This paper aims to build a responsibility model based on accountability, capability, and commitment. The model's objectives are to help organizations verify their structure and detect policy problems. It also provides a framework for organizations to define corporate, security, and access control policies. The paper reviews previous research and proposes a responsibility model using UML and a formal representation using logic. It analyzes whether responsibility is perceived at the user or company level.
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It begins with an introduction and overview of policy-related research fields. The review finds that papers often reference organizational model layers but do not specify the underlying policy model. The document then analyzes how responsibility concepts like capability, accountability, and commitment are addressed in access control models and engineering methods. The goal is to orient further research on an innovative policy model and engineering method that incorporates responsibility.
The document discusses using patterns and social network analysis to manage competencies in collaborative networks. It proposes modeling a collaborative network using i* modeling to define actors, their intentions, and dependencies. Social network analysis measures like closeness and betweenness are then used to define patterns of interactions. These patterns and the network model can be used to extract competencies of members and identify competencies needed to bridge gaps between intentions and reality. The approach aims to fill the gap between intended and actual collaboration. Future work should consider contextual factors and empirical pattern evaluation.
Redundancy: Bounded or Generative Order? Co-Evolutionary Change Manager Skill...Marinella De Simone
The dominance of a reductionist approach in studies of managerial science has confined attention of researchers to the coarse aspects of the organization and its regularity. The method of analysis and solution of the problem has been to cancel interference generating unpredictability. The manager has been considered a major player in decision-making models based on the relationship between computational ‘facts’. The separation between the complexity of events and management skills has become increasingly wide. It is urgent to rethink theories and managerial skills that may consider human actions as carriers of meanings, the organizations as emergent relationships based on ‘values’ and organizational change as a permanent process of development and evolution of personal know-how. Our contribution to the role of redundancy is part of the mainstream studies of organizational change best practices. Our view is that change creativity is a property of ‘relational activity’ and that it is necessary that management is able to acquire those ‘subtle skills’, both in studies and in practice, to be a ‘co-generator of organizational values and well-being’.
Flevy.com - Structured Communication, Presentation Development, and Storyboar...David Tracy
This is a partial preview of the document found here:
https://flevy.com/browse/business-document/structure-communication-presentation-development-storyboarding-96
Description:
This presentation talks to the topics of structure communication, presentation development, and storyboarding. These topics related to formulating a cohesive, powerful business presentation.
This document discusses building a responsibility model using modal logic. It begins with a literature review of existing policy models and engineering methods related to concepts of accountability, capability and commitment. It identifies that while some concepts like rights and roles are commonly addressed, models do not fully cover all responsibility components. The document then proposes a preliminary responsibility model and defines the main concepts of capability, accountability and commitment. It suggests a formalization of these concepts using deontic logic to help analyze organizational structures and policies for consistency and problems.
The problem of user designer relations in technolgy production, formattedPekka Muukkonen
This document discusses problems in the relationship between users and designers in technology production. It compares the approaches of Business Process Reengineering (BPR) and Rational Unified Process (RUP) with Participatory Design (PD). BPR and RUP take a top-down, formal approach that designs processes and systems away from the actual use context, while PD actively involves end-users to incorporate tacit knowledge about work. The author argues that both approaches have value and that a successful design process should incorporate relevant aspects of each to build a system that meets the needs of all stakeholders. Representations used must capture knowledge in a way that is meaningful to users, managers, and developers.
System Dynamics Understanding: Part II - Connectivity-groupthink or heightene...Dr. Elliot Bendoly
Having the same information is certainly not the same as sharing common approaches to thinking about problems. Nor is it equivalent to acquiescing independent thought to that of others (groupthink). Yet with all of the research on information sharing and group work in operations contexts, these distinctions have seldom been made. As normative researchers continue to pursue ways to incorporate human behavior into their models, this lack of distinction may prove misleading. Fortunately recent methods for measuring an individual’s strength in a particular approach to thinking have been applied to empirically demonstrate its value above and beyond other forms of expertise. Specifically the extent to which individuals share an understanding of system dynamics principles has been shown to yield performance benefits in team project settings. Competing against this view are recent normative models such as that of LiCalzi and Surucu (2012) in which such a lack of diversity contributes to phenomena such as groupthink, thus limiting the ability of a team to success in project work. This study reconciles these perspectives using the LiCalzi-Surucu model as a foundation for capturing competing effects on a typical performance measure for SCM technology implementation teams: schedule adherence. The results support the idea that both benefits and penalties may derive from increased levels of shared system dynamics understanding. The overall impact appears highly nonlinear. Nevertheless where there are certain domains in which benefits appear offset by losses, schedule adherence seems to be a strictly non-decreasing function of this understanding. Implications for both research and practice are discussed.
Jobst Landgrebe The HL7 Services Aware Interoperability Framework (SAIF)Barry Smith
The document summarizes the Health Level 7 (HL7) approach to semantic interoperability and its Services Aware Interoperability Framework (SAIF). It finds that HL7's previous approach using the Reference Information Model (RIM) failed due to disconnection from users, lack of proper foundations, and technical issues. It also finds that the SAIF does not meet the needs of an interoperability framework and will not overcome HL7's crisis because it fails to realize necessary principles, has an inconsistent architecture, and cannot be instantiated. The authors recommend replacing SAIF with a new approach based on fundamental reassessment and using existing standards.
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It begins with an introduction and overview of policy-related research fields. The review finds that papers often reference organizational model layers but do not specify the underlying policy model. The document then analyzes how responsibility concepts like capability, accountability, and commitment are addressed in access control models and engineering methods. The goal is to orient further research on an innovative policy model and engineering method that incorporates responsibility.
The document discusses using patterns and social network analysis to manage competencies in collaborative networks. It proposes modeling a collaborative network using i* modeling to define actors, their intentions, and dependencies. Social network analysis measures like closeness and betweenness are then used to define patterns of interactions. These patterns and the network model can be used to extract competencies of members and identify competencies needed to bridge gaps between intentions and reality. The approach aims to fill the gap between intended and actual collaboration. Future work should consider contextual factors and empirical pattern evaluation.
Redundancy: Bounded or Generative Order? Co-Evolutionary Change Manager Skill...Marinella De Simone
The dominance of a reductionist approach in studies of managerial science has confined attention of researchers to the coarse aspects of the organization and its regularity. The method of analysis and solution of the problem has been to cancel interference generating unpredictability. The manager has been considered a major player in decision-making models based on the relationship between computational ‘facts’. The separation between the complexity of events and management skills has become increasingly wide. It is urgent to rethink theories and managerial skills that may consider human actions as carriers of meanings, the organizations as emergent relationships based on ‘values’ and organizational change as a permanent process of development and evolution of personal know-how. Our contribution to the role of redundancy is part of the mainstream studies of organizational change best practices. Our view is that change creativity is a property of ‘relational activity’ and that it is necessary that management is able to acquire those ‘subtle skills’, both in studies and in practice, to be a ‘co-generator of organizational values and well-being’.
Flevy.com - Structured Communication, Presentation Development, and Storyboar...David Tracy
This is a partial preview of the document found here:
https://flevy.com/browse/business-document/structure-communication-presentation-development-storyboarding-96
Description:
This presentation talks to the topics of structure communication, presentation development, and storyboarding. These topics related to formulating a cohesive, powerful business presentation.
This document discusses building a responsibility model using modal logic. It begins with a literature review of existing policy models and engineering methods related to concepts of accountability, capability and commitment. It identifies that while some concepts like rights and roles are commonly addressed, models do not fully cover all responsibility components. The document then proposes a preliminary responsibility model and defines the main concepts of capability, accountability and commitment. It suggests a formalization of these concepts using deontic logic to help analyze organizational structures and policies for consistency and problems.
The problem of user designer relations in technolgy production, formattedPekka Muukkonen
This document discusses problems in the relationship between users and designers in technology production. It compares the approaches of Business Process Reengineering (BPR) and Rational Unified Process (RUP) with Participatory Design (PD). BPR and RUP take a top-down, formal approach that designs processes and systems away from the actual use context, while PD actively involves end-users to incorporate tacit knowledge about work. The author argues that both approaches have value and that a successful design process should incorporate relevant aspects of each to build a system that meets the needs of all stakeholders. Representations used must capture knowledge in a way that is meaningful to users, managers, and developers.
System Dynamics Understanding: Part II - Connectivity-groupthink or heightene...Dr. Elliot Bendoly
Having the same information is certainly not the same as sharing common approaches to thinking about problems. Nor is it equivalent to acquiescing independent thought to that of others (groupthink). Yet with all of the research on information sharing and group work in operations contexts, these distinctions have seldom been made. As normative researchers continue to pursue ways to incorporate human behavior into their models, this lack of distinction may prove misleading. Fortunately recent methods for measuring an individual’s strength in a particular approach to thinking have been applied to empirically demonstrate its value above and beyond other forms of expertise. Specifically the extent to which individuals share an understanding of system dynamics principles has been shown to yield performance benefits in team project settings. Competing against this view are recent normative models such as that of LiCalzi and Surucu (2012) in which such a lack of diversity contributes to phenomena such as groupthink, thus limiting the ability of a team to success in project work. This study reconciles these perspectives using the LiCalzi-Surucu model as a foundation for capturing competing effects on a typical performance measure for SCM technology implementation teams: schedule adherence. The results support the idea that both benefits and penalties may derive from increased levels of shared system dynamics understanding. The overall impact appears highly nonlinear. Nevertheless where there are certain domains in which benefits appear offset by losses, schedule adherence seems to be a strictly non-decreasing function of this understanding. Implications for both research and practice are discussed.
Jobst Landgrebe The HL7 Services Aware Interoperability Framework (SAIF)Barry Smith
The document summarizes the Health Level 7 (HL7) approach to semantic interoperability and its Services Aware Interoperability Framework (SAIF). It finds that HL7's previous approach using the Reference Information Model (RIM) failed due to disconnection from users, lack of proper foundations, and technical issues. It also finds that the SAIF does not meet the needs of an interoperability framework and will not overcome HL7's crisis because it fails to realize necessary principles, has an inconsistent architecture, and cannot be instantiated. The authors recommend replacing SAIF with a new approach based on fundamental reassessment and using existing standards.
1. Logical Argument Mapping (LAM) is a method for building common ground through cognitive change using logical argument diagrams. It aims to make implicit assumptions and limitations explicit to promote reflection.
2. LAM uses valid argument schemes as a normative standard, challenging users to represent arguments fully and address objections. This process reveals gaps and drives users to continually improve understanding.
3. For cognitive change to occur, relevant information must be visible while reducing cognitive load. LAM aims to integrate with the World Wide Argument Web to allow sharing of arguments.
An examination of the evidence supporting the idea that people may make up for lower cognitive ability by being more conscientious. This presentation, covering research in 2009, looks at the two different paths people can take to being high performers.
This document presents a study that aims to develop and validate a responsibility model to improve IT governance. It analyzes concepts of responsibility from literature and frameworks like COBIT. The researchers developed a responsibility model with key concepts like obligation, accountability, right, and commitment. They then compare this model to COBIT's representation of responsibility to identify areas for potential enhancement, like adding concepts that COBIT lacks. The document illustrates how the responsibility model could be used to refine COBIT's process for identifying system owners and their responsibilities.
This document summarizes a thesis about coopetition in inter-firm relationships. It finds that firms form coopetitive relationships to leverage accumulated alliance competences and pursue new business opportunities. It also finds that when firms engaged in partnership face restricted access to collective resources due to patent claims, they acquire and waive patent rights adjacent to the innovation. The thesis tests these hypotheses through case studies of IBM and Linux. It concludes that coopetition alters the assessment of resources, capabilities, and competences in inter-firm relationships.
Abstract: multi-agent systems and particularly bdi agents are mostly used in a wide range of projects, from agent-based simulations to air-traffic control. They all benefit from the autonomy and proactive behavior that provides agent-based architectures, as well as the characteristics of reasoning that are outlined by the bdi architecture. Thereforethe belief desire intention agent model and agentspeak language have becomea state-of-the-art and one of the challenging research subjects in the agent modeling and programming area.
In particular the bdi architecture is frequently used in the development of agents that try to simulate certainaspects of human behavior, and precisely perception and formulation of beliefs are two of the elements of bdiagents that require special attention in the development of such agents. Thiswork propose a way to extend the reasoning cycle algorithm on bdi agents, in a way that it allows to process inaccurate perceptions in the formulation of beliefs in such agents; it also shows an example implemented in agentspeak as well as the results of its execution within the jason interpreter.
The document discusses the General Endeavor Management (GEM) approach for managing enterprises. GEM views an enterprise as a single dynamic subsystem within a larger environment. It provides a methodology for moving an enterprise from its current "As-Is" state to a desired "To-Be" state through planning, execution, monitoring, and adjustment. GEM can support management at various scales from organizations to groups of nations. It aims to reduce complexity and inconsistency in enterprise management.
Case for-triz in-design-presentation-ramRamkumar Iyer
The document discusses using TRIZ, the theory of inventive problem solving, to systematically innovate user interfaces. It presents a framework that identifies contradictions in interface architecture aspects and maps them to TRIZ principles. This can help resolve the contradictions and suggest improvements. The case study on search engines shows applying this by identifying example contradictions like between interface richness and clarity, and mapping them to TRIZ solutions. The framework aims to facilitate systematic innovation of user interfaces.
The document defines and provides examples for various words related to concepts like abstraction, compliance, expediting tasks, diligence, relevance, dissent, reverence, extolling, reprehensible actions, advocacy, pragmatism, endorsement, redundancy, conspicuousness, incessance, rigor, scrutiny, and discord.
The newsletter provides the following information:
1) Susan Ardrey, a part-time reference librarian, retired in December 2009 after many years of service at Indiana University Kokomo in various roles.
2) A student donated materials from a World War II history class to the library's special collections, including books and an autobiography about the 100th Infantry Battalion.
3) The library has gained online access to over 1,100 Blackwell-published journal titles through a new agreement with Wiley InterScience.
Social Communities: Don’t end up making them virtual ghost towns.Sanjay Abraham
Social communities could add lot of value if it’s properly built and nurtured within an enterprise. More than a technology or platform, a Social Community is about people. There could be technology worth millions but if people are not engaging, the social communities are bound
to fail.
