For Inplant/Internship training Request, Please Download the Registration Form, Please fill the details and send back the same to kaashiv.info@gmail.com

Challenges in Cross-Organizational Security Management

KaaShiv InfoTech, Number 1 Inplant Training Experts in Chennai.


IEEE TITLE


Challenges in Cross-Organizational Security Management


IEEE ABSTRACT


Many organizations hoping for cost savings and higher flexibility consider consuming services from service providers or combining such services with services offered organization-internally. Organizations, however, often renounce from the expected advantages due to security and compliance concerns. The key challenges leading to these security and compliance concerns in cross-organizational settings have not yet been discussed elaborately in scholarly literature. However, a thorough understanding of the underlying challenges is necessary in order to find ways to compensate them and, in consequence, tap into the full potential of the cloud computing model. This paper discusses challenges gathered by means of guideline-based interviews. The identified challenges comprise managing heterogeneity, auditing clouds, coordinating the parties involved in cross-organizational settings, managing their relationships, coping with the lack of security awareness, and localizing and migrating data. Potential research avenues are discussed for each challenge.


Service Oriented Cross Organizational Process Controller


ABSTRACT:


Data access using RIA applications in a confidential database is always a challenging task for the users. In this project, we are going to implement some of the major technical jargons in the security field. First milestone is Anonymous connection which involves the protection of IP address and sensitive information from the users. This can be achieved with the help of MD5, 128 bit encryption algorithm followed by Anonymous authentication in which we will protect the sensitive authentication information using Domain Services Model with web service and Anonymous updates on the confidential data can be restricted using CLR encrypted procedure. In a typical Service Oriented Architecture setup, a service consumable entity learns about a matching / suitable service provider through a service registry and then requests specific functionality from the web service provider through a secure arbitrary communication channel. These services were manipulated and consumed through business processes as service compositions and May even manipulated or hold cross enterprise boundaries, thus enabling service based, cross-organizational workflows.


SAMPLE PROGRAM

KAASHIV INFOTECH

SCREENSHORT


image

RELATED URL'S FOR REFERENCE



[1]Mining for Malicious Code Detection and Security Applications



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5284874&queryText%3DData+Security 

Data mining is the process of posing queries and extracting patterns, often previously unknown from large quantities of data using pattern matching or other reasoning techniques. Data mining has many applications in security including for national security as well as for cyber security. The threats to national security include attacking buildings, destroying critical infrastructures such as power grids and telecommunication systems. Data mining techniques are being investigated to find out who the suspicious people are and who is capable of carrying out terrorist activities. Cyber security is involved with protecting the computer and NETWORK SYSTEMS against corruption due to Trojan horses, worms and viruses. Data mining is also being applied to provide solutions such as INTRUSION DETECTION and auditing. The first part of the presentation will discuss my joint research with Prof. Latifur Khan and our students at the University of Texas at Dallas on data mining for cyber security applications For example; anomaly detection techniques could be used to detect unusual patterns and behaviors. Link analysis may be used to trace the viruses to the perpetrators. Classification may be used to group various cyber attacks and then use the profiles to detect an attack when it occurs. Prediction may be used to determine potential future attacks depending in a way on information learnt about terrorists through email and phone conversations. Data mining is also being applied for intrusion detection and auditing. Other applications include data mining for malicious code detection such as worm detection and managing firewall policies. This second part of the presentation will discuss the various types of threats to national security and describe data mining techniques for handling such threats. Threats include non real-time threats and real-time threats. We need to understand the types of threats and also gather good data to carry out mining and obtain useful results. The challenge i- s to reduce false positives and false negatives. The third part of the presentation will discuss some of the research challenges. We need some form of real-time data mining, that is, the results have to be generated in real-time, we also need to build models in real-time for real time intrusion detection. Data mining is also being applied for CREDIT CARD FRAUD detection and biometrics related applications. While some progress has been made on topics such as stream data mining, there is still a lot of work to be done here. Another challenge is to mine multimedia data including SURVEILLANCE VIDEO. Finally, we need to maintain the privacy of individuals. Much research has been carried out on privacy preserving data mining. In summary, the presentation will provide an overview of data mining, the various types of threats and then discuss the applications of data mining for malicious code detection, cyber security and national security. Then we will discuss the consequences to privacy.



[2]A View about Cloud Data Security from Data Life Cycle



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5676895&queryText%3DData+Security  

Data security has become one of core problems of CLOUD COMPUTING. Many security solutions have been proposed, however, most of them only FOCUS one stage of data life cycle, such as storage stage, which is not enough to solve cloud data security problem as threats exist in whole datalife cycle. In this paper, we argue that THE CLOUD data security problem should be solved form datalife cycle. After detail analysis of data life cycle model and data security threats, a suggested design process of data security solution is given. The proposed idea is simple but important to create the complete security solution to CLOUD data security.


[3]security for Desktop Data Grid using cryptographic protocol



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5204488&queryText%3DData+Security  

Security is the condition that prevents unauthorized persons from having access to official information that is safeguarded in the interests of some particular purpose. Data security ensures that kind of private and sensitive data from corruption and the access to it is suitably controlled. Enterprise businesses and government agencies around the world face the certainty of losing sensitive data from crashed devices. This drives the need for a complete data protection solution that secures data on all common PLATFORMS, deploys easily, scales to any size organization and meets strict compliance requirements related to privacy laws and regulations. The reliability and data assurance at adverse conditions is the requirement of this century. Particularly in the paradigm of ldquovolunteer computingrdquo which is a specific type of distributed system, where shared resources are provided in a volunteer fashion by the clients of the desktop data grid system. In this paper, we propose an architecture for the desktop data grids with a centralized server which increases the performance of the system and reduces the complexity of the server. The efficiency of the system not only depends on the security level of the client but also considers the sensitivity of the data being stored in the system. Altogether a simple metric termed fragmentation factor (FF) is proposed in this system which considers both the security of the client and the sensitivity of the data. The erasure tornado codes are applied to cope up with unreliable data storage components in the distributed data grid systems. The enhanced levels of security can be achieved in the corporate environment by imposing security auditing. To ensure the security of the various SERVERS and systems, the security has to be assessed through proper audit tools.



