Anton Naumenko

Managing information security in a business network of machinery maintenance services business - Enterprise architecture as a coordination tool

Today, technologies enable easy access to information across organizational boundaries, also to systems of partners in business networks. This raises, however, several complex research questions on privacy, information security and trust. The study reported here provides motivation and a roadmap for approaching integrated security management solutions in a business network of partners with heterogeneous information and communication technologies (ICT): Systems, platforms, infrastructures as well as security policies. Enterprise architecture (EA) is proposed as a means for comprehensive and coordinated planning and management of corporate ICT and the security infrastructure. The EA approach is proposed as a pre-requisite for transparent and secure inter-organizational information exchange and business process support crossing corporate boundaries. This study provides an example of security architecture planning based on EA, which aligns the development of technological solutions with the business goals. The EA approach combines the planning of business and ICT developments. The alignment provides arguments for cohesive identity and access management (IAM) in a business network. A case study with Metso Paper, Inc., the leading manufacturer of paper machinery and related services, exemplifies the EA-based security architecture planning and specification.

Service matching in agent systems

The problem of service and resource matching is being actively discussed currently as a new challenging task for the next generation of semantic discovery approaches for Web services and Web agents. A significant advantage is expected when using an ontological approach to semantically describe and query services. A matchmaking problem arises when a service is being queried and it includes the distance measure between the required service description and the one from the service registry. We realized the need to analyze the applicability of different matchmaking methods to agent development tools when implemented according to agent technology specifications such as FIPA. We consider three main groups of cases: matchmaking between classes of service profiles in pure taxonomies, matchmaking between classes in faceted taxonomies, and matchmaking between instances of faceted taxonomies.

Strategic industrial alliances in paper industry: XML‐ vs Ontology‐based integration platforms

Purpose – To identify cases related to design of ICT platforms for industrial alliances, where the use of Ontology‐driven architectures based on Semantic web standards is more advantageous than application of conventional modeling together with XML standards.Design/methodology/approach – A comparative analysis of the two latest and the most obvious use cases (NASA and Nordic Process Industry Data Exchange Alliance) concerned with development of an environment for integration and collaboration of industrial partners, has been used as a basis for the research results. Additionally, dynamics of changes in a domain data model and their consequences have been analyzed on a couple of typical use cases.Findings – Ontology‐driven architectures of a collaboration and integration ICT platforms have been recognized as more appropriate for a technical support of industrial alliances around a supply‐chains with a long life cycles.Research limitations/implications – More typical cases related to changes in domain data/...

A Security Framework for Smart Ubiquitous Industrial Resources

Conventional approaches to manage and control security seem to have reached their limits in new complex environments. These environments are open, dynamic, heterogeneous, distributed, self-managing, collaborative, international, nomadic, and ubiquitous. We are currently working on a middleware platform focused on the industrial needs, UBIWARE. UBIWARE integrates Ubiquitous Computing with Semantic Web, Distributed AI, Security and Privacy, and Enterprise Application Integration. In this paper, we describe our long-term vision for the security and privacy management in complex multi-agent systems like UBIWARE, SURPAS. The security infrastructure has to become pervasive, interoperable and intelligent enough to naturally fit UBIWARE. SURPAS aims at policy-based optimal collecting, composing, configuring and provisioning of security measures. Particularly, we analyze the security implications of UBIWARE, present the SURPAS research framework, and the SURPAS abstract architecture.

Using UDDI for Publishing Metadata of the Semantic Web

Although UDDI does not provide support for semantic search, retrieval and storage, it is already accepted as an industrial standard and a huge number of services already store their service specifications in UDDI. Objective of this paper is to analyze possibilities and ways to use UDDI registry to allow utilization of meta-data encoded according to Semantic Web standards for semantic-based description, discovery and integration of web resources in the context of needs of two research projects: “Adaptive Services Grid” and “SmartResource”. We present an approach of mapping RDFS upper concepts to UDDI data model using tModel structure, which makes possible to store semantically annotated resources internally in UDDI. We consider UDDI as an enabling specification for creation of a semantic registry for not only services, but also for web resources in general.

Identity and Access Management for Remote Maintenance Services in Business Networks

Access to information systems across corporate boundaries with high demands to privacy and trust result into ambitious research and development targets. This study provides motivation and a roadmap for approaching integrated security management solutions in a business network of partners with heterogeneous ICT and security infrastructures. We aim at describing specifics of identity and access management in inter-organizational collaboration, and a vision and arguments for identity and access management in a business network. A case study with Metso Paper, Inc., the leading manufacturer of paper machinery and related services, validates the results, thus providing a motivating example of the possibilities of e-services.