Spelling suggestions: "subject:"forminformation lemsystems engineering"" "subject:"forminformation lemsystems ingineering""
1 |
Analyzing the Privacy Policy: Responses and Challenges. : A survey research about the experiences from common users and service providers?Shaikh, Murtaza Hussain January 2011 (has links)
The main purpose of this thesis is to investigate how different age categories of users and the service providers point of view about understandability, technicality, importance and awareness of privacy policy. The emerging ambiguity in information security has raised many privacy and trust issues that are context dependent. Therefore there are several uncertainties and risks seen today concerning theprivacy policy & subscriber trust. It is a responsibility of services providers before amending their policy to notify their subscribers. Because if they do not take this initiative then it creates trust deficit for their subscribers and this affects their business and goodwill.In this work we have adopted the online survey questionnaire technique to perform a research based on the users ideas and thoughts about the privacy policy and security issues. We have used the same technique with different questions based on the organizations own perspectives on the privacy policy. This would highlight to what extent an organization thinks the policy fulfills the users confidence. We have decided to target Norwegian service providers and people as participants for this survey, to better understand the theme of research. It took about four months to collect the responses from the organizations and from the participants. This report discusses the importance of privacy policy for a common user / subscriber. Generally observed in this work is that, before accepting privacy policy, it is hard to read these policies and understood by end-user, and taking this prospect ahead, many privacy policies and regulations have a difficult context to understand.This survey methodology was selected to ensure the originality of the user`s state of mind, and it was also vital for the service providers to show their responses and opinion on privacy policy. We have noticed that a majority of the users are not interested in reading the contents of the privacy, and they simply provide their sensitive information without ensuring the authenticity and regulations inside theprivacy policy. Furthermore, we observed that users think privacy policy just saves them from viruses and threats, and there is a chance of phishing if it is not mentioned on the service provider website. Most of the service providers have recently introduced the privacy protection seals for secure data transmission on their website in order to build a strong subscriber`s trust.Finally, it is important to continue researching to get better tools and more mechanisms for a good security policy, and to establish guidelines for better understanding as we learn more.Keywords: Privacy; Personal information; Service providers; Subscriber`s; Policy; Issues; Survey design; Legislation; Settings; Practices.
|
2 |
IMPROVING COLLABORATION IN MARITIME OPERATIONS USING BUSINESS PROCESS MODELING NOTATIONKosuri, Kishore January 2011 (has links)
In one of the highly globalized fields such as Marine Industry, shipping operations are hugely dependent on the quick and readily accessible information about the people, machinery and services available both at port and terminal levels. The e-collaboration tools often result in improving the potential to take advantage of the information across various dimensions such as nations, organizations and professions. In the maritime transportation sector, collaboration is very much evident as intersection between various elements associated with it such as business processes (or service management), software tools (or technologies) and users. As a result, collaboration is crucial either to make good plans that are aligned with the different stakeholders or can be used as a tool for deviation management if such a thing occurs. Usually, the maritime shipping operations are carried out both on ship and also by various bodies affiliated with port and terminal services. However, establishing collaboration between operations and tools is often challenging as they are two very different disciplines. Therefore, the knowledge gathered via intersection of software engineering and processes involved holds the means for establishing the collaboration between the service providers and potential users. Normally the information is coming from sensors as well as traditional message based sources. These information sources can be used for identifying and capturing business processes which are part of maritime enterprise to achieve collaboration among various involved parties. In this thesis, a method is proposed to overcome the problem of process management by establishing a collaboration medium between the service providers and participants in a maritime enterprise. This work is based on literature study, industry test cases and validation of test case models using process centric approach. The process centric approach, which regards notion of developing enterprise based on process models and facilitating collaboration among participants of business process models, is the main result this work. The steps are to define goals, identify business processes and define collaboration in these. To support this we need the other contributions of the thesis; i.e. uncovering the collaboration space through intersection of entities, collaboration platform, collaboration-oriented architecture and collaboration matrix generation. BPMN (Business Process Modeling Notation) provided a means to model the industrial test case using the process-centric approach and study collaboration among tasks in business process. The analysis of test case BPMN model validates concepts of Marine Information Center (MIS) project at SINTEF and provides set of requirements for improving collaboration further
|
3 |
Pervasive Games for Vehicle DriversEllafy, Amr January 2011 (has links)
Pervasive games are a new gender of games that is gaining popularity in recent years.The potential of pervasive games is their ability of mixing real-life physical objects in the gameplay, creating a thrilling experience for players.This thesis work researches the possibility of engaging vehicle drivers in pervasive games with road safety as the primary concern.First a research of main causes of traffic accidents is conducted though available statistics.The statistics shows that the human-factor contributes to the top five causes of traffic accidents.The statistics also concluded that the driver psychophysiological state is vital for road safety.Factors conditioning human's psycho physiological state are analyzed from computer games perspective.Affective Gaming, a gender of gaming highly dependent on player psychophysiological state, is further studied in terms of its applicability for in-vehicle use.The study includes researching various methods of capturing human psychophysiological state.Furthermore, different types of pervasive games are discussed including state of the art games available for vehicles.A research is conducted to cover available driver support systems and show how they work and contribute to road safety.Heads-up Display are also discussed as a method of displaying information to the driver with minimal distraction from driving.Relevant concepts and technologies in relation to pervasive games, driver support systems and road safety were defined and utilized as a basis for the conceptual framework which was developed in this thesis work. The framework shows how pervasive games can be used to contribute to road safety using various driver support systems. The idea is illustrated in a set of example game scenarios.A simulation software is used to demonstrate a part of the conceptual framework as a proof of concept.An important outcome of this thesis includes a conceptual framework for pervasive game implementation. The guidelines and relevant technologies are indispensable not only for pervasive games, but also for other multimedia (infotainment) application development and integration in the vehicle environment in terms of road safety and driving quality.