Blogging can be a way to make money if simple steps are followed such as going to the link provided, which likely details how to start a blog and monetize it through ads or affiliate marketing in order to earn income from the comfort of your own home. The document uses capital letters and exclamation points to emphasize that blogging can be an easy way for anyone to earn money online.
This document proposes a context-aware solution for dynamically assigning responsibilities and access rights to agents in a critical infrastructure security architecture during a crisis. It introduces the concept of agent responsibility, which is assigned based on the crisis type and severity. Responsibilities define an agent's obligations and accountabilities for tasks, as well as the necessary rights and capabilities. The architecture enhances an existing multi-agent reaction system called ReD by integrating a mechanism for dynamically changing responsibility assignments according to the crisis context, and granting access rights based on the agents' responsibilities. This allows the architecture to quickly adapt its response by reallocating functions when agents are compromised during an attack.
The document provides an overview of enterprise architecture. It defines enterprise architecture as the analysis and documentation of an enterprise from strategic, business, and technical perspectives. The overview discusses the key concepts of enterprise architecture including business networks, information flows, infrastructure, products/services, and transition planning. It also provides a high-level view of how enterprise architecture analyzes an organization's current and future state across technology, business, and strategy.
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It summarizes key access control models and discusses how they address concepts like capability, accountability, and commitment. The document also reviews engineering methods and how they incorporate responsibility considerations. The overall goal is to orient further research towards a new policy model and engineering method that more fully addresses stakeholder responsibility.
Preliminary literature review of policy engineering methodschristophefeltus
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It begins by discussing Camerer's observations that policy research often lacks agreed upon definitions, testing of theories against alternatives, and building upon previous work. It then reviews how responsibility is addressed in access control models like MAC, DAC, RBAC and UCON, noting they focus primarily on rights. Finally, it introduces the author's intention to propose a new policy model and engineering method that incorporates responsibility by considering stakeholders' capabilities, accountability and commitments, and uses requirements engineering principles while accounting for business processes.
The document presents a responsibility model that includes accountability, capability, and commitment. The objectives of the model are to help organizations verify their structure and detect policy problems. It also provides a conceptual framework to define corporate, security, and access control policies. The paper reviews previous research and proposes a UML model of responsibility integrating its main concepts and relationships. It also selects a formal system to formally represent the model.
Building a responsibility model including accountability capability and commi...christophefeltus
The document presents a responsibility model that includes accountability, capability, and commitment. It aims to help organizations verify their structure and detect policy problems. The model provides a literature review on responsibility concepts in access control models and engineering methods. It then proposes a formal representation of the responsibility model using UML and a formal logic system. The analysis shows that an important variable is whether responsibility is perceived at the user or company level.
Building a responsibility model using modal logicchristophefeltus
This document discusses building a responsibility model using modal logic concepts of accountability, capability, and commitment. It begins with a literature review of existing policy and access control models. The review finds that while concepts like rights, roles, and obligations are addressed, existing models do not fully cover all three responsibility concepts. The document then proposes a preliminary responsibility model and definitions for its components. It suggests a formalization of key concepts using deontic logic adapted from alethic logic. The goal is to provide a framework to define concepts, verify organizational structures, and detect policy issues.
Strengthening employee’s responsibility to enhance governance of it – cobit r...christophefeltus
This document presents a study that aims to develop and validate a responsibility model to improve IT governance. The researchers analyzed existing responsibility concepts from literature and frameworks like COBIT. They developed a UML model of responsibility with key concepts like obligation, accountability, right, and commitment. The researchers then compared their model to COBIT's representation of responsibility. They propose enhancements to COBIT based on responsibility concepts from their model, aiming to provide a common understanding of responsibility across frameworks to benefit IT governance. The paper illustrates proposed changes to COBIT's process for identifying system owners.
1. Logical Argument Mapping (LAM) is a method for building common ground through cognitive change using logical argument diagrams. It aims to make implicit assumptions and limitations explicit to promote reflection.
2. LAM uses valid argument schemes as a normative standard, challenging users to represent arguments fully and address objections. This process reveals gaps and drives users to continually improve understanding.
3. For cognitive change to occur, relevant information must be visible while reducing cognitive load. LAM aims to integrate with the World Wide Argument Web to allow sharing of arguments.
An examination of the evidence supporting the idea that people may make up for lower cognitive ability by being more conscientious. This presentation, covering research in 2009, looks at the two different paths people can take to being high performers.
This document presents a study that aims to develop and validate a responsibility model to improve IT governance. It analyzes concepts of responsibility from literature and frameworks like COBIT. The researchers developed a responsibility model with key concepts like obligation, accountability, right, and commitment. They then compare this model to COBIT's representation of responsibility to identify areas for potential enhancement, like adding concepts that COBIT lacks. The document illustrates how the responsibility model could be used to refine COBIT's process for identifying system owners and their responsibilities.
This document summarizes a thesis about coopetition in inter-firm relationships. It finds that firms form coopetitive relationships to leverage accumulated alliance competences and pursue new business opportunities. It also finds that when firms engaged in partnership face restricted access to collective resources due to patent claims, they acquire and waive patent rights adjacent to the innovation. The thesis tests these hypotheses through case studies of IBM and Linux. It concludes that coopetition alters the assessment of resources, capabilities, and competences in inter-firm relationships.
Abstract: multi-agent systems and particularly bdi agents are mostly used in a wide range of projects, from agent-based simulations to air-traffic control. They all benefit from the autonomy and proactive behavior that provides agent-based architectures, as well as the characteristics of reasoning that are outlined by the bdi architecture. Thereforethe belief desire intention agent model and agentspeak language have becomea state-of-the-art and one of the challenging research subjects in the agent modeling and programming area.
In particular the bdi architecture is frequently used in the development of agents that try to simulate certainaspects of human behavior, and precisely perception and formulation of beliefs are two of the elements of bdiagents that require special attention in the development of such agents. Thiswork propose a way to extend the reasoning cycle algorithm on bdi agents, in a way that it allows to process inaccurate perceptions in the formulation of beliefs in such agents; it also shows an example implemented in agentspeak as well as the results of its execution within the jason interpreter.
The document discusses the General Endeavor Management (GEM) approach for managing enterprises. GEM views an enterprise as a single dynamic subsystem within a larger environment. It provides a methodology for moving an enterprise from its current "As-Is" state to a desired "To-Be" state through planning, execution, monitoring, and adjustment. GEM can support management at various scales from organizations to groups of nations. It aims to reduce complexity and inconsistency in enterprise management.
Case for-triz in-design-presentation-ramRamkumar Iyer
The document discusses using TRIZ, the theory of inventive problem solving, to systematically innovate user interfaces. It presents a framework that identifies contradictions in interface architecture aspects and maps them to TRIZ principles. This can help resolve the contradictions and suggest improvements. The case study on search engines shows applying this by identifying example contradictions like between interface richness and clarity, and mapping them to TRIZ solutions. The framework aims to facilitate systematic innovation of user interfaces.
The document defines and provides examples for various words related to concepts like abstraction, compliance, expediting tasks, diligence, relevance, dissent, reverence, extolling, reprehensible actions, advocacy, pragmatism, endorsement, redundancy, conspicuousness, incessance, rigor, scrutiny, and discord.
The newsletter provides the following information:
1) Susan Ardrey, a part-time reference librarian, retired in December 2009 after many years of service at Indiana University Kokomo in various roles.