[4]The Design Research of Data Security Model Based on Public Cloud



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6746501&queryText%3DData+Security  

Public cloud data security IN CLOUD computing is due to the data stored IN THE CLOUD. It's in a low cost and high efficiency, also bring the data the possibility of abuse. Therefore, in this paper, researching the model respond to threats based on the analysis of threats to public cloud factors, and puts forward the USER MANAGEMENT, data security, data center hardware and software security and control transfer to strengthen the data security of the public CLOUD. And to find the balance between risk and business mission.


[5] Efficient security for Desktop Data Grid using cryptographic protocol



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5204488&queryText%3DData+Security  

Security is the condition that prevents unauthorized persons from having access to official information that is safeguarded in the interests of some particular purpose. Data security ensures that kind of private and sensitive data from corruption and the access to it is suitably controlled. Enterprise businesses and government agencies around the world face the certainty of losing sensitive data from crashed devices. This drives the need for a complete data protection solution that secures data on all common PLATFORMS , deploys easily, scales to any size organization and meets strict compliance requirements related to privacy laws and regulations. The reliability and data assurance at adverse conditions is the requirement of this century. Particularly in the paradigm of ldquovolunteer computingrdquo which is a specific type of distributed system, where shared resources are provided in a volunteer fashion by the clients of the desktop data grid system. In this paper, we propose an architecture for the desktop data grids with a centralized server which increases the performance of the system and reduces the complexity of the server. The efficiency of the system not only depends on the security level of the client but also considers the sensitivity of the data being stored in the system. Altogether a simple metric termed fragmentation factor (FF) is proposed in this system which considers both the security of the client and the sensitivity of the data. The erasure tornado codes are applied to cope up with unreliable data storage components in the distributed data grid systems. The enhanced levels of security can be achieved in the corporate environment by imposing security auditing. To ensure the security of the various SERVERS and systems, the security has to be assessed through proper audit tools.



[6]The Design Research of Data Security Model Based on Public Cloud



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6746501&queryText%3DData+Security  

Public cloud data security in CLOUD COMPUTING is due to the data stored IN THE CLOUD. It's in a low cost and high efficiency, also bring the data the possibility of abuse. Therefore, in this paper, researching the model respond to threats based on the analysis of threats to public cloud factors, and puts forward the user management, data security, data center hardware and software security and control transfer to strengthen the data security of the public CLOUD. And to find the balance between risk and business mission.


[7] Research on cloud computing data security model based on multi-dimension



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6291448&queryText%3DData+Security  

CLOUD COMPUTING is considered to be the next generation of information technology framework. It is the next generation computing platforms that can provide dynamic resource pools, virtualization and high availability. The new character brings a lot of new security challenges which have not been taken into account completely in the current cloud computing system. As a consequence, to build a cloud computing data security system is the basis to build CLOUD computing security system. In this article, the CLOUD COMPUTING TECHNOLOGY architecture and the cloud computing data security features are the first to be studied and considered, then THE CLOUD COMPUTING data security model is raised. At last, the realization of data security model has been researched. The model adopts a multi-dimension architecture of three - layers defense. First of all, user authentication is required to ensure that user data cannot be tampered. Users who pass the authentication can get relative operation on the user data, such as addition, modification, deletion. If the unauthorized user use illegal means to deceive the authentication system, the file entered the system encrypt and privacy defense levels. In this layer, user data is encrypted. If key has been got by the intruder. The user data cannot be got valid information even it is obtained through function of privacy protection. It is very important for commercial users of THE CLOUD computing to protect their business secrets. The last is the file quick regeneration layer, user data can get maximum regeneration even it is damaged through rapid regeneration algorithm in this layer. Each layer accomplishes its own job and combines with others to ensure data security IN THE CLOUD computing.



[8] Next Big Thing in Big Data: The Security of the ICT Supply Chain



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6693469&queryText%3DData+Security  

In contemporary society, with supply chains becoming more and more complex, the data in supply chains increases by means of volume, variety and velocity. Big data rise in response to the proper time and conditions to offer advantages for the nodes in supply chains to solve prewiously difficult problems. For any big data project to succeed, it must first depend on high-quality data but not merely on quantity. Further, it will become increasingly important in many big data projects to add external data to the mix and companies will eventually turn from only looking inward to also looking outward into the market, which means the use of big data must be broadened considerably. Hence the data supply chains, both internally and externally, become of prime importance. ICT (Information and Telecommunication) supply chain management is especially important as supply CHAIN LINK the world closely and ICT supply chain is the base of all supply chains in today's world. Though many initiatives to supply chain securityhave been developed and taken into practice, most of them are emphasized in physical supply chain which is addressed in transporting cargos. The research on ICT supply chain security is still in preliminary stage. The use of big data can promote the normal operation of ICT supply chain as it greatly improve the data collecting and processing capacity and in turn, ICT supply chain is a necessaryCARRIER of big data as it produces all the software, hardware and infrastructures for big data's collection, storage and application. The close relationship between big data and ICT supply chain make it an effective way to do research on big data security through analysis on ICT supply chain security. This paper first analyzes the security problems that the ICT supply chain is facing in information management, system integrity and cyberspace, and then introduces several famous international models both on physical supply chain and ICT supply chain. After that the authors d- scribe a case of communication equipment with big data in ICT supply chain and propose a series of recommendations conducive to developing secure big data supply chain from five dimensions.


