Structured Information Flow (SIF) Framework for Automating End-to-End Information Flow for Large Organizations

Bhatia, Shishir

09 March 2006

For almost five decades, since the advent of the first computers for commercial use, the dream of the Paperless Office, a.k.a. total Information flow automation, has eluded the industry. Now, with the emergence of Internet- and Web-based technologies, daily we see examples of organizations like eBay and Amazon that perform their business in a fully automated manner without the use of paper or pen. However, bigger and older organizations that have more complex functions, like government organizations, have not been very successful in harnessing the latest technological innovations to completely automate their Information flow. We propose a Structured Information Flow (SIF) framework that provides the conceptual infrastructure to automate small and big, new and old organizations alike. The ease of the transformation is due to three key features of SIF that set it apart from any other Information flow automation scheme. First, SIF utilizes the attributes of the organization, such as the existing reporting structure, to model the automated Information flow. The rules governing the flow of Information are based on the hierarchy already in place, for example: A senior can view any Information owned by any of his/her direct subordinates. Second, SIF characterizes external organization entities as a special case of internal organization entities, allowing for seamless integration of the Information flow to and from them. Third, the SIF framework is independent of platform, method, organization, or technology. This gives it a generic nature that makes it applicable as a platform to implement multiple types of automated e-systems such as e-commerce, e-education, e-training, e-governance, etc. In this body of work, we formally define the SIF framework using state transformation language and a visual representation scheme specifically developed for this purpose. We also define the Information Interfaces, which are the mechanism for implementing rules- and constraint-based Information flow in SIF. / Master of Science

End-to-End Information Flow

Paperless Office

Information Flow Framework

Information Flow Automation Model

Electronic Information Flow

Facilitating communication in supply chain distribution planning : A case study

Ukachukwu, Joseph, Abdissa, Mussie, Yasin Ibrahim, Abdellah

January 2016

Abstract Purpose The main focus of the thesis is on the communication path between departments in the company and how information communication can be improved for better optimization of the distribution process with in the company. The aim of this thesis is to survey the planning process from the depot of the case company until it reaches the final consumer. Delimitation The thesis will focus on the communication among the departments involved in the distribution planning process at the case company. Only activities involved in distributing the products from the depot to the final consumers were reviewed. Findings The communication process in an organization is one of the most important processes for strengthening the decision making process in planning, organizing and executing the company’s business of delivering products and services to the final customers. An effective communication process enables the creation of a good work environment for employees that are divided according to their specific tasks and responsibilities in the organization structure. Information flow between managers, subordinates and customers is a complex process that uses different information systems and communication channels under preliminary communication guidelines set by the organization. The communication process need to be maintained and improved continuously in order to cope with the complexities that come from the need for tracking up to date information on volumes and variety of products and rapidly changing customer demands in the organizations supply chain network. Data collection A number of articles from multiple journals in supply chain management were used for literature review in order to increase knowledge and understanding on the research topic. Semi-structured interviews were made at the case company in order to get all relevant information for developing and answering the research questions of the thesis. Conclusion It’s possible for the management team to stay proactive and better prepared for meeting the organizations goals though transparent, integrated and healthy communications between the entities in the organization’s supply chain.

communication

information flow

supply chain management

Reachability relations in selective regression testing

Zhou, Xinwei

January 1998

No description available.

005

Information flow security - models, verification and schedulers

Zhang, Chenyi, Computer Science & Engineering, Faculty of Engineering, UNSW

January 2009

Information flow security concerns how to protect sensitive data in computer systems by avoiding undesirable flow of information between the users of the systems. This thesis studies information flow security properties in state-based systems, dealing in particular with modelling and verification methods for asynchronous systems and synchronous systems with schedulers. The aim of this study is to provide a foundational guide to ensure confidentiality in system design and verification. The thesis begins with a study of definitions of security properties in asynchronous models. Two classes of security notions are of particular interest. Trace-based properties disallow deductions of high security level secrets from low level observation traces. Bisimulation-based properties express security as a low-level observational equivalence relation on states. In the literature, several distinct schools have developed frameworks for information flow security properties based on different semantic domains. One of the major contributions of the thesis is a systematic study that compares security notions, using semantic mappings between two state-based models and a particular process algebraic model. An advantage of state-based models is the availability of well-developed verification methods and tools for functional properties in finite state systems. The thesis investigates the application of these methods to the algorithmic verification of the information flow security properties in the asynchronous settings. The complexity bounds for verifying these security properties are given as polynomial time for the bisimulation-based properties and polynomial space complete for the trace-based properties. Two heuristics are presented to benefit the verifications of the properties in practice. Timing channels are one of the major concerns in the computer security community, but are not captured in asynchronous models. In the final part of the thesis, a new system model is defined that deals with timing and scheduling. A group of novel security notions, including both trace-based and bisimulation-based properties, are proposed in this new model. It is further investigated whether these security properties are preserved by refinement of schedulers and scheduler implementations. A case study of a multi- evel secure file server is described, which applies a number of access control rules to enforce a particular bisimulation-based property in the synchronous setting.