|
4 |
Comparison of i*-based and Use Case-based Security Modelling Initiatives for Software Requirements Engineering : An empirical comparison of Secure Tropos and Misuse CasesPan, Yushan January 2012 (has links)
In the course TDT4501 - Specialization Project - “ReqSec project”, the preparatory course to this thesis, through purely analytical evaluation of the eight modeling approaches, the advantages and disadvantages were illustrated based on the categories - i*-based modeling approach and Use Case-based modeling approach.However, only a purely analytical evaluation of the modeling approaches does not alwaysreflect their practical usefulness. Hence, the [motivation] of the thesis was selecting two modeling approaches, those are Secure Tropos and Misuse Cases, using an empirical investigation for such evaluations to guide the researchers and practitioners a better overview and understanding of the benefits of the two modeling approaches in a real life usage. The objective was to see if the advantages claimed analytically in the previous project also come true in practice. [Questions] Through a controlled experiment, two core problems shall be investigated: a) How about the participants’ performance when they applied the two modeling approaches to finish tasks in the experiment and b) Their preference for the two modeling approaches after the experiment. The [principle] was using two modeling approaches to perform the experiment, through the participants’ performance on the identified number of threats and mitigations for the experiment cases, and their perception of the two modeling approaches by means of asking them to estimate the usage of modeling diagrams, textual description of cases, and memory in the experiment. And combining with the evaluation of post-questionnaire analysis, the conclusions were summarized based on the empirical study of statistical results and the previous analytical study results, to investigate whether the empirical evaluation could match well with analytical evaluation or not.[Contribution] The experiment project was the first time to compare the Secure Troposand Misuse Cases comprehensibly. The results illustrated that both modeling techniqueshad no significant difference of identifying threats but they had significant difference of identifying mitigations in this controlled experiment with 50 students who apply to both modeling approaches with relevant cases. And through analyzing the same case with the same modeling approach or different modeling approach of the experiment, it was found that Net Shopping case was identified more mitigations and threats by the participants when considering the aspect of technique criteria of threats and mitigations. The participants were complementary regarding goal-based modeling approach in some security issues and performed non-techniques threats and mitigations in this controlled experiment. Hence, Secure Tropos was investigated perceiving more favorable. In the last, comparing with the six dimensions from previous analytical comparison, the investigation shows that most of the two modeling approaches’ advantages were confirmed, and the results also coincided to the previous analytical evaluation.Keywords: Secure Tropos, Misuse Case, Empirical Study, Security Modeling
|
5 |
Semoogle - An Ontology Based Search EngineAghajani, Nooshin January 2012 (has links)
In this thesis, we present a prototype for search engine to show how such a semantic search application based on ontology techniques contributes to save time for user, and improve the quality of relevant search results compared to a traditional search engine. This system is built as a query improvement module, which uses ontology and sorts the results search based on four predefined categories. The first and important part of the implementation of search engine prototype is to apply ontology to define the meaning and the relations between the queries in default domain of the study. Next, categorization of the results is carried out in order to improve the quality of result search presentation based on categorization-list. The ontology used in this search engine prototype includes sample of terms in safety and security domain, which is capable to be modified in this domain, or can be substituted by another ontology in the other fields of study. The process is continued by searching the enriched query through the Web using Google interface application search engine. The application uses ranking algorithms to categorize and organize the results of Google search in four categories, i.e. History, Mechanism, Prevention, and Case study. The predefined categories can be substituted to the other categories based on user preferences in other studies using different categorizes.
|
6 |
Between Innovation and Governance : The Case of Research-based Software Development in a Large Petroleum CompanySeifvand, Atiyeh January 2012 (has links)
Software innovations can offer organizations with competitive advantages. Research and development entities within the petroleum industry therefore seek to utilize IT capabilities to produce innovative software. Many factors may influence the success or failure of developing and implementing research-based software innovations in organizations. Of these issues the relation between software innovation and IT governance remains largely unexplored in the research literature.This study explores the effects IT governance has on the success or failure of research-based software development projects in an international petroleum company through an interpretive case study. The results of the study are twofold: 1) practical and 2) theoretical.The practical results show that the investigated petroleum company's emphasis on formalization has unfortunate side-effects on successful development and implementation of research-based software in the organization. IT governance, focused on stability of operations, is not well aligned with the corporate strategy of increased innovation. Moreover, the central IT department uses governance structures to guard the boundaries around the department.The theoretical results from the study presented that the impact of IS innovation or digital technology innovation on the research projects and how they can help the researchers to realize their ideas, remain unnoticed in the literature. Furthermore, In IS innovation literature, the organizations’ IS unit is the main responsible for IS innovation and it starts the innovation. However in the presented study R&D department had the main responsibility in innovation and it initiates innovation.
|
7 |
Domain Model-Centric Distributed Development : An approach to semantics-based change impact managementStrasunskas, Darijus January 2006 (has links)
<p>Today’s information systems engineering involves large number of stakeholders, wide geographical distribution and wide range of tools. Success in system engi-neering depends on effective human communication. Early understanding and modelling of the problem domain is a key to manage large scale systems and pro-jects. This requires stakeholders to reach a certain level of shared interpretation of the domain referred throughout the development</p><p>We propose a method for semantics driven change impact assessment. In our method, first a collaborative problem analysis is conducted. The problem analysis results in an agreed and committed common understanding of the prob-lem domain, expressed in a conceptual domain model. The constructed concep-tual domain-specific model is then actively used as a communication medium, e.g., to abstract development objects from representation format in order to expli-cate their semantics. Stakeholders browse the domain model and interactively as-sociate to product fragments by selecting concept clusters that best describe the contents (intended meaning) of the product fragments.</p><p>Associations of the development objects with concepts from domain model, as well as the domain model itself constitute the basis for change impact assess-ment throughout the development. Every revision of a development object in-vokes change impact notifications that are either confirmed or rejected. Accumu-lated statistics are used to refine associations via the domain model to the direct dependency links among development objects.</p><p>The method has been implemented in a prototype system CO2SY and has been evaluated in an experiment, where a set of test users has been provided with a problem domain description including a domain model and a set of develop-ment objects. The experiment was based on two real world cases. Users were asked to perform tasks using the prototype and two comparative tools. The method and prototype have been evaluated with respect to actual performance and users perceptions. The result shows actual effectiveness, perceived ease of use and usefulness comparing to other tools used in the experiment, as well as intention of the subjects to use the method in future.</p><p>A discussion of future research directions and possible revisions of the method concludes the thesis.</p>
|
8 |
Domain Model-Centric Distributed Development : An approach to semantics-based change impact managementStrasunskas, Darijus January 2006 (has links)
Today’s information systems engineering involves large number of stakeholders, wide geographical distribution and wide range of tools. Success in system engi-neering depends on effective human communication. Early understanding and modelling of the problem domain is a key to manage large scale systems and pro-jects. This requires stakeholders to reach a certain level of shared interpretation of the domain referred throughout the development We propose a method for semantics driven change impact assessment. In our method, first a collaborative problem analysis is conducted. The problem analysis results in an agreed and committed common understanding of the prob-lem domain, expressed in a conceptual domain model. The constructed concep-tual domain-specific model is then actively used as a communication medium, e.g., to abstract development objects from representation format in order to expli-cate their semantics. Stakeholders browse the domain model and interactively as-sociate to product fragments by selecting concept clusters that best describe the contents (intended meaning) of the product fragments. Associations of the development objects with concepts from domain model, as well as the domain model itself constitute the basis for change impact assess-ment throughout the development. Every revision of a development object in-vokes change impact notifications that are either confirmed or rejected. Accumu-lated statistics are used to refine associations via the domain model to the direct dependency links among development objects. The method has been implemented in a prototype system CO2SY and has been evaluated in an experiment, where a set of test users has been provided with a problem domain description including a domain model and a set of develop-ment objects. The experiment was based on two real world cases. Users were asked to perform tasks using the prototype and two comparative tools. The method and prototype have been evaluated with respect to actual performance and users perceptions. The result shows actual effectiveness, perceived ease of use and usefulness comparing to other tools used in the experiment, as well as intention of the subjects to use the method in future. A discussion of future research directions and possible revisions of the method concludes the thesis.
|
9 |
Specification of Requirements for Safety in the Early Development Phases - Misuse Case and HAZOP in the Concept PhaseMaringa, Joshua, Sæther, Thorbjørn January 2011 (has links)
In the course TDT4520 - Specialization Project, the preparatory course to this thesis, we looked at several safety analysis methods and how they could be exploited to identify software hazards in the early stages of development. After our evaluation, and with the results from a survey conducted on experts in the field, we proposed a procedure to improve software hazard identification in the concept phase of projects. The procedure consisted of a Misuse Case analysis with a sub-sequential HAZOP analysis. Our case study showed that this procedure will indeed aid in the identification process. However, testing the procedure on others is needed to see if this is correct. That is the main theme for this thesis. We performed an experiment with undergraduate students and an interview with an expert in the field. We use the results from the experiment to validate our assumptions and identify modifications that might be needed. The experiment gave us a good illustration of how the procedure would work in a real hazard analysis project, and the data collected showed us the differences between it and the more commonly used Preliminary Hazard Analysis. Our hypothesis was that the Misuse Case and HAZOP approach would improve the hazard identification with focus on software. The experiment resulted in no clear difference in non-software parts of the system, but a clear improvement on the software parts. Afterwards we conducted an interview with an expert in the field, in which we clarified many of our questions and assumptions, and aided us in modifying the procedure to the better.Although the procedure still needs to be tested thoroughly with real projects in the industry to make a final decision on whether it has merit or not, our conclusion is that the procedure deserves further attention. Software hazard identification in the concept phase is difficult but based on our findings, the Misuse Case and HAZOP combination can improve this problem.
|
10 |
Approche générique pour la modélisation et l'implémentation des processus / A generic approach for process modeling and implementationUlmer, Jean-Stéphane 11 February 2011 (has links)
Une entreprise doit être capable de décrire et de demeurer réactive face à un événement endogène ou exogène. Une telle flexibilité peut s'obtenir par la gestion des processus d'entreprise (Business Process Management - BPM). Lors d'une démarche BPM, différentes transformations interviennent sur les modèles de processus développés par l'analyste métier et l'expert en technologies de l'information. Un non-alignement se crée entre ces modèles hétérogènes lors de leurs manipulations : il s'agit du "fossé métier-TI" tel que décrit dans la littérature. L'objectif de notre travail est de proposer un cadre méthodologique permettant un meilleur pilotage des processus métier, afin de tendre vers un alignement systématique de leur modélisation à leur implémentation au sein du système cible. A l'aide de concepts issus de l'ingénierie d'Entreprise et des Systèmes d'Informations dirigée par les modèles et des TI, nous définissons une démarche générique assurant une cohérence intermodèle. Son rôle est de conserver et de fournir toutes les informations liées à la structure et à la sémantique des modèles. En permettant la restitution intégrale d'un modèle transformé au sens de l'ingénierie inverse, notre plateforme permet une synchronisation entre modèle d'analyse et modèle d'implémentation. Le manuscrit présente également l'adéquation possible entre l'ingénierie des procédés et le BPM à travers un point de vue multi-échelle. / A company must be able to describe and to remain responsive against endogenous or exogenous events. Such flexibility can be obtained with the Business Process Management (BPM). Through a BPM approach, different transformations operate on process models, developed by the business analyst and IT expert. A non-alignment is created between these heterogeneous models during their manipulation: this is the "business-IT gap" as described in the literature. The objective of our work is to propose a methodological framework for a better management of business processes in order to reach a systematic alignment from their modelling to their implementation within the target system. Using concepts from Model-driven Enterprise and Information System engineering, we define a generic approach ensuring an intermodal consistency. Its role is to maintain and provide all information related to the model structure and semantics. By allowing a full restitution of a transformed model, in the sense of reverse engineering, our platform enables synchronization between analysis model and implementation model. The manuscript also presents the possible match between process engineering and BPM through a multi- erspective scale.
|
Page generated in 0.1802 seconds