[9]Data mining for security applications



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=1383486&queryText%3DData+Security

Data mining is the process of posing queries and extracting patterns, often previously unknown from large quantities of data using pattern matching or other reasoning techniques. Cyber security is the area that deals with cyber terrorism. We are HEARING that cyber attacks will cause corporations billions of dollars. For example, one could masquerade as a legitimate user and swindle say a bank of billions of dollars. Data mining and web mining may be used to detect and possibly prevent security attacks including cyber attacks. For example, anomaly detection techniques could be used to detect unusual patterns and behaviors. Link analysis may be used to trace the viruses to the perpetrators. Classification may be used to group various cyber attacks and then use the profiles to detect an attack when it occurs. Prediction may be used to determine potential future attacks depending in a way on information learnt about terrorists through email and phone conversations. Also, for some threats non real-time data mining may suffice while for certain other threats such as for network intrusions we may need real-time data mining. Many researchers are INVESTIGATING the use of data mining for intrusion detection. While we need some form of real-time data mining, that is, the results have to be generated in real-time, we also need to build models in real-time. For example, CREDIT CARD FRAUD detection is a form of real-time processing. However, here models are built ahead of time. Building models in real-time remains a challenge. Data mining can also be used for analyzing web logs as well as analyzing the audit trails. Based on the results of the data mining tool, one can then determine whether any unauthorized intrusions have occurred and/or whether any unauthorized queries have been posed. There has been much research on data mining for INTRUSION DETECTION. Data mining may also be applied for Biometrics related applications. Finally data mining has applications in national securi- y including detecting and preventing terrorist activities. The presentation will provide an overview of data mining and security threats and then discuss the applications of data mining for cyber security and national security including in intrusion detection and biometrics. Privacy considerations including a discussion of privacy preserving data mining will also be given.



[10]SAHA: A Scheduling Algorithm for Security-Sensitive Jobs on Data Grids



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=1630917&queryText%3DData+Security  

Security-sensitive applications that access and generate large data sets are emerging in various areas such as bioinformatics and high energy physics. Data grids provide data-intensive applications with a large virtual storage framework with unlimited power. However, conventional scheduling algorithms fordata grids are inadequate to meet the security needs of data-intensive applications. To remedy this deficiency, we address in this paper the problem of scheduling data-intensive jobs on data grids subject to security constraints. Using a security- and data-aware technique, SAHA (Security-Aware and Heterogeneity-Aware scheduling strategy) is proposed to improve quality of security for data-intensive applications running on data grids. Results based on real-world traces show that the proposed scheduling scheme dramatically improves security and performance over two existing scheduling algorithms.


[11] Data-centric security: Integrating data privacy and data security



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5429044&queryText%3DData+Security  

Classifying data according to its permissible use, appropriate handling, and business value is critical for vdata privacy and security protection. This is essential for compliance with the constantly evolving regulatory landscape concerning protected data. Problems arise when users compromise data privacy and security by overlooking the critical need to manage data according to these requirements. This paper considers the creation and application of data classification systems for security and privacy purposes. It focuses primarily on classifying information in a meaningful way through the use of a partially automated methodology that normalizes and classifies structured data throughout an enterprise. We introduce the three pillars of the data-centric security model, which are based on the data-centric security classification offering by IBM Global Business Services (GBS) and the IBM Research Division. In particular, we describe the data classification pillar of the data-centric security architecture, which provides the framework and method for partially automated classification of data to meet the demands of compliance standards.



[12] A privacy-preserving storage security for spatial data in dynamics cloud environment



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6726759&queryText%3DData+Security  

Cloud computing prevails over the entire world which makes the mankind to trust more on a number of online storage systems to back up data in which resources of the computing infrastructure are provided as services over the Internet gives an wherever, anytime access. Thus lot of complex data will be warehoused into the cloud, as promising as it is, this paradigm also brings forth many new challenges for data security and access control is maintained when users outsource complex data which are shared in the cloud servers, which are not placed in the same reliable domain as data owners. The user's data are stored and maintained with it concerns of security vulnerabilities for all the services. There is a research work being done to point out the issues with the service providers and cloudsecurity. This paper provides a privacy-preserving data integrity protection by enabling public auditability for cloud storage with the help of the Third Party Auditor. Trappings a scalable framework that gives the construction of an interactive audit protocol to prevent the fraudulence of proves and the leakage of datain cloud storage is reduced. Thus it provides a lightweight, efficient and privacy-preserving auditing scheme which will also identifies the corrupted data. The problem of simultaneously achieving fine-grandness, scalability, and data confidentiality of access control actually still remains unresolved. The framework is based on an interactive PDP protocol that uses the challenge - response algorithms and a verification protocol. This supports dynamic operation that allows the granted users to perform insertion, deletion and updating. The protocol allows a Third party Auditor who works on behalf of the Data owner who has a large amount of data to be stored in the cloud. Hence cloud data is to manage or monitor the outsourced data. The tentative results show that the protocol is efficient, lightweight and privacy-preserving.


[13]Ontology Security Strategy of Security Data Integrity



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5521599&queryText%3DData+Security  

There exists a variety of heterogeneous data that need to be integrated within a secure domain. How to integrate the security data from various data source safely is a challenge for database researchers. In this paper, we introduce a new model for security data integrity, Weight-value-Extended MLS (WEMLS), which is development based on MLS. Compared with MLS, WEMLS can not only guarantee the securityand integrity of data accessing, but also provide a more flexible mechanism for data accessing. Finally, WEMLS has been verified by proposing a security data integration model based on ontology.



[14] Data security policy in the cloud computing



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6295062&queryText%3DData+Security  

The user concerns more and more about data security since off-site storage of data on cloud computing. So, we put forward management ideas of user data classification and designed a cloud-based data security policy through user demand for data security protection. It ensures that internal data is not spread to the public cloud through strong authentication, data evaluation classified, sensitive information filtering, cloud computing security gateway strategy and management to protect such as the security management, rules and regulations, safety education.


[15]A Survey of Payment Card Industry Data Security Standard



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5455788&queryText%3DData+Security  

Usage of payment cards such as credit cards, debit cards, and prepaid cards, continues to grow. Security breaches related to payment cards have led to billion dollar losses annually. In order to offset this trend, major payment card networks have founded the Payment Card Industry (PCI) Security Standards Council (SSC), which has designed and released the PCI Data Security Standard (DSS). This standard guides service providers and merchants to implement stronger security infrastructures that reduce the risks of security breaches. This article mainly discusses the need for the PCI DSS and the data security requirements defined in the standard to address the ongoing security issues, especially those pertaining to payment card data handling. It also surveys various technical solutions, offered by a few security vendors, for merchant companies and organizations involved in payment card transaction processing to comply with the standard. The compliance of merchants or service providers to the PCI DSS are assessed by PCI Qualified Security Assessors (QSAs). This article thus discusses the requirements to become PCI QSAs. In addition, it introduces the PCI security scanning procedures that guide the scanning of security policies of a merchant or service provider and prepare relevant reports. We believe that this survey sheds light on potential technical research problems pertinent to the PCI DSS and its compliance.



[16] Security as a Service (SasS): Securing user data by coprocessor and distributing the data



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5714628&queryText%3DData+Security  

In the world of computing, security and privacy issues are a major concern and cloud computing is no exception to these issues. In this paper we outline a security protocol called as Security as a Service (SasS). We provide a mechanism for achieving maximum security by leveraging the capabilities of a processor called a cryptographic coprocessor. Further we enhance the security of the encrypted databy distributing the data within the cloud, i.e. we divide the user data into pieces called as chunks. SasS protocol gives the user a chance to define the security of their data, by leaving the option of dividing thedata into chunks in the user's hand. Based on the user requirement data will be made into chunks. Each chunk after encryption will be stored in a separate database. In this way we provide the maximumsecurity to a user data. To our best knowledge, for the first time security is offered as a service to the user.


[17]Real-time data exchange for online security assessment-A report by the IEEE Task Force on Data Exchange for Security Assessment



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=207351&queryText%3DData+Security  

The current status and near-term future goals of real-time data exchange for online securityassessment of power systems in several regions of the United States are described from the viewpoint of the end-user application, namely, security assessment. An overview of the issues concerning dataexchange for external network modeling is presented. Several data exchange systems are discussed. The following information is provided: description, justification of data exchange, uses for the data, types and quantities of the data exchanged, frequency of data exchange, impact of data exchange on system modeling detail, feasibility of implementing online security assessment without data exchange, exchange of supporting static data, efforts to establish and maintain data exchange, and problems/solutions.



[18]Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing



http://ieeexplore.ieee.org/search/searchresult.jsp?searchWithin=p_Authors:.QT.Kui%20Ren.QT.&searchWithin=p_Author_Ids:37288795500&newsearch=true  

Cloud Computing is the long dreamed vision of computing as a utility, where users can remotely store their data into the cloud so as to enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources. By data outsourcing, users can be relieved from the burden of local data storage and maintenance. However, the fact that users no longer have physical possession of the possibly large size of outsourced data makes the data integrity protection in Cloud Computing a very challenging and potentially formidable task, especially for users with constrained computing resources and capabilities. Thus, enabling public audit ability for cloud data storage security is of critical importance so that users can resort to an external audit party to check the integrity of outsourced data when needed. To securely introduce an effective third party auditor (TPA), the following two fundamental requirements have to be met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user; 2) The third party auditing process should bring in no new vulnerabilities towards user dataprivacy. In this paper, we utilize and uniquely combine the public key based homomorphic authenticator with random masking to achieve the privacy-preserving public cloud data auditing system, which meets all above requirements. To support efficient handling of multiple auditing tasks, we further explore the technique of bilinear aggregate signature to extend our main result into a multi-user setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and performance analysis shows the proposed schemes are provably secure and highly efficient.


[19]Data security in a ship detection and Identification System



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5966915&queryText%3DData+Security  

The use and access of space-based and terrestrial assets for maritime surveillance has developed rapidly in the recent decades. These developments have implications for civil, commercial and military stakeholders and are used by both advanced and developing countries. There are many sensors and systems applicable to the maritime domain such as Vessel Monitoring Systems (VMS), Automatic Identification System (AIS), airborne and space borne optical and radar imagery, ship and coastal radar, underwater acoustics and underwater electromagnetic. We are designing a ship detection and identification system (SDIS) that integrates the results of all of these methods to determine the position and identity of ships for the purpose of monitoring the marine traffic in particular area. The data required by SDIS is readily available from a variety of third-party data providers. By employing redundant data from different detection methods we aim to improve the ship detection and identification accuracy. We realize that data providers will transmit their data to clients in a secure manner in order to protect their data from unauthorized viewing or alteration. SDIS needs to function with the varying security methods of the different data providers. Although data security has the highest risks during transmission we have chosen to use a data-at-rest approach and encrypt the data streams within SDIS at all stages including transmission, storage and in-use. SDIS also has the challenge of ensuring users' adherence to the contractual data use restrictions as stipulated by the third-party data providers. This paper describes the data security aspects of the SDIS as determined in the initial design phases.



[20] Security as a Service (SasS): Securing user data by coprocessor and distributing the data



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5714628&queryText%3DData+Security  

In the world of computing, security and privacy issues are a major concern and cloud computing is no exception to these issues. In this paper we outline a security protocol called as Security as a Service (SasS). We provide a mechanism for achieving maximum security by leveraging the capabilities of a processor called a cryptographic coprocessor. Further we enhance the security of the encrypted databy distributing the data within the cloud, i.e. we divide the user data into pieces called as chunks. SasS protocol gives the user a chance to define the security of their data, by leaving the option of dividing thedata into chunks in the user's hand. Based on the user requirement data will be made into chunks. Each chunk after encryption will be stored in a separate database. In this way we provide the maximumsecurity to a user data. To our best knowledge, for the first time security is offered as a service to the user.


[21]Real-time data exchange for online security assessment-A report by the IEEE Task Force on Data Exchange for Security Assessment



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=207351&queryText%3DData+Security  

The current status and near-term future goals of real-time data exchange for online securityassessment of power systems in several regions of the United States are described from the viewpoint of the end-user application, namely, security assessment. An overview of the issues concerning dataexchange for external network modeling is presented. Several data exchange systems are discussed. The following information is provided: description, justification of data exchange, uses for the data, types and quantities of the data exchanged, frequency of data exchange, impact of data exchange on system modeling detail, feasibility of implementing online security assessment without data exchange, exchange of supporting static data, efforts to establish and maintain data exchange, and problems/solutions.



[22]Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5462173&queryText%3DData+Security  

Cloud Computing is the long dreamed vision of computing as a utility, where users can remotely store their data into the cloud so as to enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources. By data outsourcing, users can be relieved from the burden of local data storage and maintenance. However, the fact that users no longer have physical possession of the possibly large size of outsourced data makes the data integrity protection in Cloud Computing a very challenging and potentially formidable task, especially for users with constrained computing resources and capabilities. Thus, enabling public auditability for cloud data storage securityis of critical importance so that users can resort to an external audit party to check the integrity of outsourced data when needed. To securely introduce an effective third party auditor (TPA), the following two fundamental requirements have to be met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user; 2) The third party auditing process should bring in no new vulnerabilities towards user data privacy. In this paper, we utilize and uniquely combine the public key based homomorphic authenticator with random masking to achieve the privacy-preserving public cloud data auditing system, which meets all above requirements. To support efficient handling of multiple auditing tasks, we further explore the technique of bilinear aggregate signature to extend our main result into a multi-user setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and performance analysis shows the proposed schemes are provably secure and highly efficient.


[23] Open-Access-Compatibility Security Layer for Enhanced Protection Data Transmission



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=4275376&queryText%3DData+Security  

Ongoing power system automaton and open access imposed by new government deregulations aggravate cyber vulnerability of utility computer networks. This paper proposes an open-access-compatibility (OAC) security layer, installed beneath the data-link layer of the popular utility network protocol DNP3, to enhance data transmission security for utilities with open access capabilities. The OAC security is designed as an extension for a Canadian utility integrated P&C system innovation. The OAC security increases interactions with DNP3 data-link layer to enhance utility network security that is especially important for time-data-critical transmissions of protection information. The OAC security does not alter existing DNP3 specification to maintain interoperability for devices not using OAC. The OAC security uses two independent encryptions, one for exchanging security keys and one for transmitting data, to minimize time required for security operations. The OAC security relaxes authentication requirements to reduce transmission overheads and increase efficiency



[24] A Modified Model for Private Data Security Facing E-commerce



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=4287951&queryText%3DData+Security  

In order to improve personal data security in the electronic commerce, and to avoid information exposing of personal privacy, personal data was used as the encrypted principle, applying homomorphism and random perturbation to strengthen personal data security. This paper analyze the usage of personal data in electronic commerce firstly, then discuss the P3P to realize security of personal data. This mechanism cannot guarantee that Web sites do act according to their policies once they have obtained user's personal data. In light of this, a new algorithm was used to acquire improved security. The proposed algorithm uses homomorphism as principle to preserve privacy. This method can make the important data to be appeared with secret content in the web service, and prevent personal data from being misused. The simulation results proved that the modified method can protect personal privacy effectively, and can carry on data mining to provide the characteristic service for the customer, and modified method has shorter response time.


[25] Data security in cloud computing



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6554020&queryText%3DData+Security  

This article discusses cloud computing data security issues, including tile security of data transmission, storage, security and management of security. Focus on universal data management affect cloudsecurity analysis, and pointed out that a breakthrough in the development of this cloud computing, try to enumerate the corresponding strategies and long-term development direction. Final part is a summary and outlook about future development of cloud computing security issues.



[26] Ontological Approach Towards E-business Process Automation



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=4031646&queryText%3DBusiness+Process+Automation  

This paper discusses the interoperability of e-business processes by using an ontology approach with description logic and agent systems to achieve e-business automation. An innovative e-business process modeling framework is proposed that outlines the building blocks required for Internet-based e-business in order to enable e-business process automation. The framework helps in understanding the role of many proposed standards with respect to the building blocks and in identifying both overlaps and gaps among them. The domain knowledge of e-business processes is conceptualised as an e-business process ontology that enables agents' communication in e-business application sharing and reusing. Several agent-based automation mechanisms are discussed based on the ontology that provides implementation guidelines to e-business process automation.


