Inspired by the open source software (OSS) movement, Wikipedia has gone further than any OSS project in decentralizing its quality control task. This is seen by many as a fatal flaw. In this short paper, the author try to show that it is rather a shrewd and fertile design choice. First, the author describes the precise way in which Wikipedia is more decentralized than OSS projects. Secondly, the author explains why Wikipedia's quality control can be and must be decentralized. Thirdly, the author show why it is wise for Wikipedia to welcome anonymous amateurs. Finally, the author argue that concerns about Wikipedia's quality and sustainable success have to be tempered by the fact that, as disruptive innovations tend to do, Wikipedia is in the process of redefining the pertinent dimensions of quality and value for general encyclopedias.
{"title":"Learning to Trust the Crowd: Some Lessons from Wikipedia","authors":"F. Olleros","doi":"10.1109/MCETECH.2008.17","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.17","url":null,"abstract":"Inspired by the open source software (OSS) movement, Wikipedia has gone further than any OSS project in decentralizing its quality control task. This is seen by many as a fatal flaw. In this short paper, the author try to show that it is rather a shrewd and fertile design choice. First, the author describes the precise way in which Wikipedia is more decentralized than OSS projects. Secondly, the author explains why Wikipedia's quality control can be and must be decentralized. Thirdly, the author show why it is wise for Wikipedia to welcome anonymous amateurs. Finally, the author argue that concerns about Wikipedia's quality and sustainable success have to be tempered by the fact that, as disruptive innovations tend to do, Wikipedia is in the process of redefining the pertinent dimensions of quality and value for general encyclopedias.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114550008","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With widespread use of the Internet, data is often shared between organizations in B2B networks. Knowledge discovery that integrates data across all sources in a B2B network would be useful to provide a complete view of how the overall network is performing in meeting the needs of consumers. To enable this, business agreements must be in place as well as consumer consent and access controls to ensure compliance with privacy laws. This paper presents a Trusted Data Collection architecture as a legal and technical tool to allow knowledge discovery to take place while ensuring that personal information is safeguarded. A key component in this architecture is a Dataset Registry that defines and registers the datasets that can be shared, accessed, and collected across a B2B network. We propose a data and access control model for the Dataset Registry and illustrate it using an e-health scenario.
{"title":"A Model of Trusted Data Collection for Knowledge Discovery in B2B Networks","authors":"Jun Hu, L. Peyton, C. Turner, H. Bishay","doi":"10.1109/MCETECH.2008.22","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.22","url":null,"abstract":"With widespread use of the Internet, data is often shared between organizations in B2B networks. Knowledge discovery that integrates data across all sources in a B2B network would be useful to provide a complete view of how the overall network is performing in meeting the needs of consumers. To enable this, business agreements must be in place as well as consumer consent and access controls to ensure compliance with privacy laws. This paper presents a Trusted Data Collection architecture as a legal and technical tool to allow knowledge discovery to take place while ensuring that personal information is safeguarded. A key component in this architecture is a Dataset Registry that defines and registers the datasets that can be shared, accessed, and collected across a B2B network. We propose a data and access control model for the Dataset Registry and illustrate it using an e-health scenario.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117105040","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Web services family of standards promotes the interoperability of heterogeneous distributed systems by separating the definition of a service from, 1) its implementation language, 2) its internal data representation, and 3) the communication protocol used to access it. The UDDI standard addresses aspects related to the publication and querying of enterprise business services, but the kind of representation that is supported, and the corresponding queries have limited functionality. We are interested in the problem of querying a UDDI registry with a functional specification of a service, and getting in return a single service, or a composition of services that address the functional need. Existing approaches to Web service composition rely on external semantic knowledge to identify candidate component services. Our approach relies on service signatures (message types). We describe the principles underlying our approach, a family of algorithms for Web service composition, our implementation of these algorithms, and the preliminary experimental results.
