Value Modeling and Security Needs - Ontario Tech U · 1 Value Modeling and Security Needs Andreas...
Transcript of Value Modeling and Security Needs - Ontario Tech U · 1 Value Modeling and Security Needs Andreas...
1
Value Modeling and Security Needs
Andreas Wombacher
University of Twente, Information System Group
2
Motivation (1/2)
1. A business information system is a complex system with many stakeholders
2. A way to deal with complexity is the adoption of a multi-perspectives approach
3. Perspectives are independently developed and, therefore, most likely inconsistent
• different design methodologies
• opposing stakeholder goals
• conflicting knowledge
• incompatible modeling notations
2
3
Motivation (2/2)
Three perspectives
Pair-wise consistency
Global consistency
Economic value
• creation of value
• incentives to do
business
Business processes
• coordination of
activities
Application
communication
• data exchange
4
Outline
introduction value model
security
consistency of viewpoints
3
5
����������
������
� ��
�����������
��
���������
������
��
�� ���
���
�����������
������ ��
�� ���
���
���������
��������
� ��
������� ���
������
��������
����������
���������
���������
�������
�����
��������� ������ ��
������� ������ ��
How to develop a new business idea?
6
Step 1:Get an e-Commerce idea (I)
innovative idea must be therenot part of e3-valuefind ideas using
brainstorm workshopsbe aware of paradigm shifts
state the business idea brieflyone-line stating the ideakey goals to be achieved by the ideakey actors and value activities involvedgoods & service offered & requestedtake an end-consumer perspective
• why would someone buy the product in the first place?
Important resulttentative list of participating actors either
by name or by role
Requests
Offerings
Actors
Goals
Idea
4
7
Example – business idea
buyer seller
warehousetransport
8
Step 2: Build a value model:Ports, Interfaces & Exchanges, Value Objects (1)
to find ports/objects:consider consumer need/start stimulus
• Buyer/ Productconsider economic reciprocal ports
• Buyer/ Moneyconsider causally related/dependent ports
• Seller/ Moneyconsider bundling/cross selling ports
• none
to determine direction of ports:direction implies change of ownershipor right granted
5
9
Step 2: Build a value model:Ports, Interfaces & Exchanges, Value Objects (2)
value interface represents economic reciprocity
“I exchange something with you, only if I get
something in return”
socket-rule:
• an interface contains an in-going and
out-going offering
or: moving one good triggers another good’s move
NO FREE LUNCH!!
value objects should be of value for someone
use proper naming to demonstrate this
10
Step 2: Build a value model:Identification of scenario paths (1)
need to know where an exchange begins, where it
stops and what happens in between
objects delivered should be produced and/or
obtained
• paths help to identify new exchanges
6
11
Step 3: De & Reconstruct a Value Model Handling Variation of a Value Model
Rationale:e-Commerce decisions are mainly about (shifts in) who is doing whatexamples
• payment: (new) Banks• delivery: logistic partner or electronically• …
basic idea:• take out value activities from actors• deconstruct• re-assign value activities to actors
12
Step 4: evaluate a value model
1. take an enterprise perspective rather than an end-consumer perspective
2. create a profitability sheetassign economic value to objects
3. assess evolutionary scenarios, what if:
actors evaluate objects differently
scenario occurrences /path likelihood change
structure of the value model changes
7
13
Step 4: evaluate a value model
���� What happens if …???
205,600102,000-19.200decrease in warehouse sales
-8,600346,800164,400decrease in direct sales
26,68010,200-28,560forecast >> actual
133,800102,000164,400Null scenario
Ware-house
BuyerSellerScenarios
Profit
���� make a business decision
14
e3-value considers three Viewpoints
8
15
Outline
introduction value model
security
consistency of viewpoints
16
Security
security is crucial for running a business
however…
• usability
• maturity of technology
• critical mass of distribution
• investment costs
• transactional costs
how much is a customer willing to pay for extra security
• profitability analysis
9
17
Design alternatives
several models represent business idea
• decision on right alternatives
• assume single value model
• decide on business model
multi-attributive decision making
function first
secondary features
• security
• QoS
• ….