[27] Selection of Business Process for Autonomic Automation



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5632163&queryText%3DBusiness+Process+Automation  

Autonomic automation is viewed as a new approach to business process automation. In this work, we propose a method to identify the best-suited business processes as candidates for an autonomic automation. Generally, this decision is made by process automation experts or inspired by management preferences. Moreover, the best candidate to an autonomic automation is possibly different from a candidate to a traditional automation. To support our method we developed a tool with ability to inspect the process model and obtain specific metrics. Finally, we present the results of the proposed selection method, compared with expert choices and to existent methods for traditional automation selection.



[28] Realization of business process automation based on web services and WS-BPEL



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5959489&queryText%3DBusiness+Process+Automation  

Although information and Internet technology developed rapidly, how to realize flexible integration of enterprise application, and how to realize coordination of the heterogeneous information system and automation of the business process, have been core issues that need to be further researched. Application of Web Services and WS-BPEL can solve this problem. By using Web Services, which is platform-independent and loosely coupled, business process can be adapted to rapidly changing environment. On the other hand, BPM combination of services for process planning and management can further improve business efficiency and lower development cost. In this paper, based on the web services and WS-BPEL, utilizing a typical commercial model, the web services of business process are developed, and the method of using WS-BPEL for process planning is explored. At the same time, web services orchestration is fulfilled through the WS-BPEL, commercial model of process automation instance is established. In the end, business process automation is implemented and tested accordingly.


[29] Event-driven Dynamic Web Services Composition and Automation of Business Processes



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=4026988&queryText%3DBusiness+Process+Automation  

B2B and long running B2C process are complex business processes that contain set of services, state, transaction management, and involve notification of events occur during the execution of process. Business processes are driven by events and evaluating the business processes at regional or national scale reveals diversity in products, terminology and processes involved in carrying out a complete business activity. Because of dynamic nature, heterogeneity and lack of knowledge among business partner there is a need of mechanism to compose services dynamically according to events, and to provide interoperable integration for automation of business process. We proposed convergence of semantic Web, Web services and grid computing to achieve context and location based interoperable integration, event-driven dynamic composition, scalable architecture and middleware support for state, transaction, notification and life-cycle management of business process.



[30] A Model for Business Process Automation in Service Oriented Systems with Knowledge Management Technologies



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5575579&queryText%3DBusiness+Process+Automation  

Due to increasingly demanding requirements for business flexibility and agility, automation of end-to-end industrial processes has become an important topic. Business process execution needs to support automated tasks execution as well as human tasks. The topic of this doctoral work is to enable a higher degree of automation of business processes in service-oriented systems. The doctoral work shows that for certain types of human tasks it is relevant to consider their further automation. A service-oriented architectural framework for human task execution is proposed. It improves execution of human tasks by automating and semi-automating decision making based on on tologies and agent technology.


[31] Business process automation with representing and reasoning on trust



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=1560395&queryText%3DBusiness+Process+Automation  

This article proposes a way how one could design and create systems to support decision-making within business processes by software agents. It argues that the RAP/AOR modelling framework lends itself to the natural representation of both business rules and processes, as well as of an agent's trust in another agent and its evolution. The framework also includes an efficient way of implementing business process automation systems based on XML and software agents. The author hopes this work to be a step towards effective creation of business process automation systems.



[32]Semantic and Rules Based Event-Driven Dynamic Web Services Composition for Automation of Business Processes



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=4027033&queryText%3DBusiness+Process+Automation  

Web services and service-oriented architecture are emerging distributed computing paradigms to publish and access software components as services. Various enterprises now publish their business as Web services. Business processes of these enterprises involved in B2B and B2C transactions require composition of distributed heterogeneous services to accomplish a task. Business processes are complex, dynamic and event-driven. Dynamic composition and automation of complex business processes are becoming active areas of research in this field. Interoperable integration, immaturity, lack of semantic support amongst standards, scalability and middleware support are the challenges involved when business processes are evaluated at national scale. In this paper we propose semantic and rule based event-driven service-oriented architecture for automation of business processes. Semantic provides knowledge and vocabulary of domain and ECA rules are designed to generate the composition schema automatically and dynamically according to the events. We have taken real-life example of agricultural business for demonstration of our architecture


[33] A Technique and Markup Language for Business Process Automation



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=4031263&queryText%3DBusiness+Process+Automation  

In this article, we propose a technique and markup language for complementing the automation of public business processes between enterprises by an intelligent support by software agents for decision-making within an enterprise. The article first argues that the ROADMAP and RAP/AOR methodologies can be jointly used for business process modelling. The ROADMAP methodology enables to create the models of the goals to be achieved and the roles needed for achieving them, while with the RAP/AOR methodology we can model when are the goals to be achieved and how they are to be achieved. Next, we describe the markup language defined by us and show how business process models represented by means of RAP/AOR can be transformed into the markup language. Finally, we show how the business process models represented in the markup language can be executed by software agents. The approach introduced in the article constitutes an efficient way of implementing business process automation systems based on XML and software agents.