{"title":"Signature-Based Composition of Web Services","authors":"A. Alkamari, H. Mili, A. Obaid","doi":"10.1109/MCETECH.2008.34","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.34","url":null,"abstract":"The Web services family of standards promotes the interoperability of heterogeneous distributed systems by separating the definition of a service from, 1) its implementation language, 2) its internal data representation, and 3) the communication protocol used to access it. The UDDI standard addresses aspects related to the publication and querying of enterprise business services, but the kind of representation that is supported, and the corresponding queries have limited functionality. We are interested in the problem of querying a UDDI registry with a functional specification of a service, and getting in return a single service, or a composition of services that address the functional need. Existing approaches to Web service composition rely on external semantic knowledge to identify candidate component services. Our approach relies on service signatures (message types). We describe the principles underlying our approach, a family of algorithms for Web service composition, our implementation of these algorithms, and the preliminary experimental results.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127817911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Hacene, A. Napoli, Petko Valtchev, Y. Toussaint, R. Bendaoud
We propose an approach for semi-automated construction of ontologies from text whose core component is a relational concept analysis (RCA) framework which extends formal concept analysis (FCA), a lattice-theory paradigm for discovering abstractions within objects x attributes tables, to the processing of several sorts of individuals described both by own properties and inter-individual links. As a pre-processing, text analysis is used to transform a document collection into a set of data tables, or contexts, and inter-context relations. RCA then turns these into a set of concept lattices with inter-related concepts. A core ontology is derived from the lattices in a semi-automated manner, by translating relevant lattice elements into ontological concepts and relations, i.e., either taxonomic or transversal ones. The ontology is further refined by abstracting new transversal relations from the initially identified ones using RCA. We discuss as well the results of an application of the method to astronomy texts.
{"title":"Ontology Learning from Text Using Relational Concept Analysis","authors":"M. Hacene, A. Napoli, Petko Valtchev, Y. Toussaint, R. Bendaoud","doi":"10.1109/MCETECH.2008.29","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.29","url":null,"abstract":"We propose an approach for semi-automated construction of ontologies from text whose core component is a relational concept analysis (RCA) framework which extends formal concept analysis (FCA), a lattice-theory paradigm for discovering abstractions within objects x attributes tables, to the processing of several sorts of individuals described both by own properties and inter-individual links. As a pre-processing, text analysis is used to transform a document collection into a set of data tables, or contexts, and inter-context relations. RCA then turns these into a set of concept lattices with inter-related concepts. A core ontology is derived from the lattices in a semi-automated manner, by translating relevant lattice elements into ontological concepts and relations, i.e., either taxonomic or transversal ones. The ontology is further refined by abstracting new transversal relations from the initially identified ones using RCA. We discuss as well the results of an application of the method to astronomy texts.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"222 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114239793","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Johannes Reich Gerbersruhstraße, Wiesloch johannes. reich
In descriptions of loosely coupled process-like interactions of computational systems and especially in the literature on electronic business processes, the protocol notion is often used only informally. However, its complete expressive power becomes effective only with a precise formalization. Based on Holzmann's protocol concept, a formal protocol definition is introduced, providing an inductive definition of the protocol transition relation. The protocol transition relation describes all possible interactions between system components which are formally specified as nondeterministic extended finite input output automata. The formal approach is illustrated by means of a buying selling business interaction. Additionally, it is used to illustrate some semantic shortcomings of the "transaction pattern" approach, which tries to partition process-like interactions into one- and two-way interactions. In the discussion, the "loose" aspect of a protocol based interaction is treated. Motivated by the non-functional system relation defined by a protocol, it is proposed to classify the exchanged information between systems according to their logical relation in documents for (nondeterministic) protocols and I/O parameters for remote function calls.
