Younes Benslimane

An exploration of wireless computing risks: Development of a risk taxonomy

Wireless computing, as a way of providing mobile services, has been growing steadily during the past few years. While wireless communications offer organizations and users many benefits such as portability, flexibility, increased productivity, and lower installation costs; on the other hand, risks inherent and exacerbated by wireless connectivity are widely reported, wherein networks are open to intruders who may cause unwanted consequences to an organizations information resources. Hence, understanding these risks will help protect against unforeseen threats, delays and costs. This paper aims at the development of a taxonomy for wireless computing risks. Six levels are identified including risks associated with the users, mobile devices, wireless networks, wireless applications, the Internet and the corporate gateway. The findings show that there is a need for systematic studies on wireless risk assessment and management. The implications of these findings for both researchers and practitioners are discussed.

Assessing critical functional and non-functional requirements for web-based procurement systems: a comprehensive survey

World Wide Web (WWW)-based electronic commerce has emerged as a mean to conduct business transactions that were previously handled through traditional interorganizational systems, phone, fax, on-site visits, or mail. Today, electronic procurement (e-procurement) accounts for most of the volume and value of the business transactions conducted over the Internet. As of yet, however, little or no research has assessed the functional and non-functional requirements sought for the WWW-based systems used to support the procurement process. This paper, presents findings of a survey of 133 corporate buyers from about 130 companies on the use of readily available web-based systems for business-to-business transactions and the requirements perceived to be critical to the effective support of supply chain operations.

Towards an optimal classification model against imbalanced data for Customer Relationship Management

This paper proposes a comprehensive classification framework applicable to the analytical Customer Relationship Management (CRM) problem domain of customer identification. Effective data mining tools have for long been anticipated in CRM as a promising technique to extract from historical data the knowledge that improves the quality of all CRM functions. However, standardized CRM data mining processes are yet to be developed. The proposed methodology provides quality solutions to most challenges encountered during a typical analytical CRM project, and has been tested on the difficult task from the UC San Diego Data Mining contest. The result outperforms some prevalent data mining techniques in the CRM domain.

Information Security between Standards, Certifications and Technologies: An Empirical Study

This paper investigates the relative role of security standards, professional security certifications and technological tools in the protection of organizational data. Findings from the content analysis of 100 job postings for information security analysts and managers show that in general, organizations give more importance to knowledge validated by relevant professional certifications and to the working knowledge of IT products and solutions for the management of their information security than to the knowledge of a particular security standard. Details for such findings and their implications for research and practice are discussed.

Addressing IT security in practice: Key responsibilities, competencies and implications on related bodies of knowledge

This paper examines the responsibilities and the required skills for Information Technology (IT) security professionals. Content analysis of relevant jobs postings helped identify four types of positions and the associated responsibilities and requisite skills. The identified skills were further analyzed to assess their consistency with the identified responsibilities. Finally, the Body of Knowledge (BOK) for three relevant disciplines (Information Systems, IT and Computer Science) are reviewed to assess the extent to which they cover knowledge needed to address IT security in organizations. Findings identify possible gaps in the BOK and areas for improvement.

Requirements uncertainty and standardization in IS development projects: A survey of the IT sector in China

This paper examines the issue of requirements uncertainty in information systems (IS) development projects in China. It focuses on key dimensions of IS requirements uncertainty, their effect on project performance and on the role of typical frameworks used to standardize IS development processes. Findings from a survey of 82 senior information technology (IT) professionals show that (i) instability and diversity of IS requirements are the most problematic dimensions of requirements uncertainty, (ii) requirements uncertainty affects the performance of IS development projects and (iii) standardization can reduce that uncertainty and improve the performance of IT projects. The implications for research and practice are discussed.

IS development activities and methodologies in practice: A survey of the IT sector in China

This paper focuses on activities and methodologies for Information Systems (IS) development projects in China. It examines key issues affecting IS development activities and investigates possible differences in practices and experiences that may result from the adoption of formal development methodologies. A survey of 73 senior Information Technology (IT) professionals helped identify the lack of rigorous testing, the shortage of programming skills and the problematic elicitation of system requirements as the top three issues facing IS development projects. Findings show also that formal development methodologies can affect the percentage of time allocated to each IS development activity and can improve the level of success of such projects. The implications for research and practice are discussed.

Key Topics in Cloud Computing Security: A Systematic Literature Review

Based on a systematic literature review (hereafter SLR), this paper identifies the key themes and topics in cloud computing security. Findings from an analysis of 275 peer-reviewed publications show that cloud security solutions and cloud security challenges are the two most dominant themes. The other themes identified include guiding frameworks and methodologies and general security requirement. Topics related to each of these themes were also identified and ranked, hence providing a comprehensive map of the research on cloud security. Implications for research and practice are discussed.

Using discretization to improve E-commerce anomaly detection process

Effective data mining solutions have been anticipated in Electronic Commerce (E-Commerce) transaction anomaly detection model to accurately predict anomaly transaction records. However, there are many sub-optimal E-Commerce transaction anomaly detection models due to highly imbalanced data set. This research paper proposes a preprocessing method based discretization of continuous variables to solve the problem of highly imbalanced data. The Logistic Regression, Naive Bayes, RBFNetwork and NBtree classifiers are applied to evaluate the discretization method. Results indicate that the discretization method can achieve excellent performance.

Using data mining techniques to improve location based services

With the rise of mobile technology in the recent years, a brand new form of service, Location Based Service (LBS), has emerged. Well performed and reliable LBS applications or services heavily rely on the accuracy and integrity of location data in addition to the timely update attributes. However, manually identifying and organizing the location information can be very time consuming and human error is another inevitable fact. Not many previous studies have been done concerning how to improve the accuracy and quality of location data through the data de-duplication process using web mining techniques. In this paper, we propose an efficient and cost-effective way to integrate the location information collected from multiple data sources and automate the de-duplication process with the help of data mining techniques. A series of experiments have been conducted to prove that the proposed approach can effectively and efficiently handle the location data integration tasks.