[34] The design and development of a sales force automation tool using business process management software



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=1497167&queryText%3DBusiness+Process+Automation  

A sales force automation (SFA) tool is a computerized system that provides sales team members and managers with the functionality to track sales leads, manage contacts, control customer relations, monitor sales processes, schedule meetings, forecast sales and analyze employee performance. SFA tools aim to increase the efficiency and effectiveness of a sales team; however many commercially available SFA tools are generically structured solutions that do not accommodate the specific needs of a company. However, because of recent interest and developments in business process management (BPM) software, an emerging technology capable of modeling and automating business processes, it is possible for individual firms to custom-design their own sales force automation tools. In general, BPM software tools provide automated support for tracking tasks across multiple departments as they are completed by different employees. This paper discusses the design and development of an SFA tool using BPM software, including the identification of a detailed sales process, an analysis of the reporting capabilities, a model for determining the probabilistic outcomes of the sales process, and a decision-analytic model for optimizing sales force resource allocation.


[35] Comparative Study of Service-Based Security-Aware Business Processes Automation Tools



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6721997&queryText%3DBusiness+Process+Automation  

The use of business processes to model and design business activities is becoming a reality to a significant number of companies. Meanwhile, the Service-Oriented Architecture (SOA) is being a widely adopted strategy for business processes execution, which often demands communication between different (and remote) services. This fact leads to the need of incorporating security elements into business processes, because sensitive data can be targeted in the communication process. Existing tools currently focus both on the functional automation by translating high-level business processes in executable artifacts and/or on the security automation by translating security requirements into executable security configurations. In this work, we present a comparative study that evaluates these tools using relevant metrics. A solution named BPA-Sec Analyzer was also developed to automatically generate relevant statistics information related to the produced artifacts. An illustrative scenario is introduced to support the comparison/evaluation.



[36]A technology adaptation model for business process automation



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=663413&queryText%3DBusiness+Process+Automation  

A number of new technologies aimed at automating office work has been developed over the last 20 years with seemingly little impact on overall office productivity. The authors propose a conceptual model for technology adaptation for business process automation that stresses both technology-organization fit and technology-process fit. The goal of the study is to develop a systematic approach that addresses the needs for the organization to be adaptive and for work to be flexible. The technology adaptation model they developed is useful for technology providers in the workflow management area and for business managers who wish to take advantage of the new work-related technologies.


[37] Semantic Enterprise Description for the Needs of Business Process Automation



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=4591708&queryText%3DBusiness+Process+Automation  

Enterprises today face an increasing need to easily access and process knowledge they produce as well as automate their business processes. This need may be fulfilled by taking advantage of the Semantic Web and Semantic Web services technologies and implementing the concept of Semantic Business Process Management. In order to fulfil this vision, an enterprise and the specified part of the knowledge from the enterprisepsilas environment needs to be properly described. The main goal of this paper is to present Business Roles Ontology (BRO) and Business Functions Ontology (BFO) which are to provide description of business functions and corresponding business roles. Both ontologies may be used within automated business process management lifecycle and are the result of our research work.



[38] Business Process Automation and XML Standards: Is there a Semantic Gap?



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=1640314&queryText%3DBusiness+Process+Automation  

This panel brings together experts from industry to represent varied perspectives on prevalent eCommerce XML standards that span both, business-to-business as well as business-to-consumer transactions. In particular, it examines the evolution of standards across these transactions over the past decade, the extent to which they have been adopted in the industry, the reasons for the adoption as well as the extent to which they have resulted in automating eCommerce transactions. The panelists also highlight pitfalls in current implementations and offer insights for what makes successful business process solutions in B2B and B2C eCommerce


[39] Business Process Automation Based on Dependencies



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5430048&queryText%3DBusiness+Process+Automation  

Given a business language, this study presents a dependency-based mapping approach to automate the process of generating a workflow. First, the classification of various operators is carried out in terms of their usage in generating different flows. Second, an internally developed backward flow generating algorithm is used. In order to measure the effectiveness and accuracy of the approach, a forward flow generating algorithm is also developed to compare the results using an example on both approaches.



[40]Business Process Automation for Universities: Enabling Effective and Efficient University Management



"http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5576875&queryText%3DBusiness+Process+Automation  

Universities are a societal asset of immense value as they are an important driving force of scientific creativity, knowledge creation and innovation. Consequently, the pressure to perform in teaching, research, alliance building, and networking on a national and international level has grown tremendously over the past 20 years. To live up to their full potential, universities have to put to the test their structure and processes and make use of the IT-technologies available to enforce more effective and efficient management processes.


[41] A case study of BPM and KM integration: From process automation to knowledge intensive business processes



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5546408&queryText%3DBusiness+Process+Automation  

In very recent times, the pressing need to compete on the basis of knowledge rather than process automation, has expanded the field of Business Process Management (BPM) to include knowledge intensive business processes. This paper focuses on the problem of BPM and Knowledge Management (KM) integration in the context of customer-facing business processes. It introduces a theoretical framework that has been used to guide a case study of BPM/KM integration in a large organisation. The case confirms the importance of process-related knowledge, in particular its relationship to organisation's competitive strategy.



[42] Specificity of the collection requirements and the development in automation of the business-processes of the record keeping



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5501153&queryText%3DBusiness+Process+Automation  

In view of the fact that all the businesses maintain records in the similar way, a number of the typical solutions in automation of the business-processes of the record keeping has been appeared. As a result of this, a range of the problems of integration an additional functionality to a typical solution has taken place. The adopting and development in the systems of automation the record keeping is being become the urgent question in the field of development of the software.


[43] Proposal of automation of the collaborative modeling and evaluation of business processes using a semantic wiki



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6489769&queryText%3DBusiness+Process+Automation  

In the paper a new architecture for the design and evaluation of business process models is proposed. The architecture is based on the use of a semantic wiki system. It supports a distributed and collaborative modeling approach. In such a case, models can be created by a possibly distributed team of analysts. Moreover, they can be gradually improved using an integrated quality metrics system. We give the main architectural assumptions for this approach. Requirements for the system are described along with a prototype implementation. This system offers a practical tool support for the automation of the design and evaluation of models in a distributed environment.



