Information Security Research
|
|
- Rosamond Page
- 8 years ago
- Views:
Transcription
1 Information Security Research at the Department of Information Systems (Lehrstuhl für Wirtschaftsinformatik I) University of Regensburg, Germany Prof. Dr. Günther Pernul www-ifs.uni-r.de As of spring 2015 the chair consists of 11 full time researchers, 2 full time supporting personnel, 3 external lecturers, and 8-10 graduate students working on part time contracts. In addition, the chair is engaged in the spin-off Nexis GmbH 1, a SME active in identity and access governance, and is one of the founding members of the Bavarian cluster in IT-Security 2. This cluster is a network of competence of more than 50 firms active in IT security. In addidtion the chair is coordinating the FORSEC research alliance ( ) aiming on integrating research on the security of highly connected it-systems and performed at 4 major Bavarian Universities. Our work group s main research focus lies on application-oriented, project-based, as well as on basic research in information systems and information security. In its broadest sense, the focus can be characterized by researching the analysis, modeling, design, and reliable and secure use of state-of-theart information systems in different application areas. Most of our research is supported by external funds, provided for example by industry, federal resources or by the European Commission under its research framework programs. Currently active research topics The following paragraphs introduce the topics that our group is actively researching at the time of writing of this report. Big Data (Storage, Governance, Management) and Visual Analytics We are currently living in the age of big data which is driven by high-volume, high-variety and high-velocity data-assets that could be used to extract useful information and to derive insights. But big data not only comes with great opportunities for enhanced decision making and the realization of innovative business models, but also with manifold challenges for the efficient governance and management of this data. Thereby, one major aspect is the management of data storage with regard to varying information security requirements and costs while considering the strategic value of these data-assets. As some data are more valuable than others, e.g. when containing company secrets, or more sensitive due to a lot of personally identifiable information (PII), some storage locations might be more appropriate for storing specific data than others. Additionally, some storage locations might involve more risk than others, e.g. because of varying protection mechanisms or different geographical regions, which might be subject to disparate data protection standards and regulations. Storage of certain information can also be contractually regulated, that is data is only allowed to be stored in a specific legal sphere with suitable Summary Information Security Research, G. Pernul, Autumn
2 data protection laws. In general, data storage has a large share in IT expenses. Thus potentially valuable or sensitive data might be stored on premium storage while less valuable or sensitive data could also adequately be stored on cheaper storage. As the management of big data is both complex and costly our research in this domain is directed to solutions for the efficient management of big data storage which includes security, privacy and economical aspects. An ideal approach for tackling these issues is the use of visual analytics which aim at providing the perfect combination of humans perceptual and cognitive abilities and automated computational analyses. By using interactive visual interfaces, decision makers as well as end users are put into position to intuitively plan and accomplish data storage in big data settings. Visualizing the costs and risks of data storage locations in addition to information on data value and sensitivity puts decision makers in a position to efficiently manage big data storage. Trust Management Trust is an important mechanism for risk perception and has therefore been identified to be a key factor for the success of various electronic environments and platforms, such as online marketplaces and peerto-peer networks. Unlike traditional face-to-face transactions, electronic transactions are carried out between strangers whose trustworthiness is unknown. The quality of products, services or information provided can mostly not be verified ex ante. Thus, actors face high risks. Our research addresses soft security mechanisms to establish trust in these environments such as reputation systems and recommender systems. Typically, transaction partners are encouraged to leave feedback (numerical ratings or textual reviews) after each transaction denoting their satisfaction. Reputation systems collect all evidence, aggregate the referrals and give an overview of past behavior in a reputation profile. While a lot of research has been carried out on computation methods to make reputation systems more accurate and robust against attacks, current systems have become quite nontransparent. Thus, our research focusses on enhancing transparency of reputation systems and involve the user in the computation process by providing an interactive visual representation of seller reputation profiles. We, thereto, make use of visual analytics. Recommender systems are used to address the problem of information overload by determining those items of a platform (e.g. movies, books, news articles) that a particular user will likely be interested in. Just like reputation systems, they are also based on ratings. The main difference between these two types of systems is that the ratings in reputation systems are supposed to be insensitive to taste whereas the ratings in recommender systems are highly dependent on the preferences of the user. Our research efforts in this domain particularly focus on trust-based (or trust-enhanced) recommender systems, which utilize trust values and trust networks to overcome certain drawbacks of traditional recommender systems. For instance, recent proposals have shown to be able to mitigate the user cold start problem (i.e. providing recommendations to a user who has provided only few information about her preferences through ratings) and to facilitate the detection of manipulations. Major parts of our work are carried out within the Bavarian research association FORSEC, which focuses on security in highly connected IT systems. Our subproject, in particular, is concerned with Next Generation Online Trust. Summary Information Security Research, G. Pernul, Autumn