Information flow

Formal methods

Security

Noninterference

A Study of Information Flow and Organizational Process -- An Example of Implementation of Engineering Change in TFT-LCD Industry in Taiwan

Tsai, I-Lung

07 August 2006

On account of the rapid change of the market structure of the globalization economy, the competition strategy of the enterprises has conversed from simply pursuing high quality and low cost in the past into the strategy of product design and manufacturing which seeks for satisfying customers¡¦ requirements. Under the manufacturing trend of ODM, in addition that the trades shall continue taking consideration of the original factors of low cost and high quality, factors like the launch time of products, the speed of delivery date and the satisfaction degree of the customers¡¦ requirements have even become the key ones if the enterprises can maintain their competitiveness. Therefore, the enterprise have to make the products design and production operation more flexible so as to accommodate in time with the markets and also conform to the gradually promoted ODM requirements from the markets and continue enhancing ¡§Time-to-Customer¡¨ capability so as to meet and conform to the developing tendency of enterprises¡¦ globalization. Nevertheless, in the current environment of product¡¦s life cycle¡¦s shortening and the uncertain customers¡¦ requirements uncertain, engineering change has then become one considerably important operation of the enterprise in high technology industry. In order to exactly conform to the requirements from the customers and the markets, in each stage of the whole product life cycle whatever in development, samples delivery, production and even the products being sent to the customers may require the demand of engineering change. Consequently, the engineering change is required to have enough emergency dealing capability to ensure the quality, results and the accomplishment of requirements of the products. Only in this way the enterprise shall establish itself in an unassailable position. The purpose of the study is to provide with the management operation procedure of the engineering change suitable for the domestic enterprises by conferring ways of information process and organization process design. First, after it has conferred the products R&D design process or development operation process, it further proposes the corresponding operation strategy, operation process analysis of the industry and applies information technology to achieve the characteristics of the engineering change according to the research result of the academy¡¦s documents. By the control organization of the engineering change and the establishment of the stratum framework, the conclusion of the job duties of the organization and the design of the handling operation process of the engineering change handling, it can control the proposal, dealing, and implement of the engineering change. Taking a case company for example, it has employed the conclusion and suggestion it has obtained by carrying our the analysis and how to apply information technology to implement the engineering change management separately in object to the operation modes to be provided as the reference for the TFT LCD industry in Taiwan to proceed the procedure design while the engineering change management is carried out. Keywords: Engineering Change, Information flow, Organizational Process

Engineering Change

Information Flow

Organizational Process

Information flow security - models, verification and schedulers

Zhang, Chenyi, Computer Science & Engineering, Faculty of Engineering, UNSW

January 2009

Information flow security concerns how to protect sensitive data in computer systems by avoiding undesirable flow of information between the users of the systems. This thesis studies information flow security properties in state-based systems, dealing in particular with modelling and verification methods for asynchronous systems and synchronous systems with schedulers. The aim of this study is to provide a foundational guide to ensure confidentiality in system design and verification. The thesis begins with a study of definitions of security properties in asynchronous models. Two classes of security notions are of particular interest. Trace-based properties disallow deductions of high security level secrets from low level observation traces. Bisimulation-based properties express security as a low-level observational equivalence relation on states. In the literature, several distinct schools have developed frameworks for information flow security properties based on different semantic domains. One of the major contributions of the thesis is a systematic study that compares security notions, using semantic mappings between two state-based models and a particular process algebraic model. An advantage of state-based models is the availability of well-developed verification methods and tools for functional properties in finite state systems. The thesis investigates the application of these methods to the algorithmic verification of the information flow security properties in the asynchronous settings. The complexity bounds for verifying these security properties are given as polynomial time for the bisimulation-based properties and polynomial space complete for the trace-based properties. Two heuristics are presented to benefit the verifications of the properties in practice. Timing channels are one of the major concerns in the computer security community, but are not captured in asynchronous models. In the final part of the thesis, a new system model is defined that deals with timing and scheduling. A group of novel security notions, including both trace-based and bisimulation-based properties, are proposed in this new model. It is further investigated whether these security properties are preserved by refinement of schedulers and scheduler implementations. A case study of a multi- evel secure file server is described, which applies a number of access control rules to enforce a particular bisimulation-based property in the synchronous setting.

