Raul Valverde

Security of E-Procurement Transactions in Supply Chain Reengineering

With the rapid rise of Business to Business (B2B) transactions over the internet and the increasing use of e-procurement solutions by large organizations for purchasing, there is a need to reengineer current legacy supply chain management systems in order to integrate them with modern e-procurement systems. Although there is a great deal of research in the area of integration with e-procurement systems, there is little attention for security aspect of this integration that responds to the need for accurate and secure information exchange has become essential to doing business. Security is a consistent and growing problem for e-commerce and procurement solutions. As the number and frequency of security violations continues to rise, there is a corresponding dependence on information technology to drive business value, which in turn increases the importance and criticality of transaction data. The result is an increasing demand for secure e-procurement transactions to ensure the confidentiality, integrity and availability of data. Secure transactions are essential if organizations are to fully realize the benefits of e-procurement which include increased productivity, lower purchasing pricing, streamlined processes, reduced order fulfillment time and greater budgetary control; all of which can contribute to increasing an organization’s competitive advantage. This research is a case study which evaluates the security of transactions for the integration of an e-procurement solution in a large organization. It addresses both business and technological issues by examining the current threat model, security policies, system architecture, and security controls that have been implemented to ensure data integrity and confidentiality. Finally, a new model will be proposed for reengineering projects that require the integration of e-procurement systems which includes recommendations for improvements that will be benchmarked against common security designed principles.

The effect of E-supply chain management systems in the north american electronic manufacturing services industry

The paper examines the effect of E-Supply Chain Management Systems in the North American electronics manufacturing services industry. A causal and descriptive research study was conducted based on a survey applied to thirty six individuals in electronic manufacturing services firms in order to determine the impact of e-supply chain management on their key supply chain operations. Results of the research revealed that e-supply chain management had a positive effect in the electronic manufacturing services industry as these showed that the profits of the firm increased and internal communications were improved due to the implementation of e-supply chain management. The research also showed that e-supply chain management systems have many technical issues such as problems with process automation and transmission of supply chain data, e-procurement effectiveness, integration with existing systems and the monitoring of inventory systems and purchasing process. Several recommendations are made to overcome these challenges including employee training and re-engineering of business processes for better system integration.

A method for comparing traditional and component-based models in information systems re-engineering

Many organisations have become aware of the limitations of their legacy systems to adapt to new technical requirements. Trends towards e-commerce applications, platform independence, reusability of pre-built components, capacity for reconfiguration and higher reliability have contributed to the need to update current systems. Consequently, legacy systems, typically designed and developed using traditional methods, need to be re-engineered into new component-based systems. The objective of the study is to develop a method to compare traditional and component-based models of systems. Design science is the approach used to build and evaluate the method. The method incorporates and integrates existing methodologies for information systems re-engineering and conceptual model evaluation. A case study illustrating the comparison method revealed that a re-engineered component-based conceptual model was capable of representing and enriching all the traditional conceptual model constructs. However, there was a conflict with the use of data flows as these can represent both events and also couplings between processes, data stores, and external agents. Thus, the project derived an additional set of rules to use when generating a component-based model to improve the re-engineering step.

A Fraud Detection System Based on Anomaly Intrusion Detection Systems for E-Commerce Applications

The concept of exchanging goods and services over the Internet has seen an exponential growth in popularity over the years. The Internet has been a major breakthrough of online transactions, leaping over the hurdles of currencies and geographic locations. However, the anonymous nature of the Internet does not promote an idealistic environment for transactions to occur. The increase in online transactions has been added with an equal increase in the number of attacks against security of online systems. Auction sites and e-commerce web applications have seen an increase in fraudulent transactions. Some of these fraudulent transactions that are executed in e-commerce applications happen due to successful computer intrusions on these web sites. Although a lot of awareness has been raised about these facts, there has not yet been an effective solution to adequately address the problem of application-based attacks in e-commerce. This paper proposes a fraud detection system that uses different anomaly detection techniques to predict computer intrusion attacks in e-commerce web applications. The system analyses queries that are generated when requesting server-side code on an e-commerce site, and create models for different features when information is extracted from these queries. Profiles associated with the e-commerce application are automatically derived from a training dataset.

An object-oriented supply chain simulation for products with high service level requirements in the embedded devices industry

The supply chain of a case study in the embedded devices industry was examined from the perspective of a high service level for the delivery of one of its products. For this purpose, an agent-based object-oriented model of the supply chain with a quantity reorder system for the inventory management was developed. The historical demand data from the ERP system of the case study was examined and pseudo-random numbers for a Monte Carlo simulation of the supply chain was generated with it. The paper examines the performance of the supply chain by using a simulation with a stockout penalty and the percentage of items delivered from stock. Results from simulation show that no single solution for the reorder point and quantity with an optimal stockout penalty can be found. The simulation generated a solution for the minimum average penalty.

