In response to recent financial scandals (e.g. those involving Enron, Fortis, Parmalat), new regulations for protecting the society from financial and operational risks of the companies have been introduced. Therefore, companies are required to assure compliance of their operations with those new regulations as well as those already in place. Regulations are only one example of compliance sources modern organizations deal with every day. Other sources of compliance include licenses of business partners and other contracts, internal policies, and international standards. The diversity of compliance sources introduces the problem of compliance governance in an organization. In this paper, we propose an integrated solution for runtime compliance governance in Service-Oriented Architectures (SOAs). We show how the proposed solution supports the whole cycle of compliance management: from modeling compliance requirements in domain-specific languages through monitoring them during process execution to displaying information about the current state of compliance in dashboards. We focus on the runtime part of the proposed solution and describe it in detail. We apply the developed framework in a real case study coming from EU FP7 project COMPAS, and this case study is used through the paper to illustrate our solution.
Industry's Best Automotive Cybersecurity Training CourseBryan Len
Have you at any point pondered that autonomous driving framework carry life to your driving , as well as make the framework inclined to cybersecurity dangers. Figure out how it functions and how to fix it.
A connected vehicle is one that can impart bi-directionally with different systems outside of the vehicle (LAN).
Why this training is important for you?
Industry pioneers report that autos today have up to 150 electronic control units. By 2030 autos are relied upon to have 300 million lines of programming code (the present vehicles have around 100 million lines of code).
Tonex offers Automotive Cybersecurity Training Course, a 3-day class that covers all parts of cybersecurity inside the setting of street vehicles.
Get familiar with about automotive cybersecurity.
Course planned for:
Application developers
Automotive Engineering Manager
Automotive Product & Infrastructure
Automotive Verification and Validation Engineers
Autonomous Vehicle Development Software and Hardware Engineers
Chief Security Officers (CSO)
Chief Information Security Officers (CISO)
Chief Information Officers (CIO) and IT Security
Takeaways from this course include:
Looking at how to fit cybersecurity in automotive embedded systems
Basics of automotive cybersecurity, for example, CIA (Confidentiality, Integrity and Availability), Threat, Threat Agents/Vectors, Vulnerability
Basics of Embedded Systems
Vulnerabilities in automotive embedded systems
Embedded equipment and firmware examination
More
Course Modules:
Cybersecurity Applied to Automotive
Introduction to Embedded Systems and their Applications in Automotive
Automotive Cybersecurity Strategies
Embedded System Vulnerability Analysis
Automotive Cybersecurity and Layers of Protection
Cybersecurity Best Practices for Modern Vehicles
Case Study and Workshop and more.
Request more information regarding automotive cybersecurity. Visit tonex.com for course and workshop detail.
Industry's Best Automotive Cybersecurity Training Course
https://www.tonex.com/training-courses/automotive-cybersecurity-training-course/
Infographic: Critical communication at the crossroadsPetr Nemec
Traditional PMR (Professional Mobile Radio) systems are well-established in critical communication resp. control room applications but mobile broadband technology is pushing into this mostly analogue domain.
What kind of development is expected in the coming years and how does that impact operators in their upgrading decision?
Is there a way to marry old and new technology and still adhere to the MPTT standards established in the latest 3GPP releases?
Industry's Best Automotive Cybersecurity Training CourseBryan Len
Have you at any point pondered that autonomous driving framework carry life to your driving , as well as make the framework inclined to cybersecurity dangers. Figure out how it functions and how to fix it.
A connected vehicle is one that can impart bi-directionally with different systems outside of the vehicle (LAN).
Why this training is important for you?
Industry pioneers report that autos today have up to 150 electronic control units. By 2030 autos are relied upon to have 300 million lines of programming code (the present vehicles have around 100 million lines of code).
Tonex offers Automotive Cybersecurity Training Course, a 3-day class that covers all parts of cybersecurity inside the setting of street vehicles.
Get familiar with about automotive cybersecurity.