[44]Automation of business-processes of an Election System



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6398509&queryText%3DBusiness+Process+Automation  

In the thesis we consider a critical analysis of foreign and Georgian existing election systems and is described the new, conception of development of support IT infrastructure of an Electronic Election System, proposed by us. We process the bpmn diagrams of business processes of a traditional and electronic election system. Is analyzed their strengths and weaknesses. We offer the conceptual model of databases of an electronic election system, projected in ORM instrument. Is worked out IT supported client-server and service oriented architecture for a system.


[45]Business Process Reengineering of the Workflows in Intensive Care Unit Supported with a Tablet PC Based Automation System



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6686385&queryText%3DBusiness+Process+Automation  

For the traditional implementers of an Hospital Information Management System (HIMS), the Intensive Care Unit (ICU) presents many new challenges. Due to the nature of admissions to this department and the criticality of time for initiating various procedures, many of the processes of HIMS are bypassed. This creates a problem for the HIMS designer. Many conventional HIMS systems handle this by avoiding the ICU from the HIMS implementation, allowing it to continue with the manual process being followed prior to the introduction of the HIMS system. The manual system creates inaccuracies and delays in the information collection and transmission processes. Due to this the senior consultants are denied a complete and comprehensive picture of the situation of the patient that would have been possible with an automated system. The ICU automation system uses a separate ICU server to automate the back-end processes and provide the required isolation from the HIMS server and the stringent processes running there. This server implements a local WiFi network in the ICU that interconnects a set of Tablet PCs running a host of Android applications to automate the workflow there. The ICU server is accessible from the doctors smart phone as well allowing him to view the status of the patient in a comprehensive fashion. This paper presents the system architecture and functionality of important modules.



[46]Reactive business processes for factory automation



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5195874&queryText%3DBusiness+Process+Automation  

Modern enterprises operate on a global scale and depend on complex business processes. Business continuity needs to be guaranteed, while changes at the shop floor should happen on-the-fly without stopping the production process. Unfortunately, the existing business processes found in most enterprises are not modular enough, nor they have dynamic support from the device level. However, as the number of sophisticated networked embedded devices in the shop-floor increases, SOA concepts can now be pushed down and provide a better collaboration between the business systems and the production line. This leads to highly dynamic systems that can adapt and optimize their behavior to achieve their goals. The work presented here shows directions to achieve this dynamism by means of simulation, state identification and close coupling of real world and business systems.


[47]Specification of Forms Processing and Business Procedures for Office Automation



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=1702978&queryText%3DBusiness+Process+Automation  

Business activities, in general, involve data processing (such as queries, extraction, manipulation, and restructuring of data, etc.) as well as conventional office work centered around preparation, distribution, and filing and retrieval of documents. Convinced that most of these activities can be expressed in terms of forms, we present in this paper a formal means for specification of forms processing. The underlying concept is that business functions can be decomposed into meaningfuliy connected form processes where each process either produces or modifies a form. Powerful constructs are provided so that most of the common data processing activities can be expressed in a very high level, concise, and yet compilable manner.



[48] Reverse logistics process automation with BPMS



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5632801&queryText%3DBusiness+Process+Automation  

This paper aims at presenting the application of business process automation technologies on a reverse logistics process proposed for mobile phones reconversion and disposal with a Business Process Management System (BPMS). The first part introduces the business process modeling, followed by the data model and the design of rules for the automation of the process activities of this. A simulation of the business process is also presented and the control process indicators are analyzed. As an additional task and discussion, the contribution of Business Process Management (BPM) for companies' sustainability is proposed.


[49] Integrative framework for Service Oriented Architecture composition of business processes



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5273879&queryText%3DBusiness+Process+Automation  

Service oriented architecture (SOA) is a dominant architecture for today software development architecture. The companies must adapt their systems to face the changes in the business processes. In SOA, each business process may be represented by one or more services. To achieve greater automation of enterprises business processes, enterprises need an integration engine that integrates and harmonizes an enterprise's business processes and services within the enterprise. In this paper, a new framework is built to address this integration problem to integrate new service within an existing business process workflow. This framework measures the level of integration and tests whether that service is fully, partially, or not integrated at all with the other services in the workflow. Also, a new adapted business process workflow is generated using a real case study obtained from SADAD (Saudi Payment System).



[50]Service-Oriented Framework for Human Task Support and Automation



http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=4753891&queryText%3DBusiness+Process+Automation  

Due to increasingly demanding requirements for business flexibility and agility, automation of end-to-end industrial processes has become an important topic. Business process execution needs to support automated tasks execution as well as human tasks. In this paper we show that for certain types of human tasks it is relevant to consider their further automation. We propose a service-oriented architectural framework for human task execution, which improves their execution by automating and semi-automating decision making based on ontologies and agent technology. The approach is generic and can be used for any type of industrial or industrial support business process. As a proof-of-concept we have developed a system providing the above-described support for human task intensive business processes in an electric power transmission company, which has shown considerable improvements in the efficiency of human tasks.


KaaShiv InfoTech offers world class Final Year Project for BE, ME, MCA ,MTech, Software engineering and other students in Anna Nagar, Chennai.

internship in chennai



Website Details:


Inplant Training:


http://inplant-training.org/
http://www.inplanttrainingchennai.com/
http://http://inplanttraining-in-chennai.com/

Internship:


http://www.internshipinchennai.in/
http://www.kernelmind.com/