2) A student donated materials from a World War II history class to the library's special collections, including books and an autobiography about the 100th Infantry Battalion.
3) The library has gained online access to over 1,100 Blackwell-published journal titles through a new agreement with Wiley InterScience.
Social Communities: Don’t end up making them virtual ghost towns.Sanjay Abraham
Social communities could add lot of value if it’s properly built and nurtured within an enterprise. More than a technology or platform, a Social Community is about people. There could be technology worth millions but if people are not engaging, the social communities are bound
to fail.
Blogging can be a way to make money if simple steps are followed such as going to the link provided, which likely details how to start a blog and monetize it through ads or affiliate marketing in order to earn income from the comfort of your own home. The document uses capital letters and exclamation points to emphasize that blogging can be an easy way for anyone to earn money online.
This document proposes a context-aware solution for dynamically assigning responsibilities and access rights to agents in a critical infrastructure security architecture during a crisis. It introduces the concept of agent responsibility, which is assigned based on the crisis type and severity. Responsibilities define an agent's obligations and accountabilities for tasks, as well as the necessary rights and capabilities. The architecture enhances an existing multi-agent reaction system called ReD by integrating a mechanism for dynamically changing responsibility assignments according to the crisis context, and granting access rights based on the agents' responsibilities. This allows the architecture to quickly adapt its response by reallocating functions when agents are compromised during an attack.
The document provides an overview of enterprise architecture. It defines enterprise architecture as the analysis and documentation of an enterprise from strategic, business, and technical perspectives. The overview discusses the key concepts of enterprise architecture including business networks, information flows, infrastructure, products/services, and transition planning. It also provides a high-level view of how enterprise architecture analyzes an organization's current and future state across technology, business, and strategy.
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It summarizes key access control models and discusses how they address concepts like capability, accountability, and commitment. The document also reviews engineering methods and how they incorporate responsibility considerations. The overall goal is to orient further research towards a new policy model and engineering method that more fully addresses stakeholder responsibility.
Preliminary literature review of policy engineering methodschristophefeltus
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It begins by discussing Camerer's observations that policy research often lacks agreed upon definitions, testing of theories against alternatives, and building upon previous work. It then reviews how responsibility is addressed in access control models like MAC, DAC, RBAC and UCON, noting they focus primarily on rights. Finally, it introduces the author's intention to propose a new policy model and engineering method that incorporates responsibility by considering stakeholders' capabilities, accountability and commitments, and uses requirements engineering principles while accounting for business processes.
The document presents a responsibility model that includes accountability, capability, and commitment. The objectives of the model are to help organizations verify their structure and detect policy problems. It also provides a conceptual framework to define corporate, security, and access control policies. The paper reviews previous research and proposes a UML model of responsibility integrating its main concepts and relationships. It also selects a formal system to formally represent the model.
Building a responsibility model including accountability capability and commi...christophefeltus
The document presents a responsibility model that includes accountability, capability, and commitment. It aims to help organizations verify their structure and detect policy problems. The model provides a literature review on responsibility concepts in access control models and engineering methods. It then proposes a formal representation of the responsibility model using UML and a formal logic system. The analysis shows that an important variable is whether responsibility is perceived at the user or company level.
Building a responsibility model using modal logicchristophefeltus
This document discusses building a responsibility model using modal logic concepts of accountability, capability, and commitment. It begins with a literature review of existing policy and access control models. The review finds that while concepts like rights, roles, and obligations are addressed, existing models do not fully cover all three responsibility concepts. The document then proposes a preliminary responsibility model and definitions for its components. It suggests a formalization of key concepts using deontic logic adapted from alethic logic. The goal is to provide a framework to define concepts, verify organizational structures, and detect policy issues.
Strengthening employee’s responsibility to enhance governance of it – cobit r...christophefeltus
This document presents a study that aims to develop and validate a responsibility model to improve IT governance. The researchers analyzed existing responsibility concepts from literature and frameworks like COBIT. They developed a UML model of responsibility with key concepts like obligation, accountability, right, and commitment. The researchers then compared their model to COBIT's representation of responsibility. They propose enhancements to COBIT based on responsibility concepts from their model, aiming to provide a common understanding of responsibility across frameworks to benefit IT governance. The paper illustrates proposed changes to COBIT's process for identifying system owners.
This document discusses challenges with access rights management for information systems due to growing complexity from distributed systems and dynamic environments. It proposes an agent-based framework called SIM that focuses on aligning access policies with business objectives by linking them to processes and responsibilities defined in the ISO/IEC 15504 standard. The goals are to define policies based on business needs and automatically deploy them through IT infrastructure using a multi-agent system architecture.
An agent based framework for identity management the unsuspected relation wit...christophefeltus
The document discusses access rights management in information systems and proposes an innovative approach. It aims to better align access policies with business objectives by linking them to organizational processes and responsibilities. The approach uses concepts from the ISO/IEC 15504 process assessment standard to define policies based on processes, outcomes, roles and responsibilities. It then proposes a multi-agent system to automate deployment of access policies across IT systems and devices in a flexible way. The approach seeks to improve on existing identity management solutions which can be rigid and difficult to integrate across organizations.
Strengthening Employees Responsibility To Enhance Governance Of It Cobit Ra...guest418d60a0
The ongoing financial markets debacle and the global economic context advocate enhancing the governance of the companies and, de facto, improving the elaboration and the understanding of employees' responsibilities. Furthermore, the moral aspects of the business and the employees' commitment have appeared as becoming increasingly unavoidable to face emerging ethical challenges. These arising requirements have oriented our research toward the elaboration of an innovative responsibility model built on the concepts of obligation/accountability, right and commitment. This paper aims to present, validate and improve the responsibility model on the basis of a comparison to related concepts from the COBIT framework. In parallel to this improvement, proposals of conceptual modification of the COBIT framework are made and illustrated based on the RACI chart.
This document proposes an innovative approach called SIM (Secure Identity Management) that aims to make access management policies closer aligned with business objectives. It does this in two ways:
1) By focusing the policy engineering process on business goals and responsibilities defined in processes, using concepts from the ISO/IEC 15504 standard. This links capabilities and accountabilities to process outcomes and work products.
2) By defining a multi-agent system architecture to automate the deployment of policies across heterogeneous IT components and devices. The agents provide autonomy and ability to adapt rapidly according to context.
The approach was prototyped using open source components and aims to improve how access rights are defined according to business needs and deployed across an organization
Sim an innovative business oriented approach for a distributed access managementchristophefeltus
This document proposes an innovative approach called SIM (Secure Identity Management) that aims to define access control policies in a way that is closely aligned with business objectives. It does this by linking concepts from the ISO/IEC 15504 process-based model for organizing work to concepts of responsibility. The approach also defines a multi-agent system architecture to automate the deployment of access policies across an organization's heterogeneous IT components and devices. This provides autonomy and adaptability. The goal is to improve how access rights are defined according to business needs and how those rights are deployed throughout the IT infrastructure.
Methodology to align business and it policies use case from an it companychristophefeltus
This document proposes a methodology for aligning business and IT policies using a responsibility model. The methodology is a five-step approach consisting of collecting information, defining capabilities, accountabilities and commitments, linking responsibilities to processes, validating the model, and defining policies. It is illustrated with a case study from an IT company where they define an access control policy using this methodology and responsibility model. The responsibility model defines three components - capabilities, accountabilities, and commitments - to clarify roles and responsibilities for policy definition.