Course planned for:
Application developers
Automotive Engineering Manager
Automotive Product & Infrastructure
Automotive Verification and Validation Engineers
Autonomous Vehicle Development Software and Hardware Engineers
Chief Security Officers (CSO)
Chief Information Security Officers (CISO)
Chief Information Officers (CIO) and IT Security
Takeaways from this course include:
Looking at how to fit cybersecurity in automotive embedded systems
Basics of automotive cybersecurity, for example, CIA (Confidentiality, Integrity and Availability), Threat, Threat Agents/Vectors, Vulnerability
Basics of Embedded Systems
Vulnerabilities in automotive embedded systems
Embedded equipment and firmware examination
More
Course Modules:
Cybersecurity Applied to Automotive
Introduction to Embedded Systems and their Applications in Automotive
Automotive Cybersecurity Strategies
Embedded System Vulnerability Analysis
Automotive Cybersecurity and Layers of Protection
Cybersecurity Best Practices for Modern Vehicles
Case Study and Workshop and more.
Request more information regarding automotive cybersecurity. Visit tonex.com for course and workshop detail.
Industry's Best Automotive Cybersecurity Training Course
https://www.tonex.com/training-courses/automotive-cybersecurity-training-course/
Infographic: Critical communication at the crossroadsPetr Nemec
Traditional PMR (Professional Mobile Radio) systems are well-established in critical communication resp. control room applications but mobile broadband technology is pushing into this mostly analogue domain.
What kind of development is expected in the coming years and how does that impact operators in their upgrading decision?
Is there a way to marry old and new technology and still adhere to the MPTT standards established in the latest 3GPP releases?
Make a booklet, entitled "Choose Respect" or write an advice column, called "Dear Teens" or do an essay entitled "Healthy Relationships" that advises other teenagers abot what you learned from the Choose Respect materials.
"IMS Challenges: Integration, Migration and creation of Sustainable business" presented at the ETSI workshop on "IMS Implementation, Deployment & Testing" in Sophia Antipolis, November 2010.
Make a booklet, entitled "Choose Respect" or write an advice column, called "Dear Teens" or do an essay entitled "Healthy Relationships" that advises other teenagers abot what you learned from the Choose Respect materials.
"IMS Challenges: Integration, Migration and creation of Sustainable business" presented at the ETSI workshop on "IMS Implementation, Deployment & Testing" in Sophia Antipolis, November 2010.
Publishing conference proceedings internationally: how does it workAliaksandr Birukou
In this presentation we look into main elements one has to consider when organizing an international conference. First, we describe the role of conference proceedings in CS and beyond. Second, we focus on the tasks of conference organizers. Third, we cover the peer review aspects and announce the new group CrossRef and DataCite start with this respect. We then cover indexing and dissemination as well as present several tips and guidelines for organizers of international conferences as well as the word of warning regarding predatory publishers.
В этой презентации мы рассмотрим основные элементы, которые необходимо учитывать при организации международной конференции. Во-первых, мы описываем роль материалов конференций в компьютерных науках и других областях. Во-вторых, мы концентрируемся на задачах организаторов конференции. В-третьих, мы рассмотрим аспекты рецензирования и расскажем о работе группы CrossRef и DataCite. Затем мы расскажем об индексировании и распространении, а также представим несколько советов и рекомендаций для организаторов международных конференций, а также предостережём о феномене хищнических издателей и конференций.
Технические аспекты публикации на нескольких языках – как правильно связать DOIAliaksandr Birukou
Доклад призван оспорить утверждение "объединить же ссылки на версии одной и той же статьи в журналах разных издательств не представляется возможным (DOI пока эту задачу не решает)".
Мы рассмотрим проблему публикации на нескольких языках. После рассмотрения этических аспектов (исключение дублирования публикаций, проверки заимствований на разных языках Диссернетом) и влияния многоязычных публикаций на наукометрические показатели, мы перейдем к существующим примерам. Текущие практики включают в себя а) использование одного DOI одним издателем, б) использование разных DOI одним издателем, в) использование разных DOI разными издателями (в журналах РАН и в независимых журналах). Мы рассмотрим существующие решения для связи публикаций на нескольких языках, такие как Math-Net.Ru и проанализируем плюсы и минусы различных решений.
После этого, мы предложим решение связывания DOI различных версий статьи с помощью нового механизма Crossref и рассмотрим как этот механизм используется международными и российскими журналами. Мы надеемся, массовый переход журналов на использование этого механизма не только исключит этические проблемы, но и поможет международным наукометрическим базам организовать правильный подсчет цитат.
Conference Identity: persistent identifiers for conferencesAliaksandr Birukou
Conferences are an essential part of scholarly communication. However, like researchers and organizations they suffer from the disambiguation problem, when the same acronym or the conference name refers to very different conferences. In 2017, Crossref and DataCite started a working group on conference and project identifiers. The group includes various publishers, A&I service providers, and other interested stakeholders. The group participants have drafted the metadata specification and gathered the feedback from the community.