{"title":"Modelling the Interaction of Distributed Systems as Protocols","authors":"Johannes Reich Gerbersruhstraße, Wiesloch johannes. reich","doi":"10.1109/MCETECH.2008.37","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.37","url":null,"abstract":"In descriptions of loosely coupled process-like interactions of computational systems and especially in the literature on electronic business processes, the protocol notion is often used only informally. However, its complete expressive power becomes effective only with a precise formalization. Based on Holzmann's protocol concept, a formal protocol definition is introduced, providing an inductive definition of the protocol transition relation. The protocol transition relation describes all possible interactions between system components which are formally specified as nondeterministic extended finite input output automata. The formal approach is illustrated by means of a buying selling business interaction. Additionally, it is used to illustrate some semantic shortcomings of the \"transaction pattern\" approach, which tries to partition process-like interactions into one- and two-way interactions. In the discussion, the \"loose\" aspect of a protocol based interaction is treated. Motivated by the non-functional system relation defined by a protocol, it is proposed to classify the exchanged information between systems according to their logical relation in documents for (nondeterministic) protocols and I/O parameters for remote function calls.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"145 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133810947","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Pourshahid, Daniel Amyot, L. Peyton, S. Ghanavati, Pengfei Chen, M. Weiss, A. J. Forster
A number of recent initiatives in both academia and industry have sought to achieve improvements in e- businesses through the utilization of Business Process Management (BPM) methodologies and tools. However there are still some inadequacies that need to be addressed when it comes to achieving alignment between business goals and business processes. The User Requirements Notation (URN) has some unique features and capabilities beyond what is available in other notations that can help address alignment issues. In this paper, a URN-based framework and its supporting toolset are introduced which provide business process monitoring and performance management capabilities integrated across the BPM lifecycle. The framework extends the URN notation with Key Performance Indicators (KPI) and other concepts to measure, and align processes and goals. A healthcare case study is used to illustrate and evaluate the framework. Early results indicate the feasibility of the approach.
{"title":"Toward an Integrated User Requirements Notation Framework and Tool forBusiness Process Management","authors":"A. Pourshahid, Daniel Amyot, L. Peyton, S. Ghanavati, Pengfei Chen, M. Weiss, A. J. Forster","doi":"10.1109/MCETECH.2008.30","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.30","url":null,"abstract":"A number of recent initiatives in both academia and industry have sought to achieve improvements in e- businesses through the utilization of Business Process Management (BPM) methodologies and tools. However there are still some inadequacies that need to be addressed when it comes to achieving alignment between business goals and business processes. The User Requirements Notation (URN) has some unique features and capabilities beyond what is available in other notations that can help address alignment issues. In this paper, a URN-based framework and its supporting toolset are introduced which provide business process monitoring and performance management capabilities integrated across the BPM lifecycle. The framework extends the URN notation with Key Performance Indicators (KPI) and other concepts to measure, and align processes and goals. A healthcare case study is used to illustrate and evaluate the framework. Early results indicate the feasibility of the approach.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123207367","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The purpose of this research project is to consolidate and formalize as ontology, on the basis of an extensive literature review, the key processes and skills required for successful implementation of ERP in an SME. Using the Protege software program, the research identified and formalized 395 terms, each of which has its own definition. Exploitation of this ontology could take multiple and varied forms, including creation of a learning system, an on-line cooperation platform, or a project management process mapping tool contributing to successful use of ERP in SMEs.
{"title":"Implementing ERP in SMEs: Towards an Ontology Supporting Managerial Decisions","authors":"H. Nach, A. Lejeune","doi":"10.1109/MCETECH.2008.11","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.11","url":null,"abstract":"The purpose of this research project is to consolidate and formalize as ontology, on the basis of an extensive literature review, the key processes and skills required for successful implementation of ERP in an SME. Using the Protege software program, the research identified and formalized 395 terms, each of which has its own definition. Exploitation of this ontology could take multiple and varied forms, including creation of a learning system, an on-line cooperation platform, or a project management process mapping tool contributing to successful use of ERP in SMEs.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"76 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126213083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
E-commerce and e-government depend on trustworthy software platforms. Unfortunately, barely a week goes by without the discovery of a "critical" software vulnerability that would give a remote party complete access to a large number of network-attached computers. Considering the rising financial incentives and the immeasurable strategic importance of such vulnerabilities, one should assume that there are parties within commercial software companies that are actively scouting out (and perhaps even inserting) such errors for future exploitation. For various reasons that we touch on briefly, software manufacturers appear to be unwilling to even discuss this possibility. We explain why open-source software development is not a solution, either. We then outline an approach that significantly reduces the problem, even when malicious insiders are part of the software development team. Our approach is based on running several slightly different versions of the same software in parallel on different cores of a multiprocessor. As a beneficial side effect, our method is able to locate actual programming errors.