This document proposes a methodology for aligning business and IT policies using a responsibility model. The methodology is a five-step approach consisting of collecting information, defining capabilities, accountabilities and commitments, linking responsibilities to processes, validating the model, and defining policies. It is illustrated with a case study from an IT company where they define an access control policy using this methodology and responsibility model. The responsibility model defines three components - capabilities, accountabilities, and commitments - to clarify roles and responsibilities for policy definition.
DALL-E 2 - OpenAI imagery automation first developed by Vishal Coodye in 2021...MITAILibrary
The document provides a review of machine learning interpretability methods. It begins with an introduction to explainable artificial intelligence and a discussion of key concepts like interpretability and explainability. It then presents a taxonomy of interpretability methods that are divided into four main categories: methods for explaining black-box models, creating white-box models, promoting fairness, and analyzing model sensitivity. Specific machine learning interpretability techniques are summarized within each category.
The document discusses several major knowledge management models:
- The Nonaka and Takeuchi Knowledge Spiral Model describes how tacit and explicit knowledge can be transformed within an organization through four modes of knowledge conversion.
- The von Krogh and Roos Model distinguishes between individual and social knowledge and analyzes how knowledge is acquired and shared in organizations.
- The Choo Sense-Making KM Model focuses on sense making, knowledge creation, and decision making to help organizations adapt strategically.
- The Wiig Model emphasizes organizing knowledge for usefulness and outlines types and degrees of internalization of knowledge.
- The Boisot KM model conceptualizes knowledge as an "information good" that spreads differently depending on its
Component 2 Theorizing the act of project management.pdfAnatole9
The document discusses four conceptions of the relationship between project management theory and practice:
1) Project management as tacit knowledge with no attempt to theorize practice.
2) Project management as an applied science through standardized models and techniques.
3) Project management as an interpretive framework using descriptive theories.
4) Project management as reflective practice where theorization emerges from reflecting on practice situations. This conception proposes constructing pragmatic theories immersed in project realities.
The document summarizes the findings of an IBM study on complexity in IT systems. Key findings include:
1) There is no single agreed upon definition of complexity or approach to reducing it in IT.
2) Complexity depends highly on context and can be classified into different types.
3) Mathematical models from other fields may help understand complexity in IT if applied.
4) Complexity management has parallels to quality management that could be leveraged.
The study is a first step toward defining a discipline around IT complexity management.
State of the art of agile governance a systematic reviewijcsit
This document summarizes a systematic literature review on the state of agile governance. The review identified over 1,900 studies from 10 databases, of which 167 provided evidence to answer the research questions. The studies were organized into four major groups: software engineering, enterprise, manufacturing, and multidisciplinary. The review provides a definition of agile governance, six meta-principles, and a map of findings organized by topic and classified by relevance and convergence. The evidence suggests agile governance is a new, wide, and multidisciplinary area focused on organizational performance that requires more intensive study.
Similar to Building a responsibility model including accountability, capability and commitment (20)
Multi-Agent System (MAS) monitoring solutions are designed for a plethora of usage topics. Existing approach mostly used cloned back-end architectures while front-end monitoring interface tends to constitute the real specificity of the solution. These interfaces are recurrently structured around three dimensions: access to informed knowledge, agent’s behavioural rules, and restitution of real-time states of specific system sector. In this paper, we propose prototyping a sector-agnostic MAS platform (Smart-X) which gathers in an integrated and independent platform all the functionalities required to monitor and to govern a wide range of sector specific environments. For illustration and validation purposes, the use of Smart-X is introduced and explained with a smart-mobility case study.
This document provides an agenda and overview for a joint workshop on security modeling hosted by the ArchiMate Forum and Security Forum. The workshop aims to identify opportunities to improve the conceptual and visual modeling of enterprise information security using TOGAF and ArchiMate. The agenda includes introductions, a research spotlight on strengthening role-based access control with responsibility modeling, an open discussion on complementing TOGAF and ArchiMate with enhanced security modeling, and identifying next steps. The workshop purpose is to enable better security architecture decisions and drive usage of TOGAF and ArchiMate for security architecture.
Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate® to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended case study at the Hospital Center in Luxembourg.
This document proposes an innovative systemic approach to risk management across interconnected sectors. It suggests using enterprise architecture models to manage cross-sector risks in Luxembourg's complex ICT ecosystem. The approach would provide regulators an overview of all players and systems, as well as models of different sectors to analyze collected data and risks at a national level, fostering accurate and reactive risk mitigation across economic domains.
This document proposes extending the HL7 standard with a responsibility perspective to better manage access rights to patient health records. It presents the ReMMo responsibility metamodel, which defines actors' responsibilities and associated access rights. The paper aims to align ReMMo with the HL7-based eSanté healthcare platform model in Luxembourg to semantically enhance access controls based on users' real responsibilities rather than just roles. It will first map concepts between the two models, then evaluate the alignment through a prototype applying inference rules.
This document proposes a methodological approach for specifying services and analyzing service compliance considering the responsibility dimension of stakeholders. The approach includes a product model and process model. The product model has three layers: an informational layer describing service context and concepts, an organizational layer describing business rules and roles, and a responsibility dimension layer linking the two. The process model outlines steps for service architects to identify context, define concepts and rules, specify services, and analyze compliance. The approach is illustrated with an example of managing access rights for sensitive healthcare data exchange between organizations.
This document discusses integrating responsibility aspects into service engineering for e-government. It proposes a multi-layered approach including an ontological layer defining legal concepts, an organizational layer describing roles and stakeholders, an informational layer representing data structures and integrity constraints, and a technical layer representing IT components. A responsibility meta-model is also introduced to align responsibilities across these layers and facilitate interoperability between services that share data. The approach aims to ensure service compliance and manage risks associated with e-government services.
1) The document proposes a dynamic approach for assigning functions and responsibilities to agents in a multi-agent system for critical infrastructure management.
2) The approach uses an agent's reputation, which is based on past performance, to determine which agents receive which responsibilities as crisis situations change over time.
3) Assigning responsibilities dynamically based on reputation allows the system to continue operating effectively if an agent becomes isolated or has reduced capabilities during a crisis.
This document proposes a responsibility modeling language (ReMoLa) to align access rights with business process requirements. ReMoLa is a responsibility-centered meta-model that integrates concepts from the business and technical layers, with the concept of employee responsibility bridging the two. It incorporates four types of obligations from the COBIT framework to refine employee responsibilities and better assign access rights. ReMoLa maps responsibilities to roles in the RBAC model to leverage its advantages for access right management while ensuring responsibilities align with business tasks and employee commitment.
The document describes the NOEMI assessment methodology, which was developed as part of a research project to help very small enterprises (VSEs) improve their IT practices. The methodology aims to assess VSEs' IT capabilities in order to facilitate collaborative IT management across organizations. It was designed to be aligned with common IT standards like ISO/IEC 15504 and ITIL, but adapted specifically for VSEs. The methodology has been tested through several case studies with VSEs in Luxembourg, with promising results.
