Automated Discovery of Structured Process Models: Discover Structured vs. Discover and Structure

This paper addresses the problem of discovering business process models from event logs. Existing approaches to this problem strike various tradeoffs between accuracy and understandability of the discovered models. With respect to the second criterion, empirical studies have shown that block-structured process models are generally more understandable and less error-prone than unstructured ones. Accordingly, several automated process discovery methods generate block-structured models by construction. These approaches however intertwine the concern of producing accurate models with that of ensuring their structuredness, sometimes sacrificing the former to ensure the latter. In this paper we propose an alternative approach that separates these two concerns. Instead of directly discovering a structured process model, we first apply a well-known heuristic technique that discovers more accurate but sometimes unstructured (and even unsound) process models, and then transform the resulting model into a structured one. An experimental evaluation shows that our “discover and structure” approach outperforms traditional “discover structured” approaches with respect to a range of accuracy and complexity measures.

Governance of enterprise Information and Technology: A new core competency for boards of directors

With the level of digital disruption that is affecting businesses around the globe, you might expect high levels of Governance of Enterprise Information and Technology (GEIT) capability within boards. Boards and their senior executives know technology is important. More than 90% of boards and senior executives currently identify technology as essential to their current businesses, and to their organization’s future. But as few as 16% have sufficient GEIT capability. Global Centre for Digital Business Transformation’s recent research contains strong indicators of the need for change. Despite board awareness of both the likelihood and impact of digital disruption, things digital are still not viewed as a board-level matter in 45% of companies. And, it’s not just the board. The lack of board attention to technology can be mirrored at senior executive level as well. When asked about their organization’s attitude towards digital disruption, 43% of executives said their business either did not recognise it as a priority or was not responding appropriately. A further 32% were taking a “follower” approach, a potentially risky move as we will explain. Given all the evidence that boards know information and technology (I&T***) is vital, that they understand the inevitably, impact and speed of digital change and disruption, why are so many boards dragging their heels? Ignoring I&T disruption and refusing to build capability at board level is nothing short of negligence. Too many boards risk flying blind without GEIT capability [2]. To help build decision quality and I&T governance capability, this research: • Confirms a pressing need to build individual competency and cumulative, across-board capability in governing I&T • Identifies six factors that have rapidly increased the need, risk and urgency • Finds that boards may risk not meeting their duty of care responsibilities when it comes to I&T oversight • Highlights barriers to building capability details three GEIT competencies that boards and executives can use for evaluation, selection, recruitment and professional development.

Leading Digital Transformation: Building Technology and Information Governance Capability in Boards of Directors and the C-Suite

Information and technology and its use in organisation transformation presents unprecedented opportunities and risks. Increasingly, the Governance of Enterprise Information and Technology (GEIT) competency in the board room and executive is needed. Whether your organization is small or large, public, private or not for profit or whether your industry is not considered high-tech, IT is impacting your sector – no exceptions. But there is a skill shortage in boards: GEIT capability is concerningly low. This capability is urgently needed across the board, including those directors who come from finance, legal, marketing, operations and HR backgrounds. Digital disruption also affects all occupations. Putting in place a vision will help ensure emergency responses will meet technology-related duty of care responsibilities. When GEIT-related forward thinking and planning is carried out at the same time that you put your business strategy and plan in place, your organization has a significantly increased chance of not only surviving, but thriving into the future. Those organizations that don’t build GEIT capability risk joining the growing list of once-leading firms left behind in the digital ‘cloud of smoke’. Those organizations that do will be better placed to reap the benefits and hedge against the risks of a digital world. This chapter provides actionable, research-based considerations and processes for boards to use, to build awareness, knowledge and skills in governing technology-related organization strategy, risk and value creation.

SKMA - A Key Management Architecture for SCADA Systems

Supervisory Control And Data Acquisition (SCADA) systems are widely used in the management of critical infrastructure such as electricity and water distrubution systems. Currently there is little understanding of how to best protect SCADA systems from malicious attacks. We review the constraints and requirements for SCADA security and propose a suitable architecture (SKMA) for secure SCADA communications. The architecture includes a proposed key management protocol (SKMP). We compare the architecture with a previous proposal from Sandia Labs.

Urban management revolution : intelligent management systems for ubiquitous cities

A successful urban management support system requires an integrated approach. This integration includes bringing together economic, socio-cultural and urban development with a well orchestrated transparent and open decision making mechanism. The paper emphasises the importance of integrated urban management to better tackle the climate change, and to achieve sustainable urban development and sound urban growth management. This paper introduces recent approaches on urban management systems, such as intelligent urban management systems, that are suitable for ubiquitous cities. The paper discusses the essential role of online collaborative decision making in urban and infrastructure planning, development and management, and advocates transparent, fully democratic and participatory mechanisms for an effective urban management system that is particularly suitable for ubiquitous cities. This paper also sheds light on some of the unclear processes of urban management of ubiquitous cities and online collaborative decision making, and reveals the key benefits of integrated and participatory mechanisms in successfully constructing sustainable ubiquitous cities.

Five case studies applying soft systems methodology to knowledge management

Construction projects are faced with a challenge that must not be underestimated. These projects are increasingly becoming highly competitive, more complex, and difficult to manage. They become problems that are difficult to solve using traditional approaches. Soft Systems Methodology (SSM) is a systems approach that is used for analysis and problem solving in such complex and messy situations. SSM uses “systems thinking” in a cycle of action research, learning and reflection to help understand the various perceptions that exist in the minds of the different people involved in the situation. This paper examines the benefits of applying SSM to problems of knowledge management in construction project management, especially those situations that are challenging to understand and difficult to act upon. It includes five case studies of its use in dealing with the confusing situations that incorporate human, organizational and technical aspects.

Research Monograph: Managing ubiquitous eco cities: telecommunication infrastructure networks, technology convergence and intelligent urban management systems

Efficient and effective urban management systems for Ubiquitous Eco Cities require having intelligent and integrated management mechanisms. This integration includes bringing together economic, socio-cultural and urban development with a well orchestrated, transparent and open decision making mechanism and necessary infrastructure and technologies. In Ubiquitous Eco Cities telecommunication technologies play an important role in monitoring and managing activities over wired, wireless or fibre-optic networks. Particularly technology convergence creates new ways in which the information and telecommunication technologies are used and formed the back bone or urban management systems. The 21st Century is an era where information has converged, in which people are able to access a variety of services, including internet and location based services, through multi-functional devices such as mobile phones and provides opportunities in the management of Ubiquitous Eco Cities. This research paper discusses the recent developments in telecommunication networks and trends in convergence technologies and their implications on the management of Ubiquitous Eco Cities and how this technological shift is likely to be beneficial in improving the quality of life and place of residents, workers and visitors. The research paper reports and introduces recent approaches on urban management systems, such as intelligent urban management systems, that are suitable for Ubiquitous Eco Cities.

Intelligent urban management systems : online decision support systems for ubiquitous cities

A successful urban management support system requires an integrated approach. This integration includes bringing together economic, socio-cultural and urban development with a well orchestrated, transparent and open decision making mechanism. The chapter emphasizes the importance of integrated urban management to better tackle the climate change, and to achieve sustainable urban development and sound urban growth management. This chapter introduces recent approaches on urban management systems, such as intelligent urban management systems, that are suitable for ubiquitous cities. The chapter discusses the essential role of online collaborative decision making in urban and infrastructure planning, development and management, and advocates transparent, fully democratic and participatory mechanisms for an effective urban management system that is particularly suitable for ubiquitous cities. This chapter also sheds light on some of the unclear processes of urban management of ubiquitous cities and online collaborative decision making, and reveals the key benefits of integrated and participatory mechanisms in successfully constructing sustainable ubiquitous cities.

Systems-based accident analysis in the led outdoor activity domain : application and evaluation of a risk management framework

Safety-compromising accidents occur regularly in the led outdoor activity domain. Formal accident analysis is an accepted means of understanding such events and improving safety. Despite this, there remains no universally accepted framework for collecting and analysing accident data in the led outdoor activity domain. This article presents an application of Rasmussen's risk management framework to the analysis of the Lyme Bay sea canoeing incident. This involved the development of an Accimap, the outputs of which were used to evaluate seven predictions made by the framework. The Accimap output was also compared to an analysis using an existing model from the led outdoor activity domain. In conclusion, the Accimap output was found to be more comprehensive and supported all seven of the risk management framework's predictions, suggesting that it shows promise as a theoretically underpinned approach for analysing, and learning from, accidents in the led outdoor activity domain.

The urban water cycle : towards integrated resource management and more sustainable water management systems

The increasing scarcity of water in the world, along with rapid population increase in urban areas, gives reason for concern and highlights the need for integrating water and wastewater management practices. The uncontrolled growth in urban areas has made planning, management and expansion of water and wastewater infrastructure systems very difficult and expensive. In order to achieve sustainable wastewater treatment and promote the conservation of water and nutrient resources, this chapter advocates the need for a closed-loop treatment system approach, and the transformation of the traditional linear treatment systems into integrated cyclical treatment systems. The recent increased understanding of integrated resource management and a shift towards sustainable management and planning of water and wastewater infrastructure are also discussed.

Strengthening and formally verifying privacy in identity management systems

In a digital world, users’ Personally Identifiable Information (PII) is normally managed with a system called an Identity Management System (IMS). There are many types of IMSs. There are situations when two or more IMSs need to communicate with each other (such as when a service provider needs to obtain some identity information about a user from a trusted identity provider). There could be interoperability issues when communicating parties use different types of IMS. To facilitate interoperability between different IMSs, an Identity Meta System (IMetS) is normally used. An IMetS can, at least theoretically, join various types of IMSs to make them interoperable and give users the illusion that they are interacting with just one IMS. However, due to the complexity of an IMS, attempting to join various types of IMSs is a technically challenging task, let alone assessing how well an IMetS manages to integrate these IMSs. The first contribution of this thesis is the development of a generic IMS model called the Layered Identity Infrastructure Model (LIIM). Using this model, we develop a set of properties that an ideal IMetS should provide. This idealized form is then used as a benchmark to evaluate existing IMetSs. Different types of IMS provide varying levels of privacy protection support. Unfortunately, as observed by Jøsang et al (2007), there is insufficient privacy protection in many of the existing IMSs. In this thesis, we study and extend a type of privacy enhancing technology known as an Anonymous Credential System (ACS). In particular, we extend the ACS which is built on the cryptographic primitives proposed by Camenisch, Lysyanskaya, and Shoup. We call this system the Camenisch, Lysyanskaya, Shoup - Anonymous Credential System (CLS-ACS). The goal of CLS-ACS is to let users be as anonymous as possible. Unfortunately, CLS-ACS has problems, including (1) the concentration of power to a single entity - known as the Anonymity Revocation Manager (ARM) - who, if malicious, can trivially reveal a user’s PII (resulting in an illegal revocation of the user’s anonymity), and (2) poor performance due to the resource-intensive cryptographic operations required. The second and third contributions of this thesis are the proposal of two protocols that reduce the trust dependencies on the ARM during users’ anonymity revocation. Both protocols distribute trust from the ARM to a set of n referees (n > 1), resulting in a significant reduction of the probability of an anonymity revocation being performed illegally. The first protocol, called the User Centric Anonymity Revocation Protocol (UCARP), allows a user’s anonymity to be revoked in a user-centric manner (that is, the user is aware that his/her anonymity is about to be revoked). The second protocol, called the Anonymity Revocation Protocol with Re-encryption (ARPR), allows a user’s anonymity to be revoked by a service provider in an accountable manner (that is, there is a clear mechanism to determine which entity who can eventually learn - and possibly misuse - the identity of the user). The fourth contribution of this thesis is the proposal of a protocol called the Private Information Escrow bound to Multiple Conditions Protocol (PIEMCP). This protocol is designed to address the performance issue of CLS-ACS by applying the CLS-ACS in a federated single sign-on (FSSO) environment. Our analysis shows that PIEMCP can both reduce the amount of expensive modular exponentiation operations required and lower the risk of illegal revocation of users’ anonymity. Finally, the protocols proposed in this thesis are complex and need to be formally evaluated to ensure that their required security properties are satisfied. In this thesis, we use Coloured Petri nets (CPNs) and its corresponding state space analysis techniques. All of the protocols proposed in this thesis have been formally modeled and verified using these formal techniques. Therefore, the fifth contribution of this thesis is a demonstration of the applicability of CPN and its corresponding analysis techniques in modeling and verifying privacy enhancing protocols. To our knowledge, this is the first time that CPN has been comprehensively applied to model and verify privacy enhancing protocols. From our experience, we also propose several CPN modeling approaches, including complex cryptographic primitives (such as zero-knowledge proof protocol) modeling, attack parameterization, and others. The proposed approaches can be applied to other security protocols, not just privacy enhancing protocols.