3 Identity and Access Management (IdM) We are primarily interested in IdM in closed environments, such as for large organizations and enterprises (in-house IdM). Basic research focuses on the analysis of the importance of IdM and role-based access controls for large corporative systems. Effectively managing user access to sensitive applications and data is one of the biggest security challenges organizations are facing today. A typical large organization manages millions of user accesses, spread across thousands of IT resources, users and privileges. Both quality of identity data and management of user roles as a central building block of IdM Infrastructures have become an important topic for most large and medium-sized companies. On the one hand organizations have to ensure high data quality of their managed digital identities while on the other hand accurately managing role and group information has become critical for securely managing enterprise operations and resources. Besides the usage of statistical analysis and neural networks for cleansing existing identity data, another concern of our research is investigating a structured process for defining proper role structure for an organization. This includes the analysis of existing role development methodologies, practical state-ofthe-art solutions, and their shortcomings. The definition of valid roles is the most challenging task before achieving the benefits of role usage. Current approaches address only parts of the role development problem. They either deal with the mapping of business functions to access privileges, neglecting the current situation within a company, or apply data mining techniques to derive permission bundles as role candidates based on existing identity information and access rights. Output of our research is a hybrid and tool-supported role development methodology ( HyDRo Hybrid Development of Roles). HyDRo integrates organizational and operational structures as well as already existing access rights in an iterative manner. Data mining technologies and other automated analysis techniques for data cleansing and the discovery of role candidates play a major role in the execution of HyDRo. The methodology itself is supported by the controle software as a role development tool. Thereby HyDRo overcomes another drawback of existing RDMs as it provides tool-support throughout the process of role definition, essentially offering organizations the chance to streamline and control the role development project during all phases. Additionally, new research concentrated on the management of roles after an initial deployment. An overall model for a structured process for these so called role model optimizations, the Role Opimization Process Model (ROPM) has been proposed and its applicability has been shown in a large scale industry project. Further research comprises quality issues in IdM in general and specifically in roles, in order to ensure a high quality IdM-infrastructure that can be managed with more ease and lower cost. Hence, for a better decision-making in role improvement, role quality metrics in role mining algorithms have been discovered, extracted and aggregated. We further argue, that traditional approaches for authorization and access control in computer systems (i.e., discretionary, mandatory, and role-based access controls) are not appropriate to address the requirements of highly flexible networked or distributed systems and that proper authorization and access control requires infrastructural support in one way or another. This support can be provided, for example, by an authentication and authorization infrastructure (AAI). Against this background, we investigate, analyze, discuss, and put into perspective some of the current technologies that can be used to build and operate AAIs. A privilege management infrastructure (PMI) is one step further and able to support a comprehensive authorization service. We are working on new approaches for privilege management by dynamically controlling the users accesses based on exchanging and evaluating general user characteristics, most notable the attribute-based access control model (ABAC). Summary Information Security Research, G. Pernul, Autumn
4 Information Security Risk Management Today, computing is ubiquitous and information systems are interconnected globally. Therefore, the efficiency of modern companies relies heavily on effective operation of information technologies. However, a more dynamic threat environment has to be faced. Targeted and unique attacks, such as Stuxnet and Aurora, are raising. There is a plethora of possible products or scientific solutions available to secure information systems. Therefore, especially when struggling with tight budgets, it is difficult to decide which security measures are necessary and which are not. Managing information security risks, i.e. knowing where information security assets are at risk (identification) and how dangerous these risks could be (estimation), helps companies to invest in a targeted way in order to secure their assets. Risk metrics today, and therefore also decisions based on theses metrics, are often based on estimations and outdated data. Scientists and even some professionals start realizing that sharing risk information is of mutual benefit. As a result, threat repositories, vulnerability databases and honey pot data are available. However, a lot of information seems not to be considered yet. Especially information to define the context of the assets at stake, such as system events, are often not taken into consideration. Therefore, our research group is searching innovative information repositories that can be considered within risk management. We focus on system events to characterize the systems' context, dependencies and states. Moreover, risks are often estimated at constant time intervals, e.g. twice a year. We are working on ways to calculate information system risks dynamically in (near) real time and to inform the persons responsible as soon as an identification of unknown risks is necessary or a risk recalculation might be required. Digital Forensics in Organizations Information security incidents are the most obvious reasons for digital forensic investigations. But, through the ever-increasing penetration of everyday life with digital devices, digital forensic investigations are also needed to solve classic crimes. Within the corporate environment, classic crimes are mostly financial crimes like money laundering, Ponzi schemes or fraud. As the support of enterprises' processes through information systems increases, an investigator gets evermore evidence out of these systems. However, the acquisition of digital evidence from the overall, highly interconnected organizational information system is often complex and cumbersome. While techniques to extract, preserve and analyze data from isolated systems, individual networks or network systems have been discussed within the digital forensics community in the last few years, digital forensic investigations in organizations have been only discussed at less extent. Our research focuses on scientifically proven guidelines and techniques to enable digital forensics within enterprise information system infrastructures as well as on measures to heighten the value of evidence gathered from information systems. With new techniques in this area we also hope to enhance information security incident response. Possible improvements are capabilities, i.e. sound evidence, to prosecute offenders and a faster recovery from incidents due to a better knowledge of damages and impacts through certain attacks. Summary Information Security Research, G. Pernul, Autumn
5 Further competencies In addition to the actively researched topics mentioned above, the chair profits from a host of precursory research results and associated competencies in the following fields. User-centric Privacy Technologies and Privacy in Social Media The rise of social media highlights the importance of enhancing the user-centric privacy and its usability. First generation Privacy-enhancing technologies (PETs) were neither easily understandable nor did they support the user in making an informed decision whether to disclose personal information or not. In addition, keeping track of personal information disclosed to service providers was impossible. Addressing these shortcomings of existing PET solutions, we developed methods for the user-friendly generation of privacy preferences for the controlled disclosure of personal user data and userunderstandable tools that inform users about transactions of personal data using a collaborative approach. A data disclosure log, which involves the recording of personal data transactions and the managing of already submitted data, was a key research result as well. Global Identity Management With a focus on the field of egovernment and especially on those systems that enable the relaying of sensitive personal data within cross-organizational public administration processes, technology drivers (political-legal frameworks (e.g. EU s Data Protection directive, EU s Services Directive, the i2010 Initiative) and newly arising technologies from other varieties of IdM have been applied to global usage scenarios. We further investigated, how already existing IdM systems are able to support global IdM in collaborative cross-border scenarios. Federated Identity Management Federated identity management (FIM), meaning the exchange of identity information across security domains as well as organizational and legal boundaries, has long been a central research topic at the chair. In contrast to identity management in global networks our efforts regarding FIM are limited to closed organization networks. Federations in this case are much more than only exchanging identity information and accessing some partner resources. Contracts and agreements between the collaboration partners must be defined, a kind of federation structure needs to be set up, necessary federation technologies need to be adopted and many more supportive actions need to be taken into account. Secure, efficient and transparent methods for handling these federations have been the main aims of our research in this area. Security Patterns Security Patterns encapsulate expert knowledge about secure systems design similar to the concept of design patterns in software engineering. Our research was focused on applying security patterns and measuring the degree of their implementation with the intent to support the construction of secure software within each phase of the software development process. Our aim was to attach appropriate metrics to security patterns and to develop a methodology to measure the improvement of security by using these patterns. Summary Information Security Research, G. Pernul, Autumn
6 Security Semantics for Business Processes, Compliance and Business Intelligence Our research in this area was committed to finding ways of expressing security semantics in business process models that are sufficiently expressive while preserving the intuitiveness of BPM for most stakeholders. Component Security Services, Semantic, Portal Interfaces The open environment built through today s usage of technologies like SOA and EBS requires strong and reliable security schemes, which still have to be adoptable and easy to deploy. Especially an ESB as an intermediary between services providers and services users opens up interesting potential and is a good place for enforcing security in any given setting. In this area, we covered topics such as distributed security infrastructures and distributed privacy-aware authentication and authorization models, mapping, re-issuing and re-certification of security credentials and trustworthy service discovery and selection. Another area of research was concerned with the implications, SOAs and especially semantic SOAs have on security in software systems. Lastly, security aspects arising from the inclusion of heterogeneous applications into holistic user portals, allowing for the interoperability of individual applications on a user interface level, have been researched as well. Summary Information Security Research, G. Pernul, Autumn
7 Current and recent funded research Bayerisches Staatsministerium für Bildung und Kultus, Wissenschaft und Kunst, EU FP , EU EFRE Structural Funds, Freistaat Bayern, High-Tech-Offensive, EU FP , DAAD: Funding for IPICS in the years EU FP , Contact: Prof. Dr. Günther Pernul Department of Information Systems, University of Regensburg Universitätsstrasse 31 D Regensburg, Germany Tel.: , Fax.: www-ifs.uni-r.de Summary Information Security Research, G. Pernul, Autumn
CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM
CLOUD STORAGE SECURITY INTRODUCTION Gordon Arnold, IBM SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members may use this material
More informationJOURNAL OF OBJECT TECHNOLOGY
JOURNAL OF OBJECT TECHNOLOGY Online at www.jot.fm. Published by ETH Zurich, Chair of Software Engineering JOT, 2008 Vol. 7, No. 8, November-December 2008 What s Your Information Agenda? Mahesh H. Dodani,
More informationStrengthen security with intelligent identity and access management
Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers
More informationSolve your toughest challenges with data mining
IBM Software IBM SPSS Modeler Solve your toughest challenges with data mining Use predictive intelligence to make good decisions faster Solve your toughest challenges with data mining Imagine if you could
More informationIBM's Fraud and Abuse, Analytics and Management Solution
Government Efficiency through Innovative Reform IBM's Fraud and Abuse, Analytics and Management Solution Service Definition Copyright IBM Corporation 2014 Table of Contents Overview... 1 Major differentiators...
More information!!!!! White Paper. Understanding The Role of Data Governance To Support A Self-Service Environment. Sponsored by
White Paper Understanding The Role of Data Governance To Support A Self-Service Environment Sponsored by Sponsored by MicroStrategy Incorporated Founded in 1989, MicroStrategy (Nasdaq: MSTR) is a leading
More informationCompliance & SAP Security. Secure SAP applications based on state-of-the-art user & system concepts. Driving value with IT
Compliance & SAP Security Secure SAP applications based on state-of-the-art user & system concepts Driving value with IT BO Access Control Authorization Workflow Central User Management Encryption Data
More informationBest Practices for Building a Security Operations Center
OPERATIONS SECURITY Best Practices for Building a Security Operations Center Diana Kelley and Ron Moritz If one cannot effectively manage the growing volume of security events flooding the enterprise,
More informationTrust areas: a security paradigm for the Future Internet
Trust areas: a security paradigm for the Future Internet Carsten Rudolph Fraunhofer Institute for Secure Information Technology SIT Rheinstrasse 75, Darmstadt, Germany Carsten.Rudolph@sit.fraunhofer.de
More informationCHAPTER 1 INTRODUCTION
1 CHAPTER 1 INTRODUCTION Exploration is a process of discovery. In the database exploration process, an analyst executes a sequence of transformations over a collection of data structures to discover useful
More informationISSECO Syllabus Public Version v1.0
ISSECO Syllabus Public Version v1.0 ISSECO Certified Professional for Secure Software Engineering Date: October 16th, 2009 This document was produced by the ISSECO Working Party Syllabus Introduction to
More informationThe Principles of Effective Dashboards
The Principles of Effective Dashboards Contents 2 Overview 2 Business problems 3 Business drivers 4 Solution 5 Conclusion Abstract The dashboard has emerged as a business framework to manage and share
More informationC A S E S T UDY The Path Toward Pervasive Business Intelligence at an Asian Telecommunication Services Provider
C A S E S T UDY The Path Toward Pervasive Business Intelligence at an Asian Telecommunication Services Provider Sponsored by: Tata Consultancy Services November 2008 SUMMARY Global Headquarters: 5 Speen
More informationTapping the benefits of business analytics and optimization
IBM Sales and Distribution Chemicals and Petroleum White Paper Tapping the benefits of business analytics and optimization A rich source of intelligence for the chemicals and petroleum industries 2 Tapping
More informationEnterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February 2010 www.alvandsolutions.
Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH White Paper February 2010 www.alvandsolutions.com Overview Today s increasing security threats and regulatory
More informationRoadmapping Discussion Summary. Social Media and Linked Data for Emergency Response
Roadmapping Discussion Summary Social Media and Linked Data for Emergency Response V. Lanfranchi 1, S. Mazumdar 1, E. Blomqvist 2, C. Brewster 3 1 OAK Group, Department of Computer Science University of
More informationSolve Your Toughest Challenges with Data Mining
IBM Software Business Analytics IBM SPSS Modeler Solve Your Toughest Challenges with Data Mining Use predictive intelligence to make good decisions faster Solve Your Toughest Challenges with Data Mining
More informationFIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES
FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES The implications for privacy and security in the emergence of HIEs The emergence of health information exchanges (HIE) is widely
More informationAssociate Prof. Dr. Victor Onomza Waziri
BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,
More informationFujitsu Cloud Integration Platform Lead your business into the cloud
Fujitsu Cloud Integration Platform Lead your business into the cloud Introduce cloud services into your business safely and simply Fujitsu helps deliver value for your organization by making it easy to
More informationThe SEEMP project Single European Employment Market-Place An e-government case study
The SEEMP project Single European Employment Market-Place An e-government case study 1 Scenario introduction Several e-government projects have been developed in the field of employment with the aim of
More informationBrainloop Cloud Security
Whitepaper Brainloop Cloud Security Guide to secure collaboration in the cloud www.brainloop.com Sharing information over the internet The internet is the ideal platform for sharing data globally and communicating
More informationIncident Management & Forensics Working Group. Charter
Incident Management & Forensics Working Group Charter February 2013 2013 Cloud Security Alliance All Rights Reserved All rights reserved. You may download, store, display on your computer, view, print,
More informationCloud security architecture
ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide
More informationIntegrating SAP and non-sap data for comprehensive Business Intelligence
WHITE PAPER Integrating SAP and non-sap data for comprehensive Business Intelligence www.barc.de/en Business Application Research Center 2 Integrating SAP and non-sap data Authors Timm Grosser Senior Analyst
More informationEnterprise Data Quality
Enterprise Data Quality An Approach to Improve the Trust Factor of Operational Data Sivaprakasam S.R. Given the poor quality of data, Communication Service Providers (CSPs) face challenges of order fallout,
More informationIdentity and Access Management
Cut costs. Increase security. Support compliance. www.siemens.com/iam Scenarios for greater efficiency and enhanced security Cost pressure is combining with increased security needs compliance requirements
More informationAPI Architecture. for the Data Interoperability at OSU initiative
API Architecture for the Data Interoperability at OSU initiative Introduction Principles and Standards OSU s current approach to data interoperability consists of low level access and custom data models
More informationAdvanced Analytics. The Way Forward for Businesses. Dr. Sujatha R Upadhyaya
Advanced Analytics The Way Forward for Businesses Dr. Sujatha R Upadhyaya Nov 2009 Advanced Analytics Adding Value to Every Business In this tough and competitive market, businesses are fighting to gain
More informationTechnical Management Strategic Capabilities Statement. Business Solutions for the Future
Technical Management Strategic Capabilities Statement Business Solutions for the Future When your business survival is at stake, you can t afford chances. So Don t. Think partnership think MTT Associates.
More informationInformation Visualization WS 2013/14 11 Visual Analytics
1 11.1 Definitions and Motivation Lot of research and papers in this emerging field: Visual Analytics: Scope and Challenges of Keim et al. Illuminating the path of Thomas and Cook 2 11.1 Definitions and
More informationSelf-Service Business Intelligence
Self-Service Business Intelligence BRIDGE THE GAP VISUALIZE DATA, DISCOVER TRENDS, SHARE FINDINGS Solgenia Analysis provides users throughout your organization with flexible tools to create and share meaningful
More informationBig Data Executive Survey
Big Data Executive Full Questionnaire Big Date Executive Full Questionnaire Appendix B Questionnaire Welcome The survey has been designed to provide a benchmark for enterprises seeking to understand the
More informationTP 7: Identity 3.0 Dynamic Identity and Access Management
TP 7: Identity 3.0 Dynamic Identity and Access Management Michael Kunz Universität Regensburg June 29, 2015 1 Agenda 1. Introduction 2. Identity Data Cleansing 3. Role Development & Optimization 4. Dynamic
More informationA BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper
A BUSINESS CASE FOR BEHAVIORAL ANALYTICS White Paper Introduction What is Behavioral 1 In a world in which web applications and websites are becoming ever more diverse and complicated, running them effectively
More informationPALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management
PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management INTRODUCTION Traditional perimeter defense solutions fail against sophisticated adversaries who target their
More informationRECOMMENDED CHARTER FOR THE IDENTITY ECOSYSTEM STEERING GROUP
RECOMMENDED CHARTER FOR THE IDENTITY ECOSYSTEM STEERING GROUP 1. Identity Ecosystem Steering Group Charter The National Strategy for Trusted Identities in Cyberspace (NSTIC or Strategy), signed by President
More informationWHITEPAPER. Creating and Deploying Predictive Strategies that Drive Customer Value in Marketing, Sales and Risk
WHITEPAPER Creating and Deploying Predictive Strategies that Drive Customer Value in Marketing, Sales and Risk Overview Angoss is helping its clients achieve significant revenue growth and measurable return
More informationCloud Security: The Grand Challenge
Dr. Paul Ashley IBM Software Group pashley@au1.ibm.com Cloud Security: The Grand Challenge Outline Cloud computing: the pros, the cons, the blind spots Security in the cloud - what are the risks now and
More informationOn the Application of Trust and Reputation Management and User-centric Techniques for Identity Management Systems
On the Application of Trust and Reputation Management and User-centric Techniques for Identity Management Systems Ginés Dólera Tormo Security Group NEC Laboratories Europe Email: gines.dolera@neclab.eu
More informationThe NREN s core activities are in providing network and associated services to its user community that usually comprises:
3 NREN and its Users The NREN s core activities are in providing network and associated services to its user community that usually comprises: Higher education institutions and possibly other levels of
More informationMaking critical connections: predictive analytics in government
Making critical connections: predictive analytics in government Improve strategic and tactical decision-making Highlights: Support data-driven decisions using IBM SPSS Modeler Reduce fraud, waste and abuse
More informationINFORMATION TECHNOLOGY STANDARD
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT OF PUBLIC WELFARE INFORMATION TECHNOLOGY STANDARD Name Of Standard: Data Warehouse Standards Domain: Enterprise Knowledge Management Number: Category: STD-EKMS001
More informationlocuz.com Big Data Services
locuz.com Big Data Services Big Data At Locuz, we help the enterprise move from being a data-limited to a data-driven one, thereby enabling smarter, faster decisions that result in better business outcome.
More informationOracle Financial Services Broker Compliance
Oracle Financial Services Broker Compliance Financial institutions with retail, wealth management, and private banking businesses recognize the direct relationship between rigorous compliance processes
More informationHow Does Big Data Change Your Way of Managing Information?
How Does Big Data Change Your Way of Managing Information? A Best-Practices Guide for Data Managers By Erian Laperi, Director Enterprise Data Management and Business Enablement at AT&T How Does Big Data
More informationSTORAGE SECURITY TUTORIAL With a focus on Cloud Storage. Gordon Arnold, IBM
STORAGE SECURITY TUTORIAL With a focus on Cloud Storage Gordon Arnold, IBM SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members
More informationBUSINESS INTELLIGENCE AS SUPPORT TO KNOWLEDGE MANAGEMENT
ISSN 1804-0519 (Print), ISSN 1804-0527 (Online) www.academicpublishingplatforms.com BUSINESS INTELLIGENCE AS SUPPORT TO KNOWLEDGE MANAGEMENT JELICA TRNINIĆ, JOVICA ĐURKOVIĆ, LAZAR RAKOVIĆ Faculty of Economics
More information2010 Data Breach Investigations Report
2010 Data Breach Investigations Report Matthijs van de Wel Managing Principal Forensics EMEA 2010 Verizon. All Rights Reserved. PTE14626 07/10 PROPRIETARY STATEMENT This document and any attached materials
More informationCis330. Mostafa Z. Ali
Fall 2009 Lecture 1 Cis330 Decision Support Systems and Business Intelligence Mostafa Z. Ali mzali@just.edu.jo Lecture 2: Slide 1 Changing Business Environments and Computerized Decision Support The business
More informationOrganizational IT Concepts and SAP Solution Manager. General IT operations and service concepts with SAP Solution Manager. Driving value with IT
Organizational IT Concepts and SAP Solution Manager General IT operations and service concepts with SAP Solution Manager Driving value with IT How SAP customers can benefit from REALTECH s Solution Manager
More informationMaking Critical Connections: Predictive Analytics in Government
Making Critical Connections: Predictive Analytics in Improve strategic and tactical decision-making Highlights: Support data-driven decisions. Reduce fraud, waste and abuse. Allocate resources more effectively.
More informationCourse 803401 DSS. Business Intelligence: Data Warehousing, Data Acquisition, Data Mining, Business Analytics, and Visualization
Oman College of Management and Technology Course 803401 DSS Business Intelligence: Data Warehousing, Data Acquisition, Data Mining, Business Analytics, and Visualization CS/MIS Department Information Sharing
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationGovernment's Adoption of SOA and SOA Examples
Government's Adoption of SOA and SOA Examples Presented by : Ajay Budhraja, Chief of Enterprise Services ME (Engg), MS (Management), PMP, CICM, CSM, ECM (Master) AIIM, ITIL-F Copyright 2008 Ajay Budhraja
More informationViewpoint ediscovery Services
Xerox Legal Services Viewpoint ediscovery Platform Technical Brief Viewpoint ediscovery Services Viewpoint by Xerox delivers a flexible approach to ediscovery designed to help you manage your litigation,
More informationOASIS Open Reputation Management Systems (ORMS) Technical Committee
1 2 OASIS Open Reputation Management Systems (ORMS) Technical Committee 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 Normative Information The name of the TC OASIS
More informationwww.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v8 2-25-14
www.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit (4:30-5:30) Draft v8 2-25-14 Common Myths 1. You have not been hacked. 2. Cyber security is about keeping the
More informationWHITEPAPER. How to Credit Score with Predictive Analytics
WHITEPAPER How to Credit Score with Predictive Analytics Managing Credit Risk Credit scoring and automated rule-based decisioning are the most important tools used by financial services and credit lending
More informationIBM Software IBM Business Process Management Suite. Increase business agility with the IBM Business Process Management Suite
IBM Software IBM Business Process Management Suite Increase business agility with the IBM Business Process Management Suite 2 Increase business agility with the IBM Business Process Management Suite We
More informationA Near Real-Time Personalization for ecommerce Platform Amit Rustagi arustagi@ebay.com
A Near Real-Time Personalization for ecommerce Platform Amit Rustagi arustagi@ebay.com Abstract. In today's competitive environment, you only have a few seconds to help site visitors understand that you
More informationThe State of Insurance Fraud Technology. A study of insurer use, strategies and plans for anti-fraud technology
The State of Insurance Fraud Technology A study of insurer use, strategies and plans for anti-fraud technology September 2014 The State of Insurance Fraud Technology A study of insurer use, strategies
More informationBEYOND THE EHR MEANINGFUL USE, CONTENT MANAGEMENT AND BUSINESS INTELLIGENCE
WHITE PAPER BEYOND THE EHR MEANINGFUL USE, CONTENT MANAGEMENT AND BUSINESS INTELLIGENCE By Richard Nelli, Senior Vice President and Chief Technical Officer, Streamline Health PAGE 2 EXECUTIVE SUMMARY When
More informationwww.ducenit.com Analance Data Integration Technical Whitepaper
Analance Data Integration Technical Whitepaper Executive Summary Business Intelligence is a thriving discipline in the marvelous era of computing in which we live. It s the process of analyzing and exploring
More informationInterim Threat / Risk Assessment. Student E- Communications Outsourcing Project
Interim Threat / Risk Assessment Student E- Communications Outsourcing Project Martin Loeffler Information Security, I+TS Creation Date: Version 1.0 June 24, 2010 Last Updated: Version 2.0 July 6, 2010
More informationVirtualization s Evolution
Virtualization s Evolution Expect more from your IT solutions. Virtualization s Evolution In 2009, most Quebec businesses no longer question the relevancy of virtualizing their infrastructure. Rather,
More informationAnatomy of a Decision
research@bluehillresearch.com @BlueHillBoston 617.624.3600 Anatomy of a Decision BI Platform vs. Tool: Choosing Birst Over Tableau for Enterprise Business Intelligence Needs What You Need To Know The demand
More informationCPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS
CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Recommended Practice: Configuring and Managing Remote Access
More informationPrivacy and Identity Management for Europe
Privacy and Identity Management for Europe Pierangela Samarati Università degli Studi di Milano Milan, Italy samarati@dti.unimi.it Page 1 Vision and Objectives Users disclose vast amounts of personal information
More informationJOURNAL OF OBJECT TECHNOLOGY
JOURNAL OF OBJECT TECHNOLOGY Online at www.jot.fm. Published by ETH Zurich, Chair of Software Engineering JOT, 2009 Vol. 8, No. 7, November - December 2009 Cloud Architecture Mahesh H. Dodani, IBM, U.S.A.
More informationData Mining Analysis of a Complex Multistage Polymer Process
Data Mining Analysis of a Complex Multistage Polymer Process Rolf Burghaus, Daniel Leineweber, Jörg Lippert 1 Problem Statement Especially in the highly competitive commodities market, the chemical process
More informationWhitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff
Whitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff The Challenge IT Executives are challenged with issues around data, compliancy, regulation and making confident decisions on their business
More informationHealthcare, transportation,
Smart IT Argus456 Dreamstime.com From Data to Decisions: A Value Chain for Big Data H. Gilbert Miller and Peter Mork, Noblis Healthcare, transportation, finance, energy and resource conservation, environmental
More informationImpact of Cybersecurity Innovations in Key Sectors (Technical Insights)
Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Customized cybersecurity measures help overcome Industry specific challenges September 2014 Table of Contents Section Slide Number
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationThe following is intended to outline our general product direction. It is intended for informational purposes only, and may not be incorporated into
The following is intended to outline our general product direction. It is intended for informational purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any
More informationCreative Shorts: The business value of Release Management
Creative Shorts: The business value of Release Management Quality management for deployment and delivery A Creative Intellect Consulting Shorts Report Series (ALM) In this report, from our Creative Shorts
More informationAccenture Cyber Security Transformation. October 2015
Accenture Cyber Security Transformation October 2015 Today s Presenter Antti Ropponen, Nordic Cyber Defense Domain Lead Accenture Nordics Antti is a leading consultant in Accenture's security consulting
More informationTRENDS IN THE DEVELOPMENT OF BUSINESS INTELLIGENCE SYSTEMS
9 8 TRENDS IN THE DEVELOPMENT OF BUSINESS INTELLIGENCE SYSTEMS Assist. Prof. Latinka Todoranova Econ Lit C 810 Information technology is a highly dynamic field of research. As part of it, business intelligence
More informationA Guide Through the BPM Maze
A Guide Through the BPM Maze WHAT TO LOOK FOR IN A COMPLETE BPM SOLUTION With multiple vendors, evolving standards, and ever-changing requirements, it becomes difficult to recognize what meets your BPM
More informationperspective Progressive Organization
perspective Progressive Organization Progressive organization Owing to rapid changes in today s digital world, the data landscape is constantly shifting and creating new complexities. Today, organizations
More informationChapter 5 Business Intelligence: Data Warehousing, Data Acquisition, Data Mining, Business Analytics, and Visualization
Turban, Aronson, and Liang Decision Support Systems and Intelligent Systems, Seventh Edition Chapter 5 Business Intelligence: Data Warehousing, Data Acquisition, Data Mining, Business Analytics, and Visualization
More informationCLOUD COMPUTING SECURITY ISSUES
CLOUD COMPUTING SECURITY ISSUES Florin OGIGAU-NEAMTIU IT Specialist The Regional Department of Defense Resources Management Studies, Brasov, Romania The term cloud computing has been in the spotlights
More informationFRAUNHOFER INSTITUTE FOR EXPERIMENTAL SOFTWARE ENGINEERING IESE VARIATION MANAGEMENT: USER EXPERIENCE FOR EFFICIENCY IN PROVIDING SOLUTIONS
FRAUNHOFER INSTITUTE FOR EXPERIMENTAL SOFTWARE ENGINEERING IESE VARIATION MANAGEMENT: USER EXPERIENCE FOR EFFICIENCY IN PROVIDING BUSINESS CUSTOMIZED APPLICATIONS SOLUTIONS 2 Do you need to develop variation-rich
More informationManaging Cloud Services in the Enterprise The Value of Cloud Services Brokers
Whitepaper: Managing Cloud Services in the Enterprise The Value of Cloud Services Brokers Whitepaper: Managing Cloud Services in the Enterprise 2 The cloud has revolutionized the way businesses operate
More informationCloud Computing: Legal Risks and Best Practices
Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent
More informationSolve your toughest challenges with data mining
IBM Software Business Analytics IBM SPSS Modeler Solve your toughest challenges with data mining Use predictive intelligence to make good decisions faster 2 Solve your toughest challenges with data mining
More informationHIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT
HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.
More informationSummary Report Report # 1. Security Challenges of Cross-Border Use of Cloud Services under Special Consideration of ENISA s Contributions
Summary Report Report # 1 Security Challenges of Cross-Border Use of Cloud Services under Special Consideration of ENISA s Contributions COINS Summer School 2015 on Could Security Prepared by: Nabeel Ali
More informationCloud and Big Data Standardisation
Cloud and Big Data Standardisation EuroCloud Symposium ICS Track: Standards for Big Data in the Cloud 15 October 2013, Luxembourg Yuri Demchenko System and Network Engineering Group, University of Amsterdam
More informationwww.sryas.com Analance Data Integration Technical Whitepaper
Analance Data Integration Technical Whitepaper Executive Summary Business Intelligence is a thriving discipline in the marvelous era of computing in which we live. It s the process of analyzing and exploring
More informationEmbedding Knowledge Processes to Maintain Service Levels and Efficiency in a Growing Software Service Firm
echallenges e-2013 Conference Proceedings Paul Cunningham and Miriam Cunningham (Eds) IIMC International Information Management Corporation, 2013 ISBN: 978-1-905824-40-3 Embedding Knowledge Processes to
More informationCISM ITEM DEVELOPMENT GUIDE
CISM ITEM DEVELOPMENT GUIDE Updated January 2015 TABLE OF CONTENTS Content Page Purpose of the CISM Item Development Guide 3 CISM Exam Structure 3 Writing Quality Items 3 Multiple-Choice Items 4 Steps
More informationKnowledgeSEEKER Marketing Edition
KnowledgeSEEKER Marketing Edition Predictive Analytics for Marketing The Easiest to Use Marketing Analytics Tool KnowledgeSEEKER Marketing Edition is a predictive analytics tool designed for marketers
More informationCA Technologies Healthcare security solutions:
CA Technologies Healthcare security solutions: Protecting your organization, patients, and information agility made possible Healthcare industry imperatives Security, Privacy, and Compliance HITECH/HIPAA
More informationIntelligent Agents The New perspective Enhancing Network Security
Intelligent Agents The New perspective Enhancing Network Security Krystian Baniak 24 October 2007 Agenda Introduction Intelligent Agent Based Systems Agent Reinforced Reasoning Research description Law
More informationBringing Sustainable Privacy and Identity Management to Future Networks and Services
Bringing Sustainable Privacy and Identity Management to Future Networks and Services QuickTime and a decompressor are needed to see this picture. 1 A research project funded by the European Commission
More informationMaster Data Management
Master Data Management Managing Data as an Asset By Bandish Gupta Consultant CIBER Global Enterprise Integration Practice Abstract: Organizations used to depend on business practices to differentiate them
More informationData Governance. Unlocking Value and Controlling Risk. Data Governance. www.mindyourprivacy.com
Data Governance Unlocking Value and Controlling Risk 1 White Paper Data Governance Table of contents Introduction... 3 Data Governance Program Goals in light of Privacy... 4 Data Governance Program Pillars...
More information