{"title":"Understanding and Countering Insider Threats in Software Development","authors":"M. Franz","doi":"10.1109/MCETECH.2008.32","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.32","url":null,"abstract":"E-commerce and e-government depend on trustworthy software platforms. Unfortunately, barely a week goes by without the discovery of a \"critical\" software vulnerability that would give a remote party complete access to a large number of network-attached computers. Considering the rising financial incentives and the immeasurable strategic importance of such vulnerabilities, one should assume that there are parties within commercial software companies that are actively scouting out (and perhaps even inserting) such errors for future exploitation. For various reasons that we touch on briefly, software manufacturers appear to be unwilling to even discuss this possibility. We explain why open-source software development is not a solution, either. We then outline an approach that significantly reduces the problem, even when malicious insiders are part of the software development team. Our approach is based on running several slightly different versions of the same software in parallel on different cores of a multiprocessor. As a beneficial side effect, our method is able to locate actual programming errors.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121135427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The demand for web services and applications in cyberspace is hindered by security concerns that are raised by corporate service providers and service users. There are concerns about the trustworthiness of the web services from both sides of the spectrum. Testing web services security is a critical step towards enhancing their trustworthiness. To address these issues, we propose a comprehensive framework for specifying security requirements for web services and web applications. Based on these comprehensive security requirements specifications, formal security test case generation can then be derived and performed. In this paper, we introduce the Security Requirements Behavior Model (SRBM) to help obtaining secure and hence trustworthy web services and applications. Using Firesmith' security requirements categories, the SRBM is based on Sindre's misuse cases, Firesmith's security use cases, and the operational model of computer security.
{"title":"The Security Requirements Behavior Model for Trustworthy Software","authors":"K. Saleh, M. Habil","doi":"10.1109/MCETECH.2008.19","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.19","url":null,"abstract":"The demand for web services and applications in cyberspace is hindered by security concerns that are raised by corporate service providers and service users. There are concerns about the trustworthiness of the web services from both sides of the spectrum. Testing web services security is a critical step towards enhancing their trustworthiness. To address these issues, we propose a comprehensive framework for specifying security requirements for web services and web applications. Based on these comprehensive security requirements specifications, formal security test case generation can then be derived and performed. In this paper, we introduce the Security Requirements Behavior Model (SRBM) to help obtaining secure and hence trustworthy web services and applications. Using Firesmith' security requirements categories, the SRBM is based on Sindre's misuse cases, Firesmith's security use cases, and the operational model of computer security.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128772372","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In wide-enterprise information systems, the same objects play different functional roles during their lifecycle. The development and the distributtion of these functional roles can be realized using one of the aspect oriented software development techniques, in particular view oriented programming (VOP). Generally speaking, views are code fragments, which provide the implementation of different functionalities for the same object domain and theses views can be used as a units for distribution to improve performance issues. Therefore, using VOP encompasses a combination of views, which can be distributed, attached, detached dynamically throughout their object views lifecycle. In this context, an issue has to be addressed when a distributed object offers different views to different clients. A security access problem would be if a client somehow tries to perform an operation of a view, which is not attached by that client. Another issue has to be addressed is to manage views in a transparent way (implicitly) for clients. We propose a dynamic adaptation and security model based on Java security model to deal with theses issues.
{"title":"SecurityViews: A Dynamic Security for View-Oriented Programming","authors":"H. Mcheick, E. Dallaire","doi":"10.1109/MCETECH.2008.23","DOIUrl":"https://doi.org/10.1109/MCETECH.2008.23","url":null,"abstract":"In wide-enterprise information systems, the same objects play different functional roles during their lifecycle. The development and the distributtion of these functional roles can be realized using one of the aspect oriented software development techniques, in particular view oriented programming (VOP). Generally speaking, views are code fragments, which provide the implementation of different functionalities for the same object domain and theses views can be used as a units for distribution to improve performance issues. Therefore, using VOP encompasses a combination of views, which can be distributed, attached, detached dynamically throughout their object views lifecycle. In this context, an issue has to be addressed when a distributed object offers different views to different clients. A security access problem would be if a client somehow tries to perform an operation of a view, which is not attached by that client. Another issue has to be addressed is to manage views in a transparent way (implicitly) for clients. We propose a dynamic adaptation and security model based on Java security model to deal with theses issues.","PeriodicalId":299458,"journal":{"name":"2008 International MCETECH Conference on e-Technologies (mcetech 2008)","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133777794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: