Marcus Spies

An ontology modelling perspective on business reporting

In this paper, we discuss the motivation and the fundamentals of an ontology representation of business reporting data and metadata structures as defined in the eXtensible business reporting language (XBRL) standard. The core motivation for an ontology representation is the enhanced potential for integrated analytic applications that build on quantitative reporting data combined with structured and unstructured data from additional sources. Applications of this kind will enable significant enhancements in regulatory compliance management, as they enable business analytics combined with inference engines for statistical, but also for logical inferences. In order to define a suitable ontology representation of business reporting language structures, an analysis of the logical principles of the reporting metadata taxonomies and further classification systems is presented. Based on this analysis, a representation of the generally accepted accounting principles taxonomies in XBRL by an ontology provided in the web ontology language (OWL) is proposed. An additional advantage of this representation is its compliance with the recent ontology definition metamodel (ODM) standard issued by OMG.

Patterns of Business Rules to Enable Agile Business Processes

A problem of todays standard business process (BP) automation systems is that they are too rigid to cope with changing business demands, especially for long running BPs. A solution to overcome this problem is to combine BPs with business rules (BR). State of the art BP automation systems are based on Web service (WS) technology and use WS composition languages, for example BPEL, for abstract and executable BPs. On the other hand, most of todays implementations use BRs mostly to make calculations and to adapt simple decisions to business users without full integration into a BP automation system. We will show that BP execution and BR functionality can be integrated properly in a standard service oriented architecture. This finding will be applied in a new approach of configuring BPs through using BRs. The assumption is that if one considers BRs already while modeling a BP, more advanced BP aspects like decisions, data constraints and control flow can be made agile and adaptive during run-time. We present multiple solutions demonstrating how BRs can be used to obtain different aspects ofBP agility. Described as BP Modeling Patterns, our solutions give insight on how agile BPs can be implemented with current BP automation technology. We implemented them using IBM WebSphere integration developer and IBM WebSphere process server.

Patterns of business rules to enable agile business processes

A problem of todays standard business process (BP) automation systems is that they are too rigid to cope with changing business demands, especially for long running BPs. A solution to overcome this problem is to combine BPs with business rules (BRs). State-of-the-art BP automation systems use WS composition languages and BR services. Often these BRs are used to make calculations and to adapt simple decisions to business users without full integration into a BP automation system. The authors show that BP execution and BR functionality can be integrated properly in a standard service-oriented architecture. This finding is applied in a new approach of configuring BPs through using BRs. The assumption is that if one considers BRs already while modelling a BP, more advanced BP aspects like decisions, data constraints and control flow can be made agile and adaptive during run-time. BP modelling patterns are presented that demonstrate how BRs can be used to obtain different aspects of BP agility. Furthermore, different implementational aspects of bringing BPs and BRs together are discussed and it is shown how to implement these patterns using the IBM WebSphere® integration developer and the IBM WebSphere® process server.

Knowledge management in a decentralized global financial services provider: a case study with Allianz Group

We first introduce the overall approach to knowledge management taken by Allianz Group. We then present two specific solution approaches within Allianz Group. The first approach is focused on knowledge sharing across different lines of businesses and various organizational entities within Allianz. The approach is implemented through the new organizational role of centers of competence. The second approach is focused on improvements of knowledge-workers day-to-day tasks involving document and expert search from various information sources. Here, we report the setup and the results from a pilot study. The aim was to evaluate the implications of different search and retrieval tools on workflow within a representative everyday business environment. Different available information resources with their corresponding security infrastructure were taken into account. The pilot implementation was accompanied by an empirical survey on usage characteristics and usability experiences by the participating knowledge workers.

Towards model-driven service-oriented enterprise computing

The new enterprise is characterized by its ability to focus on core competencies and to flexibly interact with partners in order to collectively satisfy customer needs and exploit business opportunities. The new enterprise is an active player in dynamic business networks and it generally is itself composed of several interdependent organizational entities. One of the major challenges in this setting is to identify, establish, sustain, adapt and dissolve collaborations with partners. This should be done according to the enterprises own business goals while taking account of internal and external developments. Such developments include reorganizations, mergers, economic and market trends, and changes in business partners and competitors. Next to these business level developments, technological developments should be considered as well. The latter are equally important since most enterprises heavily rely on IT applications, platforms and infrastructures to improve their productivity and efficiency. Collaboration within and between enterprises therefore not only require bridging administrative, organizational, jurisdictional and cultural boundaries, but also overcoming differences in IT-based solutions that have been developed or adopted by the collaboration partners. Moreover, business-level and IT-level approaches and solutions should be aligned, and should be kept aligned, in order to fully achieve their potential benefits. Advances in enterprise computing can help to address the above mentioned challenge. The articles in this special issue on the EDOC 2008 Enterprise Computing Conference discuss several of such advances. This editorial briefly introduces the main trends that we observe, and relates and positions the articles with respect to these trends, viz. improved enterprise models, model-driven development, and service-oriented architecture.

A Software Assurance Evidence Approach to Cloud Security

Cloud computing is increasingly established as a successor technology to data centers in outsourced IT infrastructures and managed operations environments. A key enabler for adoption of cloud services is reliable cloud security. We present an approach to cloud security assurance using model-driven architecture. This approach integrates several current software assurance modelling frameworks as well as standardization efforts for cloud security based on IT governance, risk and compliance management modelling and reporting languages.

Continous Monitoring for IT Governance with Domain Ontologies

We present the practical context, design rationale and application basics of a domain ontology capturing industry standards for defining, controlling and auditing IT Governance.

Publishing of Interoperable Services and Processes in UDDI

This paper presents a requirements analysis and a solution approach to representing collaborative business processes conforming to the Wf-XML/ASAP standard proposal in a UDDI registry. Wf-XML/ASAP is introduced as a coordination protocol for business collaborations focusing on loosely coupled subprocesses which involve executable and human activities. The UDDI standard as part of the web services protocol stack is designed to hold service relevant information from overall business entities down to technical fingerprints of mostly simple web services. We present a solution approach that allows to use UDDI for registering and discovering services using Wf-XML/ASAP interfaces. We conclude that while such a representation is possible, some of UDDIs structures and relationships need to be extended in order to get an appropriate service registry for interoperable services collaborative infrastructures.

Knowledge Discovery from Constrained Relational Data: A Tutorial on Markov Logic Networks

This tutorial paper gives an overview of Markov logic networks (MLNs) in theory and in practice. The basic concepts of MLNs are introduced in a semi-formal way and examined for their significance in the broader context of statistical relational learning approaches in general and Bayesian logic networks in particular. A sandbox example is discussed in order to explain in detail the meanings of input theories with weighted clauses for a MLN. Then, the setup needed for real-world applications using a recent open source prototype is introduced. Processing steps of inferencing and learning are explained in detail together with the best scaling algorithms known today. An overview on existing and upcoming application areas concludes the paper.

Rule-enhanced domain models for cloud security governance, risk and compliance management

As security is essential for the adoption of cloud computing, several standards defining security domains, related threats and controls are being established. The common goal is to enable cloud security specific IT governance for cloud providers and client enterprises alike. The ensuing mandatory control objectives and control processes must cover regulatory compliance and risk management in view of the growing public sector and industry demand for cloud computing services. As of today, most of these standards are represented in textual or semi-structured form. However, the growing adoption of cloud computing calls for tool-supported monitoring and auditing. This paper shows how this can be accomplished based on a domain modelling approach that includes definitions and processing components for rules corresponding to control objectives and various aspects of control processes.