This document proposes an extension of the ArchiMate enterprise architecture framework to model multi-agent systems for critical infrastructure governance. The authors develop a responsibility-driven policy concept and metamodel layers to represent agent behavior and organizational policies across technical, application, and organizational layers. The approach is illustrated through a case study of a financial transaction processing system.
This document summarizes an experimental prototype of the OpenSST protocol for secured electronic transactions. OpenSST was developed to achieve high security, simplicity in software engineering, and compatibility with existing standards. The prototype uses OpenSST for the authorization portion of electronic payments in an e-business clearing solution. It describes the OpenSST message format and types, and discusses how OpenSST is implemented in the prototype's three-element architecture of an OpenSST proxy, reverse proxy, and server.
This document proposes an automatic reaction strategy for critical infrastructure SCADA systems. It defines a three-layer metamodel for modeling SCADA components and two types of policies (cognitive and permissive) that govern component behavior. It then presents a two-phase method for identifying these policies from the SCADA architecture and formalizing them to support an automatic reaction strategy. This strategy is modeled as an integral part of the SCADA architecture using the defined metamodel and policy identification method. It includes organizational and application layers with main actors, strategies, and components that realize the reaction policies based on expected automation levels.
This document discusses the NOEMI model, a collaborative management model for ICT processes in SMEs. The model was developed by the Centre Henri Tudor and tested with a cluster of 8 partner SMEs. Key aspects of the model include defining ICT activities across 5 domains, assessing each SME's capabilities, and having an operational team manage activities for the cluster under a coordination committee. The experiment showed improved cost control, management, and partner satisfaction compared to alternatives like outsourcing or hiring individual IT staff. The research is now ready for market transfer as the successful model is adopted long-term by participating SMEs.
The document proposes an agent-based architecture for multi-level security incident reaction in distributed telecommunication networks. The architecture has three levels: a low level interface with the infrastructure, an intermediate level using multi-agent systems to correlate alerts and deploy reactions across domains, and a high level for global supervision and policy management. The architecture was designed based on requirements like scalability, availability, autonomy, and robust reaction and alert management across distributed systems. It was successfully tested for implementing data access control policies.
This document proposes a multi-agent architecture for incident reaction in information system security. The architecture has three layers - low level interacts directly with the infrastructure, intermediate level correlates alerts and deploys reaction actions using multi-agent systems, and high level provides supervision and manages business policies. The architecture was tested for data access control and aims to quickly and efficiently react to attacks while ensuring policy compliance. The document discusses requirements like scalability, autonomy, and global supervision. It also describes the key components of alert management, reaction decision making, and policy definition/deployment to implement the architecture using a multi-agent approach.
This document proposes a metamodel for modeling reputation-based multi-agent systems using an adaptation of the ArchiMate enterprise architecture modeling framework. It describes a case study applying this metamodel to model an electrical distribution critical infrastructure system. Key elements of the metamodel include:
- Representing agents and their behaviors through policies that integrate both behavior and trust components
- Modeling trust relationships between agents using a reputation-based trust model
- Illustrating the metamodel layers and components on a system that detects weather alerts and broadcasts messages to the public through various channels like SMS or social media
The document discusses information security concerns of industry managers. A survey found that information security is the top concern of managers, even more than risks from the economy or natural disasters. While industries invest heavily in information security, most managers still trust their current security systems despite few having organizations well-adapted to new information risks. The complexity of assessing security risks is growing due to new IT capabilities, critical infrastructure developments, cloud services, and increasing cybercrime. Industries and academics must collaborate further on information security research to address these challenges.
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Stone Art Hub
Stone Art Hub offers the best competitive Marble Pricing in Dubai, ensuring affordability without compromising quality. With a wide range of exquisite marble options to choose from, you can enhance your spaces with elegance and sophistication. For inquiries or orders, contact us at ☎ 9928909666. Experience luxury at unbeatable prices.
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...my Pandit
Dive into the steadfast world of the Taurus Zodiac Sign. Discover the grounded, stable, and logical nature of Taurus individuals, and explore their key personality traits, important dates, and horoscope insights. Learn how the determination and patience of the Taurus sign make them the rock-steady achievers and anchors of the zodiac.
Building Your Employer Brand with Social MediaLuanWise
Presented at The Global HR Summit, 6th June 2024
In this keynote, Luan Wise will provide invaluable insights to elevate your employer brand on social media platforms including LinkedIn, Facebook, Instagram, X (formerly Twitter) and TikTok. You'll learn how compelling content can authentically showcase your company culture, values, and employee experiences to support your talent acquisition and retention objectives. Additionally, you'll understand the power of employee advocacy to amplify reach and engagement – helping to position your organization as an employer of choice in today's competitive talent landscape.
Call8328958814 satta matka Kalyan result satta guessing➑➌➋➑➒➎➑➑➊➍
Satta Matka Kalyan Main Mumbai Fastest Results
Satta Matka ❋ Sattamatka ❋ New Mumbai Ratan Satta Matka ❋ Fast Matka ❋ Milan Market ❋ Kalyan Matka Results ❋ Satta Game ❋ Matka Game ❋ Satta Matka ❋ Kalyan Satta Matka ❋ Mumbai Main ❋ Online Matka Results ❋ Satta Matka Tips ❋ Milan Chart ❋ Satta Matka Boss❋ New Star Day ❋ Satta King ❋ Live Satta Matka Results ❋ Satta Matka Company ❋ Indian Matka ❋ Satta Matka 143❋ Kalyan Night Matka..
How to Implement a Real Estate CRM SoftwareSalesTown
To implement a CRM for real estate, set clear goals, choose a CRM with key real estate features, and customize it to your needs. Migrate your data, train your team, and use automation to save time. Monitor performance, ensure data security, and use the CRM to enhance marketing. Regularly check its effectiveness to improve your business.
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
Storytelling is an incredibly valuable tool to share data and information. To get the most impact from stories there are a number of key ingredients. These are based on science and human nature. Using these elements in a story you can deliver information impactfully, ensure action and drive change.
Discover timeless style with the 2022 Vintage Roman Numerals Men's Ring. Crafted from premium stainless steel, this 6mm wide ring embodies elegance and durability. Perfect as a gift, it seamlessly blends classic Roman numeral detailing with modern sophistication, making it an ideal accessory for any occasion.
https://rb.gy/usj1a2
[To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
This presentation is a curated compilation of PowerPoint diagrams and templates designed to illustrate 20 different digital transformation frameworks and models. These frameworks are based on recent industry trends and best practices, ensuring that the content remains relevant and up-to-date.
Key highlights include Microsoft's Digital Transformation Framework, which focuses on driving innovation and efficiency, and McKinsey's Ten Guiding Principles, which provide strategic insights for successful digital transformation. Additionally, Forrester's framework emphasizes enhancing customer experiences and modernizing IT infrastructure, while IDC's MaturityScape helps assess and develop organizational digital maturity. MIT's framework explores cutting-edge strategies for achieving digital success.
These materials are perfect for enhancing your business or classroom presentations, offering visual aids to supplement your insights. Please note that while comprehensive, these slides are intended as supplementary resources and may not be complete for standalone instructional purposes.