In this talk, we would like to update the VIVO participants with where we stand with the PIDs for conferences, conference series and Crossmark for proceedings and are inviting the broader community to comment.
Read the CrossRef post for more info about the group:
https://www.crossref.org/working-groups/conferences-projects/
Authors: Aliaksandr Birukou and Patricia Feeney
Springer LOD conference portal. Demo paper - screenshotsAliaksandr Birukou
This is a slide deck with main features I have used as a backup for the demo at The 16th International Semantic Web Conference – ISWC2017 in Vienna next week. Many thanks to Volha Bryl and Andrey Gromyko from Net Wise for helping me to prepare the demo, as well as Alfred Hofmann (Lecture Notes in Computer Science (LNCS) ) and Henning Schoenenberger (Knowledge Graph (SN SciGraph) ) for continuous support. Of course, this is also based on the earlier work of Markus Kaindl and Kai Eckert from Stuttgart Media University.
If you want to read the original paper - here it is: http://birukou.eu/publications/papers/201710Birukou-ISWC2017-springer-lod.pdf
PersistentIDs and CrossMark for Conference ProceedingsAliaksandr Birukou
These slides present the main achievements (as of October 2017) in the CrossRef group on Persistent Conference IDs and the related projects. In particular, the proposal for the metadata for conference series and conferences and CrossMark for proceedings are described.
Publishing conference proceedings internationally: Tips and tricksAliaksandr Birukou
In this presentation we look into main elements one has to consider when organizing an international conference. First, we describe the role of conference proceedings in CS and beyond. Second, we focus on the tasks of conference organizers. Third, we cover the peer review aspects and announce the new group CrossRef and DataCite start with this respect. We then cover indexing and dissemination, including Springer Nature Linked Open Data portal, http://lod.springer.com. We finalize the presentation with several tips and guidelines for organizers of international conferences as well as the word of warning regarding predatory publishers.
Linked Open Data about Springer Nature conferences. The story so farAliaksandr Birukou
Despite many efforts for making data about scholarly publications available on the Web of Data, lots of information about academic conferences is still contained in (at best) free-text format. When available in a structured format, these data would provide an essential input for the decisions researchers, libraries, publishers, funding and evaluation bodies take every day.
This talk will describe the project about having such data available as Linked Open Data (LOD) at lod.springer.com for around 10,000 computer science conferences. In addition, we will have a closer look at the lessons learnt from launching this portal and cover other Linked Data projects in Springer Nature. Finally, a novel semi-automated approach for classifying conference proceedings in Springer Nature will also be presented.
Creating a dataset of peer review in computer science conferences published b...Aliaksandr Birukou
Computer science (CS) as a field is characterised by higher publication numbers and prestige of conference proceedings as opposed to scholarly journal articles. In this presentation we present preliminary results of the extraction and analysis of peer review information from computer science conferences published by Springer in almost 10,000 proceedings volumes. The results will be uploaded to lod.springer.com, with the purpose of creation of the largest dataset of peer review processes in CS conferences.
This presentation describes linked open data pilot run in Springer. During the pilot the data about conferences in computer science will be made publicly available as Linked Open Data (LOD)
Presentation about the LiquidPub project at Librinnovando 2010. Explains main research directions of the project and the ideas behind LiquidBooks and InstantCommunities
Is peer review any good? A quantitative analysis of peer reviewAliaksandr Birukou
This is a presentation of the paper in which we focus on the analysis of peer reviews and reviewers behavior in conference review processes. We report on the development, definition and rationale of a theoretical model for peer review processes to support the identification of appropriate metrics to assess the processes main properties. We then apply the proposed model and analysis framework to data sets about reviews of conference papers. We discuss in details results, implications and their eventual use toward improving the analyzed peer review processes.
