The document discusses a proposed framework for improving security in Internet of Things (IoT) systems. It begins with background on the need for improved IoT security and outlines requirements for a new framework. The proposed framework utilizes concepts from cartel sustainability and secure network collaborations to facilitate data and information sharing across organizational boundaries with minimum risk. It involves using a "netchain" approach combining supply chain and network analysis, along with a centralized database coupled with security policy hubs at each entity to contain security breaches. Semantic service level agreements (SLAs) would also be used to help govern and monitor sharing across the netchain.
2. ongoing international leadership and reputation in strategic IT, service innovation,
intelligent analytics & digital transformation
SELECTED AWARDS AND HONORS
2015 - IBM Faculty Award - Cognitive Assistance Framework for Watson
2014 - Association for Inf. Sys. ranked 5th in Top-100 World-wide IS Researchers
(Center for Services Leadership, Journal of Service Research, IEEE Computing Society,
Decision Sciences Journal of Innovative Education, PMI, etc.)
ACADEMIC EXPERIENCES: Professor of Service Innovation & Business Analytics;
Founder of Center for Information Based Management, University of Washington.
15+ years higher education teaching, and inter- and trans-disciplinary
applied research at U. of Washington, Arizona State U., U. of Florida, Sabanci,
Warwick, Exeter Universities
PROFESSIONAL EXPERIENCES: Co-Founder & Board of Director, International Society
of Service Innovation Professionals (with IBM, Cisco & HP); Service Innovation, IT,
Data Science & Analytics Strategist & Solution Architect. 20+ years professional work
& executive education experiences at 40+ Fortune 500 companies
SELECTED APPLIED RESEARCH ACCOMPLISHMENTS SINCE 2002
150+ publications including HBR, Informs, IEEE, ACM, and others
Co-Editor of a Book Collection Service Systems & Innovations in Business and Society
EDUCATION: Dual degree PhD in Information Systems & Operations Management;
PME & ME in Industrial & Systems Eng.; BS in Mechanical Eng; Certified PMP
WHO I AM - Haluk Demirkan, PhD & PMP
2
3. Service Innovation & Smart Service Systems
• Open service innovation, transformation & management
• Value co-creation, customer experience & outcome
• Service-orientation (e.g. service-oriented -data, -information,
-analytics, -architecture, -infrastructure, on-demand SCM)
Data, Analytics & Intelligence
• Strategic, tactical & operational decision making & planning
• Digital- , business-, social-, cloud, mobile-, video-, & stream-
intelligence & predictive analytics
• Data warehousing, big data analysis, cognitive business
Digital Transformation & Business IT Innovation Strategy
• Digital technology vision / leadership, transformation, process
& culture change
• Creation, measurement & management of IT enabled-services
• Recommendation engines for digital economy
• Internet-of-X; Enterprise-as-a-service, cloud & fog computing
specialties Strong business understanding with deep technical background
3
DATA GIG
14. “netchain analysis” combines supply and value chain
analysis research streams with network analysis research
a netchain is a set of networks comprised of horizontal ties
between nodes within a particular group such that these networks
(or layers) are sequentially arranged based on the vertical ties
between things in different layers.
Binary
organizational
data &
information
exchanges
19
Soper, D., Demirkan, H. and Goul, M. (2007) “A Proactive Interorganizational Knowledge-Sharing
Security Model with Breach Propagation Detection and Dynamic Policy Revision,” The Special
Issue on Secure Knowledge Management in Information Systems Frontiers, 9 (5), 469-479, Nov.
19. Entries into the Trust Repository
CONTEXT BASED Context Type = CT = {BP, SS, IR}
Business (sub) process = BP = {1, ……..B}
Software Service = SS = {1, ………S}
Infrastructure Resource = IR = {1, ………….I}
Organization 1 gives a context based trust ranking to Organization 2 = {O1
CT, O2
CT, TrustRankingCB}
TASK BASED Task Type = TT = {VC, VG, VA}
VCOR Process Category = VC = {1, ……..C}
VCOR Process Group = VG = {1, ……..G}
VCOR Activity = VA = {1, ………A}
Organization 1 gives a task based trust ranking to Organization 2 =
{O1
VC,VG,VA, O2
VC, VG,VA, TrustRankingTB}
COLLABORATION PATTERN
BASED
Authority Type = AT = {centralized, decentralized}
Pattern Role = PR = {People, System}
Organization 1 gives a collaboration pattern based trust ranking to Organization 2 = {O1
PR, O2
PR, AT,
TrustRankingCP}
ROLE BASED Roles in Organization 1 = R1 = {1, ………….r1}
Roles in Organization 2 = R2 = {1, ………….r2}
Organization 1 gives a role based trust ranking to Organization 2 =
{O1
R1, O2
R2, TrustRankingRB}
EXAMPLE
1 ) SLA-clause ::= (TRCB > 3) ^ (TRTB > 2) ^ (TRCP > 6) ^ (TRRB > 4)
Context Based Trust Rank is required to be greater than 3 and Task Based Trust Rank is required to be greater than 2 and Collaboration
Pattern Based Trust Rank is required to be greater than 6 and Role Based Trust Rank is required to be greater than 4 for this engagement.
2 ) SLA-clause ::= {[(CT | NULL) X (TT | NULL) X (PR-AT | NULL) X (R | NULL)] ,TR } >7
Any combination of trust rankings is required to be greater than 7. (Note: This implies that a single trust ranking may be in the
repository for a combination of, for example, context type and collaboration pattern. For that fixed combination, a query to the repository
would provide a single ranking. From the Boeing scenario, Boeing may wish to dictate that a direct partner may source a software
service from another partner using a centralized authority, but the trust ranking must be greater than 7.)
OPERATORS ::= {> | < | <= | >= | = | <>}
fn ::= {AVG | SUM | DIFFERENCE | /* other trust ranking aggregators */}
sub-clause ::= {(CT | TT | PR-AT | R) | [(CT | NULL) X (TT | NULL) X (PR-AT | NULL) X (R | NULL)} | (sub-clause) | (sub-clause AND sub-clause) |
(sub-clause OR sub-clause) | (NOT (sub-clause))
SLA-clause ::= sub-clause OPERATOR (TrustRanking | fn(TrustRanking)) | (SLA-clause) | (SLA-clause AND SLA-clause) | (SLA-clause OR SLA-clause)
| (NOT (SLA-clause))
Demirkan, H. and Goul, M. (2013) “Taking Value-Networks to the Cloud Services: Security Services, Semantics and Service
Level Agreements,” Information Systems and e-Business Management, 11 (1), March, 51-91. 28
27. Summary
The need for new collaboration and infrastructure models relevant
to today’s very complex and continuous innovation-required
business world are apparent.
Novel aspects of suitable models must reflect value-chained based
collaboration needs and requirements, and facilitate any security
issues.
Our approach to data & information security in netchains is
targeted at proactive governance of binary data & information
sharing exchanges through process patterns supported by the
emerging FERA standard.
In addition, the meta-policy provisions maintained in our policy hub
approach extend value chain collaboration advantages to the realm
of enhanced security.
By relying on VCOR semantics, specific provisions can be applied to
data & information sharing both vertically and horizontally within
netchains.
By using dynamic adaptation mechanisms to handle breaches as
facilitated through netchain analysis, the security model can be
adapted as appropriate by netchain partners.
In short, the idea is to facilitate the handling of breaches by
automating as much of their root-cause detection as possible and
facilitating the exchange of revised trust profiles through closely
collaborating netchain subsets.
37