18
����������
������
� ��
�����������
��
���������
������
��
�� ���
���
���������
��������
��
�� ���
���
���������
��������
� ��
������� ���
������
��������
����������
���������
���������
�������
�����
��������� ������ ��
������� ������ ��
How to develop a new business idea?
check consistency &
decide on design
alternatives
10
19
Security aspects
add security features to models
value model
• structured value objects based on taxonomy
• consideration of security risk
activity diagram
• security mechanisms for communication
• internal security mechanisms
¤ reduction of risk in value model
decide consistency considering security
20
Outline
introduction value model
security
consistency of viewpoints
11
21
Consistency of viewpoints
Three perspectives
Pair-wise consistency
Global consistency
Economic value
• creation of value
• incentives to do
business
Business processes
• coordination of
activities
Application
communication
• data exchange
22
Example – business idea
buyer seller
warehousetransport
12
23
Example – economic value perspective
24
Example – business processesperspective
13
25
Intuitive consistency definition
an activity diagram and an e3-value model are consistent if:
1. for every alternative dependency path in the value model, an execution sequences exists in the process model such that exactly the product value exchanges described by the path are executed and
2. for every execution sequence in the process model, there exist a dependency path in the value model such that it is possible to bind all exchanged products to all product value exchanges
26
Approaches to consistency
direct translation from specification to specification
• alternatives cannot be translated
• only bilateral consistency checks
• global consistency (loss of information or many translations)
common semantic model
• alternatives cannot be translated
• global consistency (less translations)
our approach
• common semantic model
• applied on separated alternatives
14
27
Notation specificities
e3-value model
1. reciprocity
2. no sequence of value
object exchanges
3. actor
4. value exchange
5. product, service, and
experience types of value
objects
activity diagram
1. no reciprocity
2. sequence of message
exchanges and sequence
of activities
3. swimlane
4. message exchange
5. pure coordination
messages
28
Common semantic model
business unit (unit) - profit and loss responsible organizational unit
common value object (common object) – coordination object with economic value
��������
����
���� ��������
common value exchange (common exchange) –bilateral exchange of a common object between units
15
29
Mapping between concepts
message flow (object flow)
common exchange
value exchange
message (object)common objectvalue object
swimlaneunitactor
activity diagramreduced modele3-value model
30
Mapping between concepts (illustration)
business unit
common value object
common value exchange
16
31
Mapping between instances
cardinality
• one-to-one
• one-to-many
• many-to-many
mapping tables
32
Mapping between instances (illustration)
ShipperShipperShipper
SellerSellerSeller
BuyerBuyerBuyer
Activity
diagram
Reduced
model
e3-value
model
FeeFeeFee
TransportTransport
MoneyMoneyMoney
Cash
Off-the-
shelf
product
ProductProductProduct
Activity
diagram
Reduced
model
e3-value
model
17
33
Transformations
from an e3-value model to reduced models
1. separate alternatives
2. build transformation tables
3. generate reduced models
from an activity diagram to reduced models
1. remove choices
2. build transformation tables
3. generate reduced models
34
Transformation from an e3-valuemodel to reduced models
1.
2.
3.
18
35
Transformation from an activity diagram to reduced models (1/2)
1.
2.
36
Transformation from an activity diagram to reduced models (2/3)
2.
3.
19
37
Definition of consistency
two model are consistent if their reduced models are equivalent.
two reduced models are equivalent if:
• each reduced model contains the same business units;
• each reduced model contains the same common value objects;
• in each reduced model, the sending and receiving business units of a particular common value object are the same.
38
Transformation results
acti
vit
y d
iag
ram
e
3-v
alu
em
od
el
security covered by mapping of common objects
models are intuitively consistent, but not according to our consistency check
20
39
Tra
ns
itive
clo
su
re
activity diagram + activity diagram
transitive closure
40
Tra
ns
form
atio
n +
tran
sitiv
e c
los
ure
activity diagram e3-value model
21
41
Conclusion
introduction value model
discussion of security in design process
extending value model by security
consistency definition as a basis for deciding design alternatives
42
Further work
bilateral consistency with the third perspective
global consistency
making security more explicite
22
43
Acknowledgment
• Zlatko Zlatev
• Maya Daneva
44
Thank you!
Questions…