This presentation introduces LiquidJournals, a tool for dissemination of scientific knowledge in web era. It also shows mockups and screenshots of the prototype which we are developing (1st version - end of June 2010)
The slides of the invited talk Maurizio Marchese from the LiquidPub team gave at the Workhop on Automated Experimentation at e-Science Institute, Edinburgh, February 24th, 2010
Slides about LiquidPub project, presented at the 2nd Snow Workshop
http://wiki.liquidpub.org/mediawiki/index.php/Second_Workshop_on_Scientific_Knowledge_Creation%2C_Dissemination%2C_and_Evaluation
Slides about LiquidPub project, presented at the 2nd Snow Workshop
http://wiki.liquidpub.org/mediawiki/index.php/Second_Workshop_on_Scientific_Knowledge_Creation%2C_Dissemination%2C_and_Evaluation
Slides presented at the 2nd Snow Workshop (http://wiki.liquidpub.org/mediawiki/index.php/Second_Workshop_on_Scientific_Knowledge_Creation%2C_Dissemination%2C_and_Evaluation)
"LiquidPub: Services at Service of Science". Invited talks of Fabio Casati at the European Conference on Web Services 2009 and in the Politechnico di Milano
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Neuro-symbolic is not enough, we need neuro-*semantic*
An Integrated Solution for Runtime Compliance Governance in SOA
1. An Integrated Solution for Runtime Compliance Governance in SOA Aliaksandr Birukou , Vincenzo D’Andrea, Frank Leymann, Ja- cek Serafinski, Patricia Silveira, Steve Strauch, Marek Tluczek COMPAS Compliance-driven Models, Languages, and Architectures for Services "The COMPAS project will design and implement novel models, languages, and an architectural framework to ensure dynamic and on-going compliance of software services to business regulations and stated user service-requirements. COMPAS will use model-driven techniques, domain-specific languages, and service-oriented infrastructure software to enable organizations developing business compliance solutions easier and faster“ http://www.compas-ict.eu
2.
3. Do I care about compliance ? Image from http://www.blogfinanza.com/wp-content/uploads/2010/09/banca1.jpg ECB Image from http://www.exponent.com/Nuclear-Plant-Services-Capabilities/ AEG GSE http://altocasertano.files.wordpress.com/2007/12/rifiuti1.jpg Ministry of Natural Resources http://www.seebiz.eu/hr/tvrtke/transport/pevec-transporti-u-stecaju,65063.html Ministry of transportation Legge n.6 06/02/2009 Legge n. 152 13/08/2010 Sarbanes-Oxley Act Basel III Direttiva 2010/40/UE Direttiva 2009/548/CE Decreto 10/09/2010 Direttiva 2008/763/CE
6. 2010 GRC software investments priorities Source: AMR Research, 2009 18% Compliance management 17% 16% Business process management 15% Continuous control monitoring Security (internal/external) Risk management Sustainability software Documents/record management Reporting 14% 12% 11% 10% Investments priorities
7.
8. Case study: Advanced Telecom Services Internet Internet ... Audio providers Video providers MVNO company AudioSport License FootballGames License EU MVNO directives Austria Telecommunication Act 2003 Bob Alice Carol Customer contracts
9.
10. Compliance governance in COMPAS Internalization Design Regulations, business contracts, standards Internal policies Business processes Events Execution data Internal evaluation Business execution Auditor Runtime compliance governance
12. 1. Selecting compliance sources and requirements Pay-per-view plan When MVNO company subscribes for the Pay-per-view plan it has to pay 29.90 euro first and then receive 300 streams from the media supplier Composition permission VideoSport can only have audio streams from AudioSport Availability The WatchMe service must deliver a valid URL at least in 90% of requests per customer subscription. VideoSport License FootballGames License EU MVNO directives Austria Telecommunication Act 2003 Customer contracts
Solutions like COMPAS can help companies to save those money buy providing more automated controls
COMPAS – Compliance-driven Models, Languages and Architectures for services
The case study we consider deals with telecommunication domain[CLICK] There is a Virtual Mobile Network Operator which uses network of other operators to provide additional services[CLICK] It combines video and audio from different content providers and streams sport content to its customers over the internet This case study focuses on particularly challenging evnironment, since network infrastructure and many applications that provide service components are owned and managed by different interprises, including third party application providers, network carriers and the MVNO company. The business of the MVNO company must run in accordance with different regulations.[CLICK] And it also must adhere contracts with audio and video providers and contracts of their customers. So, it faces the problem of ensuring the compliance with all those regulations. If they do not comply they can be sued by the companies, loose customers, or loose a lot of money in fines because of not following legislation. Now we will show how our approach allows the company to deal with those concerns in a systematic manner.
selecting the sources to be compliant with and designing corresponding compliance requirements; (2) (re-)designing business processes compliant with the selected requirements; (3) monitoring compliance of processes during their execution; (4) informing interested parties (managers, auditors) on the current state of compliance; (5) taking specific actions or chang- ing the processes in cases of (predicted or happened) non-compliance. DESIGN ASPECTS – in parallel session