Information flow

Formal methods

Security

Noninterference

An infrastructure for integrated document management

Chadha, Mandhir

22 October 2009

see document / Master of Science

information flow

LD5655.V851 1995.C433

Wireless communication and computing at the construction jobsite

Gagnon, Jason S.

18 September 2008

This thesis explores the information flow at a construction site and examines how wireless communication technology can meet these information needs. The construction industry is dynamic. Therefore, traditional methods of communication have limited applicability to a construction jobsite. However, the advances in the wireless communication field are making that form of communication a viable option for the construction jobsite. The information flow models in some other industries are examined as point of comparison with the construction industry. People in the construction industry can learn what information transmission methods have worked in other industries. Also, much can be learned from other industries that have already embraced wireless technology into their workplace. An articulation of information needs at a construction jobsite is made. A large refinery that is under construction in Houston, Texas was the primary a source for articulating the information needs at a construction site. A detailed summary of a data reconnaissance visit to this project is included. A methodology for identifying determining the applicability of different formats of wireless technology for a set of information needs is included. A second methodology for identifying and classifying information needs by a given company is also included. Finally, two examples of how to use these methodologies are presented. / Master of Science

Information flow

LD5655.V855 1996.G346

Restricting information flow in security APIs via typing

Keighren, Gavin

January 2014

Security APIs are designed to enable the storage and processing of confidential data without that data becoming known to individuals who are not permitted to obtain it, and are central to the operation of Automated Teller Machines (ATM) networks, Electronic Point of Sale (EPOS) terminals, set-top boxes for subscription-based TV, pre-payment utility meters, and electronic ticketing for an increasing number of public transport systems (e.g., Oyster in London). However, since the early 2000s, it has become clear that many of the security APIs in widespread use contain subtle flaws which allow malicious individuals to subvert the security restrictions and obtain confidential data that should be protected. In this thesis, we attempt to address this problem by presenting a type system in which specific security properties are guaranteed to be enforced by security APIs that are well-typed. Since type-checking is a form of static analysis, it does not suffer from the scalability issues associated with approaches that simulate interactions between a security API and one or more malicious individuals. We also show how our type system can be used to model an existing security API and provide the same guarantees of security that the API authors proved it upholds. This result follows directly from producing a well-typed implementation of the API, and demonstrates how our type system provides security guarantees without requiring additional API-specific proofs.

005.8

Brister inom processbaserade informationsflöden : En undersökning av informationsbrister och hur dessa påverkar informationsflödet inom processer

Yesilkayali, Aydin Sergen

January 2016

Industries consists of processes where hundreds of products are produced every day. This means that small flaws within the flow of the information or process can show up relatively fast. This creates an interesting question: how different forms of information flaws can affect processes. A few previous studies have been conducted regarding this area. This purpose of this study is to research the different forms of information flaws that can affect a flow of information between two processes. An information and process map has been created through a case study at Kubal. The researched process has been the flow of material between two processes. The conclusions of this research has been that the information flow between processes has to be tied together in every area, so that every relevant process owner is aware of the whole process. Failure to do so implies that the flow of information works sub-optimally. Another important point is to be consistent with what system is being used; lack of certain functions within a system generates additional systems that acts as complements to the main system, which implies that another problem arises within the flow of information / Industrier består av processer där hundratals produkter produceras per dag. Detta betyder att små brister inom process- eller informationsflödet ger stora utslag relativt snabbt. Detta gör att en intressant frågeställning uppstår: hur olika former av informationsbrister påverkar processer. Ett fåtal tidigare studier diskuterar detta problem. Syftet med denna studie är att undersöka hur olika former av informationsbrister kan påverka ett informationsflöde mellan två processer. En informations- och processkartläggning har skett genom en fallstudie på Kubal. Den undersökta processen har varit det materialflödet mellan två processer. De slutsatser som tagits fram är att informationsflödet inom processer måste knytas på en generell nivå, så att alla relevanta delprocessägare är med inom flödet. Misslyckandet av att motverka detta leder till att informationsflödet agerar suboptimalt. En annan viktig punkt är att vara konsistent med de system som används; funktionsbrister inom dessa system leder till att ytterligare system genereras för att agera som komplement, vilket implicerar ytterligare problem inom informationsflödet.

Process

information

modelling

information flow.

Processer

information

kartläggning

informationsflöde.