RISK REDUCTION OF THE SUPPLY CHAIN THROUGH POOLING LOSSES IN CASE OF BANKRUPTCY OF SUPPLIERS USING THE BLACK-SCHOLES-MERTON PRICING MODEL

In recession times, slower demand, shrunk liquidity, and increasing pressure on cost can lead to bankruptcy of suppliers. The risks due to supplier bankruptcy include (a) losses due to supply chain disruption, (b) delayed or stopped finished goods shipments, (c) difficulty in finding cost-effective alternate suppliers and sourcing contracts, (d) emergency procurements, (e) loss of reputation and market share loss, etc. Bankruptcy models can be used to estimate the probability that a supplier may go bankruptcy, and a level of probability can be established that triggers the risks. This paper uses the Black-Scholes-Merton option pricing model for estimating the probability of bankruptcy of supplier by extracting and examining the riskiness in stock market price of supplier. The paper uses the pooling arrangements among companies that source from multiple suppliers as a way to reduce the risk due to supplier bankruptcy.

An Implementation of ITIL Guidelines for IT Support Process in a Service Organization

Service level management (SLM) is a challenge in a distributed systems environment because all processes should provide a consistent, reliable, and predictable service delivery. Early 1990s, most organizations established few service-level agreements (SLA) as the key performance indicators (KPI) but it was difficult to measure or monitor them in a distributed systems environment. The strength of Information Technology Infrastructure Library (ITIL) is the approach of integrating the SLM with the support processes at strategic, tactical, and operational levels. This paper focuses on implementing ITIL guidelines at an operational level for service desk, incidents, problems, and change management. The ITIL framework only provides guidelines, so a service organization needs to explore a methodology for evaluating existing service support processes and implementing ITIL guidelines for improvements. To this end, we investigate upon how to apply the ITIL framework for reengineering of IT service support process in an organization. The approach is actually implemented at a dentalcare service provider with ten dental clinics connected in Wide Area Network (WAN) and the data is collected into a central server in the main dental center. We first started with the process mapping, and then moved towards reengineering following ITIL guidelines, while collecting the results in key performance areas before and after the process reengineering. This paper used questionnaires, document reviews, archival records and observation techniques for collecting the data. The results demonstrated improvements in differing magnitudes. Some statistical analysis such as mean and variance together with t-value distribution and null hypothesis were also developed to determine the quality of results. The paper is cautious about the limited scope of audience and the questionnaire which may compromise the results; however, the approach is useful in obtaining significant improvements when a company invests in integrating ITIL guidelines in to service support processes.

ITIL-based IT service support process reengineering

The Information Technology Infrastructure Library ITIL supports best practices, reengineering activities and IT service support processes. ITIL framework only provides recommendations, and companies need to utilize this framework to improve their IT service support processes and establish best practices. This study provides a methodology on how to apply the ITIL framework for evaluating the IT service support processes, its reengineering and alignment to best practices, and subsequent integration into a decision support system framework. A case study approach was used to identify a set of Key Performance Indicators KPI which were monitored by a decision support system DSS for triggering on-going reengineering of IT service support processes. This paper focuses on the implementation of the ITIL guidelines at the operational level, improvement of the service desk, and incident, problem, change, release, and configuration management. It also presents the implementation of the ITIL guidelines at the tactical level for the improvement of the service level, capacity, IT service continuity, service availability, and security management. We conclude by providing recommendations for future research.

Ontological Evaluation of Business Models: Comparing Traditional and Component-Based Paradigms in Information Systems Re-Engineering

The majority of current information systems were implemented using traditional paradigms which include business modeling techniques applied during the analysis phase such as System Flow Charts, Data Flow Diagrams and Entity-Relationship Diagrams. These legacy systems are now struggling to cope with recent developments, particularly trends towards e-Commerce applications, platform independence, reusability of pre-built components, capacity for reconfiguration and higher reliability. Many organizations now realize they need to re-engineer their systems using new component-based systems approaches and object-oriented computer languages. Although the traditional and component-based approaches have different grammars for representing business models, these business models can be compared, based on their ontological grammars. This paper illustrates how an ontological evaluation of business models can be used to compare them for equivalency of representation of business requirements, when re-engineering legacy systems into component-based information systems.

Decision support systems for IT service management

Group decision support systems (GDSS) and knowledge-based systems (KBS) have the potential to assist information technology service managers make sound decisions. We use narrative enquiry and reflective processes to review two recent projects that designed decision support system (DSS) tools for IT service management. The software mediated process assessment project includes a GDSS module to enable the selection of processes for assessment. The decision support recommendation system for IT service operation used a knowledge base to provide recommendations specific to the problem domain of IT service support. From the use of prior literature, rigorous methods and empirical evidence, contributions are made to ITSM theory and practice. The process selection decision model is a novel and effective combination of balanced scorecard, SERV-QUAL and the IT infrastructure library (ITIL) guidelines. In terms of methodology, the incorporation of task-technology theory in design science research enables design principles to be articulated. Outcomes from projects of this nature demonstrate exemplary cases of success stories where the primary research objective is to develop innovative solutions that work in practice and are grounded in academic rigour.