Frameworks/Models included:
Microsoft’s Digital Transformation Framework
McKinsey’s Ten Guiding Principles of Digital Transformation
Forrester’s Digital Transformation Framework
IDC’s Digital Transformation MaturityScape
MIT’s Digital Transformation Framework
Gartner’s Digital Transformation Framework
Accenture’s Digital Strategy & Enterprise Frameworks
Deloitte’s Digital Industrial Transformation Framework
Capgemini’s Digital Transformation Framework
PwC’s Digital Transformation Framework
Cisco’s Digital Transformation Framework
Cognizant’s Digital Transformation Framework
DXC Technology’s Digital Transformation Framework
The BCG Strategy Palette
McKinsey’s Digital Transformation Framework
Digital Transformation Compass
Four Levels of Digital Maturity
Design Thinking Framework
Business Model Canvas
Customer Journey Map
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.AnnySerafinaLove
This letter, written by Kellen Harkins, Course Director at Full Sail University, commends Anny Love's exemplary performance in the Video Sharing Platforms class. It highlights her dedication, willingness to challenge herself, and exceptional skills in production, editing, and marketing across various video platforms like YouTube, TikTok, and Instagram.
Industrial Tech SW: Category Renewal and CreationChristian Dahlen
Every industrial revolution has created a new set of categories and a new set of players.
Multiple new technologies have emerged, but Samsara and C3.ai are only two companies which have gone public so far.
Manufacturing startups constitute the largest pipeline share of unicorns and IPO candidates in the SF Bay Area, and software startups dominate in Germany.
Easily Verify Compliance and Security with Binance KYCAny kyc Account
Use our simple KYC verification guide to make sure your Binance account is safe and compliant. Discover the fundamentals, appreciate the significance of KYC, and trade on one of the biggest cryptocurrency exchanges with confidence.
IMPACT Silver is a pure silver zinc producer with over $260 million in revenue since 2008 and a large 100% owned 210km Mexico land package - 2024 catalysts includes new 14% grade zinc Plomosas mine and 20,000m of fully funded exploration drilling.
Building a responsibility model including accountability, capability and commitment
1. Building a Responsibility Model including
Accountability, Capability and Commitment
Christophe Feltus1 and Michaël Petit2
1
Public Research Centre Henri Tudor, 29, Avenue John F.Kennedy, L-1855 Luxembourg-Kirchberg, Luxembourg
christophe.feltus@tudor.lu
2
Computer Science Department, University of Namur, B-5000Namur, Belgium
mpe@info.fundp.ac.be
This paper aims at building a responsibility model based on the concepts of Accountability, Capability and Commitment. The
model’s objectives are firstly to help organizations for verifying the organizational structure and detecting policy problems and
inconsistency. Secondly, the paper brings up a conceptual framework to support organization for defining their corporate, security
and access control policies. Our work provides a preliminary review of the researches performed in that field and proposes, based on
the analyses, an UML responsibility model and a definition of all its concepts. Thereafter, to propose a formal representation of the
model, we have selected the suitable language and logic system. The analyze highlights that an important variable is whether the
responsibility is perceived at a user or at a company level.
Index Terms—Responsibility, Capability, Commitment, Accountability, Access control, Right management, Formal system,
Security management.
by using that framework, verifying organizational structure
I. INTRODUCTION and detecting policy problems and inconsistency.
I t is notable that nowadays, the responsibility committed Our work will be based on the hypothesis that this
from a person to perform a task is an aspect that has for a responsibility is composed by the tuple (Capability,
long time remained overshadowed and that nevertheless Accountability, Commitment). Our previous work [2] has
appears to be from a major interest. The perception of introduced principal semantic characteristics about those three
responsibility has often been limited to a combination of rights concepts and has brought formalizing elements using standard
and obligations. However current business (for example in the logics.
financial sector) demonstrates that the moral aspect is The work is introduced by Camerer’s observations over
improvable and that taking care of that matter would avoid in research in the field of policy. These observations presented in
some cases malfunctions of the system. In practice, the next section provide a precious warning we have to take
responsibility is most often translated through policies. It care for our research. Section 3 reviews the concepts of
exists much definition of policy. For our work, we prefer the responsibility in access control models and in engineering
definition of policies from [31] that is Policies are rules that methods. Section 4 formalizes the responsibility and its
governe the choice in behaviour of a system. Security policies concepts with an UML model and presents the selection of a
define what actions are permitted or not permitted for what or formal system. Section 5 introduces future works around the
for whom, and under what condition (…) This definition is formalization and section 6 concludes.
interesting it that, even if it is coming from a low level The results presented in this paper are a contribution from
context, it sounds applicable to the high level one such as the the SIM (Secure Identity Management) project [36] and RED
management. (Reaction After Detection) project [43].
Based upon the above observations, the first objective of
that paper is to perform a literature review of policy models II. FROM BUSINESS TO SECURITY POLICY
and engineering methods to identify the main policy’s Before going ahead in the literature review, let make a
concepts. From that literature review, a model of hook to understand the analysis made by Camerer [9] on
responsibility is elaborated and integrates main researches in business policy and strategy. An important
responsibility’s concepts and main relationships between observation in his work is that: « There are at least three
those concepts. The specificity of that model is its genericity symptoms of the disease causing the queasy dissatisfaction
that permits in the first hand to integrate policies from all with policy research:
abstraction layers of the company, e.g.: IT policy are declined 1. Concepts are often ambiguous and their
from Corporate policy, and in the second hand, to be definitions are not agreed upon;
compatible to policy from different domains of the company.
E.g.: IT policy, organizational policy, or security policy. 2. Checklists or theories are rarely tested, and never
Finally, we introduce a formalization of the concepts using tested directly against competing theories and
logic system. The formalization main objectives are to 3. Theories do not ‘cumulate’ or built upon previous
propose a basic logic framework for defining all concepts and, theories as they should.
These three deficiencies are a result of the way policy
2. research is typically done.” been produced in that domain [15][17][18] and [19] but none
Camerer explains that policy research should evolve from has targeted the responsibility through the tuple (Capability,
an inductive to a deductive approach. He argues that induction Accountability, Commitment).
