Pascal van Eck

Project GRAAL: Towards operational architecture alignment

This paper presents a framework for architecture alignment that can be positioned between approaches for software architecture, which concern software artefacts only, and strategic alignment models, which have a business focus. The framework is currently applied in case study research to find alignment patterns used in practice. First results presented in this paper indicate that the framework might yield an operationalization of strategic architecture alignment models. We also present an alignment pattern which shows a difference between how architectures are designed at the application level and the infrastructure level. We think this difference is significant for practical alignment models.

Requirements traceability in model-driven development: Applying model and transformation conformance

The variety of design artifacts (models) produced in a model-driven design process results in an intricate relationship between requirements and the various models. This paper proposes a methodological framework that simplifies management of this relationship, which helps in assessing the quality of models, realizations and transformation specifications. Our framework is a basis for understanding requirements traceability in model-driven development, as well as for the design of tools that support requirements traceability in model-driven development processes. We propose a notion of conformance between application models which reduces the effort needed for assessment activities. We discuss how this notion of conformance can be integrated with model transformations.

Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients

Attackers take advantage of any security breach to penetrate an organisation perimeter and exploit hosts as stepping stones to reach valuable assets, deeper in the network. The exploitation of hosts is possible not only when vulnerabilities in commercial off-the-shelf (COTS) software components are present, but also, for example, when an attacker acquires a credential on one host which allows exploiting further hosts on the network. Finding attacks involving the latter case requires the ability to represent dynamic models. In fact, more dynamic aspects are present in the network domain such as attackers accumulate resources (i.e. credentials) along an attack, and users and assets may move from one environment to another, although always constrained by the ruling of the network. In this paper we address these dynamic issues by presenting MsAMS (Multi-step Attack Modelling and Simulation), an implemented framework, based on Mobile Ambients, to discover attacks in networks. The idea of ambients fits naturally into this domain and has the advantage of providing flexibility for modelling. Additionally, the concept of mobility allows the simulation of attackers exploiting opportunities derived either from the exploitation of vulnerable and non-vulnerable hosts, through the acquisition of credentials. It also allows expressing security policies embedded in the rules of the ambients.

External Insider Threat: A Real Security Challenge in Enterprise Value Webs

Increasingly, organizations collaborate with other organizations in value webs with various arrangements, such as outsourcing, partnering, joint ventures, or subcontracting. As the Jericho Forum (an industry consortium of the Open Group) observed, in all these forms of collaboration, the boundaries between organizations become permeable and, as a consequence, insiders and outsiders can no longer be neatly separated using the notion of a perimeter. Such organizational arrangements have security implications because individuals from the value web are neither outsiders nor completely insiders. To address this phenomenon this paper proposes a third set of individuals, called External Insiders. External insiders add challenges to the already known insider threat problem because, unlike outsiders, external insiders have granted access and are trusted; and, unlike traditional insiders, external insiders are not subjected to as many internal controls enforced by the organization for which they are external insiders. In fact, external insiders are part of two or more organizational control structures, and business-to-business contracts are often insufficiently detailed to establish security requirements at the level of granularity needed to counter the threat they pose.

Requirements Traceability and Transformation Conformance in Model-Driven Development

The variety of design artefacts (models) produced in a model-driven design process results in an intricate relationship between requirements and the various models. This paper proposes a methodological framework that simplifies management of this relationship. This framework is a basis for tracing requirements, assessing the quality of model transformation specifications, metamodels, models and realizations. We propose a notion of conformance between application models which reduces the effort needed for assessment activities. We discuss how this notion of conformance can be integrated with model transformations

Business-IT Alignment Domains and Principles for Networked Organizations: A Qualitative Multiple Case Study

Applying principles for business-IT alignment in networked organizations seems to be key for their survival in competitive environments. In this paper, we present a qualitative multiple case study conducted in three collaborative networked organizations: (i) an outsourcing relation between an international IT and business integrator and a mass-marketed service provider, (ii) an inter-organizational collaboration among governmental departments of the state of Tamaulipas in Mexico, and (iii) a networked organization between the province Overijssel, the municipalities Zwolle and Enschede, the water board district Regge & Dinkel and Royal Grolsch N.V. in the Netherlands. Drawing from this case study, we derive four principles that networked organizations seem to adhere to when striving for alignment at a certain level of maturity.

