed by a spamming botnet to operate effectively. We then develop a number of attacks against the command and control logic of Cutwail that target those functionalities, and make the spamming operations of the botnet less effective. This analysis was made possible by having access to the source code of the C&C software, as well as setting up our own Cutwail C&C server, and by implementing a clone of the Cutwail bot. With the help of this tool, we were able to enumerate the number of bots currently registered with the C&C server, impersonate an existing bot to report false information to the C&C server, and manipulate spamming statistics of an arbitrary bot stored in the C&C database. Furthermore, we were able to make the control server inaccessible by conducting a distributed denial of service (DDoS) attack. Our results may be used by law enforcement and practitioners to develop better techniques to mitigate and cripple other botnets, since many of findings are generic and are due to the workflow of C&C communication in general

Supporting Special-Purpose Health Care Models via Web Interfaces

The potential of the Web, via both the Internet and intranets, to facilitate development of clinical information systems has been evident for some time. Most Web-based clinical workstations interfaces, however, provide merely a loose collection of access channels. There are numerous examples of systems for access to either patient data or clinical guidelines, but only isolated cases where clinical decision support is presented integrally with the process of patient care, in particular, in the form of active alerts and reminders based on patient data. Moreover, pressures in the health industry are increasing the need for doctors to practice in accordance with ¿best practice¿ guidelines and often to operate under novel health-care arrangements. We present the Care Plan On-Line (CPOL) system, which provides intranet-based support for the SA HealthPlus Coordinated Care model for chronic disease management. We describe the interface design rationale of CPOL and its implementation framework, which is flexible and broadly applicable to support new health care models over intranets or the Internet

Large Scale Document Management System: Creating Effective Public Sector Knowledge Management System

The digital age has redefined the production process and utilisation of documents globally. In the information age, the process of input, delivery, storage, receipt, and categorization of data is critical. The public sector has to rely more and more on automated, reliable solutions in order to keep their information safe and readily accessible for effective governance. A document management system is a computer system used to track and store electronic documents and/or images of paper documents. The term has some overlap with the concepts of content management systems often viewed as a component of enterprise content management systems and related to digital asset management, document imaging, workflow systems and records management systems. This paper examines an ongoing document management implementation case study in a public sector of digital assets of over twelve million pages, scalable to billions of pages, highlighting the taxonomy, content and knowledge management creation using an enterprise content management system and discusses the role in national development and growt

Master of puppets: analyzing and attacking a botnet for fun and profit

A botnet is a network of compromised machines (bots), under the control of an attacker. Many of these machines are infected without their owners’ knowledge, and botnets are the driving force behind several misuses and criminal activities on the Internet (for example spam emails). Depending on its topology, a botnet can have zero or more command and control (C&C) servers, which are centralized machines controlled by the cybercriminal that issue commands and receive reports back from the co-opted bots. In this paper, we present a comprehensive analysis of the command and control infrastructure of one of the world’s largest proprietary spamming botnets between 2007 and 2012: Cutwail/Pushdo. We identify the key functionalities needed by a spamming botnet to operate effectively. We then develop a number of attacks against the command and control logic of Cutwail that target those functionalities, and make the spamming operations of the botnet less effective. This analysis was made possible by having access to the source code of the C&C software, as well as setting up our own Cutwail C&C server, and by implementing a clone of the Cutwail bot. With the help of this tool, we were able to enumerate the number of bots currently registered with the C&C server, impersonate an existing bot to report false information to the C&C server, and manipulate spamming statistics of an arbitrary bot stored in the C&C database. Furthermore, we were able to make the control server inaccessible by conducting a distributed denial of service (DDoS) attack. Our results may be used by law enforcement and practitioners to develop better techniques to mitigate and cripple other botnets, since many of findings are generic and are due to the workflow of C&C communication in general.First author draf

The Promise of Health Information Technology: Ensuring that Florida's Children Benefit

Substantial policy interest in supporting the adoption of Health Information Technology (HIT) by the public and private sectors over the last 5 -- 7 years, was spurred in particular by the release of multiple Institute of Medicine reports documenting the widespread occurrence of medical errors and poor quality of care (Institute of Medicine, 1999 & 2001). However, efforts to focus on issues unique to children's health have been left out of many of initiatives. The purpose of this report is to identify strategies that can be taken by public and private entities to promote the use of HIT among providers who serve children in Florida

Towards the design of a platform for abuse detection in OSNs using multimedial data analysis

Online social networks (OSNs) are becoming increasingly popular every day. The vast amount of data created by users and their actions yields interesting opportunities, both socially and economically. Unfortunately, these online communities are prone to abuse and inappropriate behaviour such as cyber bullying. For victims, this kind of behaviour can lead to depression and other severe problems. However, due to the huge amount of users and data it is impossible to manually check all content posted on the social network. We propose a pluggable architecture with reusable components, able to quickly detect harmful content. The platform uses text-, image-, audio- and video-based analysis modules to detect inappropriate content or high risk behaviour. Domain services aggregate this data and flag user profiles if necessary. Social network moderators need only check the validity of the flagged profiles. This paper reports upon key requirements of the platform, the architectural components and important challenges