Governance of Offshore IT Outsourcing at Shell Global Functions IT-BAM Development and Application of a Governance Framework to Improve Outsourcing Relationships

The lack of effective IT governance is widely recognized as a key inhibitor to successful global IT outsourcing relationships. In this study we present the development and application of a governance framework to improve outsourcing relationships. The approach used to developing an IT governance framework includes a meta model and a customization process to fit the framework to the target organization. The IT governance framework consists of four different elements (1) organisational structures, (2) joint processes between in- and outsourcer, (3) responsibilities that link roles to processes and (4) a diverse set of control indicators to measure the success of the relationship. The IT governance framework is put in practice in Shell GFIT BAM, a part of Shell that concluded to have a lack of management control over at least one of their outsourcing relationships. In a workshop the governance framework was used to perform a gap analysis between the current and desired governance. Several gaps were identified in the way roles and responsibilities are assigned and joint processes are set-up. Moreover, this workshop also showed the usefulness and usability of the IT governance framework in structuring, providing input and managing stakeholders in the discussions around IT governance.

Metrics-based control in outsourced software development projects

Measurements have been recognised as vital instruments to improve control in outsourced software development projects. However, project managers are still struggling with the design and implementation of effective measurement programs. One reason for this is that although there is a large body of research literature on metrics, practical guidelines for choosing among concrete measurements are scarce. The authors address this gap between research and practice by synthesising knowledge from frameworks and guidelines presented in the software process improvement (SPI) literature. The contribution comprises a framework that provides a set of measurements (selected from the research literature) for control of software development in cooperative settings, and a set of principles and guidelines for the design of an information infrastructure that provides managers with control information. As implication for research, the authors identify the need to develop new theories of SPI through the lens of inter-organisational networks, and taking into account relevant practices from the world of open-source software development. Also lessons for managers of outsourced software development projects are discussed. The results have been validated via expert interviews and by a panel of experts.

Combining visualisation techniques to understand co-operation in inter-organisational systems

Abstract: Purpose – The purpose of this paper is to present an approach to support understanding of inter-organisational systems. Design/methodology/approach: The approach combines two types of graphical snapshots of relevant properties of each organisation, based on concrete data. The first type of snapshot provides a birds eye view of the network that enables matching partners to form groups based on similarity. The second type of snapshot can be used to compare and contrast the information technology (IT) portfolio of partners to assess the extent to which each portfolio is ready to meet the needs of the inter-organisational system. The approach has been applied in a case study that analysed E-CUSTOMS, a large distributed system that connects the customs organisations of a number of member states of the European Union. The approach has been validated by showing the results to experts in the E-CUSTOMS project, who confirmed the findings. Findings: An approach based on quantifiable and non-quantifiable data that combines two visualisation techniques was used. The graphical snapshots obtained by applying this approach showed similarities and differences between countries that indicate opportunities and challenges in IT integration. Practical implications: The approach provides a semi-automatic method to understand inter-organisational systems. If in need of successful co-operation in groups within an inter-organisational network, this approach will help the expert to ask the right questions. Originality/value: An understanding of inter-organisational systems is necessary, as co-operation in inter-organisational networks usually requires considerable up-front investments in IT specific for this co-operation.

Risk-Driven Conceptual Modeling of Outsourcing Decisions

In the current networked world, outsourcing of information technology or even of entire business processes is often a prominent design alternative. In the general case, outsourcing is the distribution of economically viable activities over a collection of networked organizations. To evaluate outsourcing decision alternatives, we need to make a conceptual model of each of them. However, in an outsourcing situation, many actors are involved that are reluctant to spend too many resources on exploring alternatives that are not known to be cost-effective. Moreover, the particular risks involved in a specific outsourcing decision have to be identified as early as possible to focus the decision-making process. In this paper, we present a risk-driven approach to conceptual modeling of outsourcing decision alternatives, in which we model just enough of each alternative to be able to make the decision. We illustrate our approach with an example.