contribute to an unproductive debate about variable Despite that proliferation of works, it is noteworthy that
definitions and to a lack of testability and failure of theory. up to now there does not really exist a distinction between
Unlikely, his conviction is that deductive models can express works addressing access control model, policy model, role
hypotheses in a language that is more amenable to progressive engineering and permission/policy engineering. Based on that
debate. This point of view is a precious warning we have to assumption, it appears meaningful for apprehending that topic
take into account before beginning our researcher in that it to clarify this point and to highlight the existing dichotomy
may prevent us to perpetrate the same mistakes. This warning between model and method. To perform our review, we will
is moreover substantial because of the subjective character of base our analysis on a commonly accepted idea that a model
the moral aspect under focus in our research. In his work, or conceptual model is a representation designed to show the
Camerer only addresses business policy. Therefore, this structure of a system or concept and that (at least in our case),
consideration needs to be adapted according to our research’s a method is a body of techniques for collecting data necessary
context and it is consequently necessary to clarify the relation to instantiate the conceptual model. Consequently and as
that exists between business policies and IT policies. Wies illustration, the Role-Based Access Control (RBAC) model
[10] shows the links between high and low-level policies. He [1] proposes a structure for providing access based on role
depicts the variation of importance of the technology and the whereas role engineering [3] and [4] is a method aiming to
business aspects when translating high-level onto low-level define roles to instantiate the conceptual model. Identically,
policies. High-level policies tend to focus on business aspects policy may also be modeled and there exists a proliferation of
whereas low-level policies focus on technology aspects. methods to instantiate it. These methods may be classified
Although they are spread on different abstraction layers of the according to the technique they use. We propose to start with
policy hierarchy, business policies and IT policies should be methods based on Requirements Engineering (RE) and to
consistent because both should be derived from (management continue with a list of others. Moreover, it is more frequent to
and/or IT) goals and hence embody (management and/or IT) read paper targeting policy language than policy model. Those
strategy’s aspects. Rifaut et al. [11] propose to use Goal- policy languages are innumerable and spread over the entire
Oriented Requirements Engineering (GORE) methods to organizational model layers. Most famous of them are Ponder
define goals, strategies and policies. Rifaut explains that these [5], Policy Description Language [6], Security Policy
methods can be used to analyze and model systems at all Language [7], and Rei [8]. Amazingly, the policy model used
organizational level, from business models down to to support the policy expression by the policy language
architectures, see Fig. 1. He argues that the four artifacts that remains rarely specified. This review presents successively the
are objectives, policies, strategies and indicators may be responsibility through access control models and engineering
globally considered as objectives and that consequently, low methods. The components of the responsibility’s tuple are :
level objectives contributes to achieve higher level one. E.g.: • Capability: which describes the quality of having the
Having access control management contributes to have a requisite qualities or accesses to resources to achieve a
performance IT security and having a performance IT security task;
contribute to have a good corporate governance. • Accountability: which describes the state of being
answerable about the achievement of a task;
• Commitment: which is the engagement of a stakeholder
St r
ate ine
lev gic B us lue
ss Policies
Goals
Strategies
Indicator s
to fulfil a task and the assurance he will do it.
e va
Ta c l
These definitions are refined through the description of
Goals
ss
Indicators
in e
Policies Str ategies
t
l ic a s
Bu ce sses
Op evel l
Goals
p ro these concepts in section IV. A.
Indicators
e ra s
Policies Strategies
t
l ev ion al ur e
ced :
ain …
Te c el P ro d o m ents,
l ev
hni
el
c al
.
he IT mpo n
in t s, co Objectives Responsibility in the field of IT has already been
E. g tion
app
l ica Concepts
Indicators investigated because of IT security constraints and
Standard view of Policies Strategies
organizational layers
and artifacts of
organizational layers requirements firstly, and of software requirement engineering
secondly. IT security depicts responsibility mainly when it
Fig. 1. GORE model for Policy refinement addresses access control. Indeed, to provision employees with
right and obligation to operate over an application or a
Based on the previous assumption that there exist links component, main access control model use the concept of role
between policies from different layers, further analysis of the to group employee based on their responsibility, function,
literature has been conducted to depict the principal elements geographic location, domain of work, etc. Some examples of
that compose the policy concept. those models are the Mandatory Access Control, RBAC [10],
UCON [11], OrBAC [12], etc. However, the inconvenient
III. RESPONSIBILITY LITERATURE REVIEW already observed in large company is that the engineering of
that roles leads sometime to situations where the amount of
It is rapidly observable when analyzing policy literature roles is bigger than the amount of employees.
that a very large amount of authors show interest in that
Responsibility has also been subject of research in the field
concern. Consequently, a number of surveys have already
of software requirement engineering. Indeed, this concept is
3. centric for a large amount of methods like I*[13]. I* makes Our survey has also covered others approaches that due to
goal-oriented strategic modeling and analysis of requirements the size of the paper are not presented here. In summary we
by using three mains concepts that are: actors, intentional may observe that firstly, some concepts are commonly
elements, and links. Actors are described in their accepted, such as right, role and obligation. Definition of the
organizational setting and have attributes such as goals, two firsts concepts are scarce. Only one definition has been
abilities, beliefs, and commitments. Actors can be agents, found for the concept of “right”: the right (or permission) is
roles, and positions. Agents are concrete actors, systems or explicitly granted to a subject to access an object in a specific
humans, with specific capabilities. The inconvenient of those mode, such as read or write [1]. For the concept of “role”,
methods is that they are limited to concepts directly linked to only one definition has also been found in [13]. The concept
of obligation is subject to more debate. For Bettini et al. [14],
the software requirement like the right or the obligation
obligations are conditions or actions that must be fulfilled
without offering the possibility to be extended to wider
either by the users or the system after a decision. In [1],
concepts like the commitment.
Sandhu et al. define obligations as requirements that have to
The state of the art of policy concepts introduces a review be fulfilled by the subject for allowing access. Crook et al.
of 4 main recognized access control models: Mandatory [15] extend the notion of obligation to obligation policy that
Access Control (MAC), Discretionary Access Control (DAC), relate to actions that must be carried out on targets by subjects
Role-based Access Control (RBAC) and Usage Control when a predefined event occurs and Haley et al. in [16] define
Model (UCON). it as what actions must be taken before access can be granted.
TABLE 1.
AC MODEL AND RESPONSIBILITY’S CONCEPTS
MAC DAC RBAC UCON
Subject Subject Subject User Subject
Object Object Object Object Object
Defined by objects and subject’s
Group No User Group Role
attributes
Capability Access Right Access Right Access Right Access Right
Accountability Yes, static and dynamic Defined by objects and subject’s
No No
(Obligation, Constraint) separation of duty attributes
Commitment No No No No
TABLE 2.
ENGINEERING METHODS AND RESPONSIBILITY’S CONCEPTS.
Scenario
KAOS I* GBRAM ARMF RACAF Uses Cases
Driven
Subject Agent Actors Agent Users Actors Subject Actors
Object Entité / model objet Yes - Asset Data - Object
Group - Yes - Role Yes Yes Yes
Abilities
Capability (Right,
Authorization rules and - Permission Permission Permission Access right
Authorzation)
beliefs
Accountability Achieve requirements Achieve Perform Perform Perform Pre-conditions,
Goal
(Obligation, Constraint) and expectations a goal a task a task a scenario post-conditions
Commitment No Yes No No No No No
Table 2 is a summary and a comparison of the reviewed IV. FORMALIZATION OF THE RESPONSIBILITY
engineering methods. We may observe that, because the most This chapter aims at defining a responsibility model to
frequently addressed concern of capability is the access right, clarify and better understand concepts that compose
existing models and methods most of the time remain responsibility notion. To achieve that, we firstly use the
targeting low-level layers of abstraction of the organization. Unified Modeling Language (UML) to represent the
Moreover, if we consider responsibility as a tuple (Capability, components of the model and their relations and then, we
Accountability, Commitment), we observe that nowadays propose to introduce the formalization of its components with
there exists no model and method that entirely take into formal language and logic system. With the desire to keep this
account all these responsibility components. Other paper didactic and to grant a common understanding of
responsibility models exist but are often links to social or responsibility concepts, the work will be grounded based on
psychological areas, or in very specific domains like [41, 42]. the following case study:
Mister Boss is the manager of the marketing company
4. named “SelltheWorld”. Each year, Mister Boss organizes facilities, those users are often grouped together based on
during the Christmas period a large sending of postcards to their profile. As previously explained in the literature
all its customers. This year, Mr Boss has too much work for overview, the most famous type of classification is the role
closing the annual report and consequently decides to but variations exist such as for example the team, the
delegate this task to one of its employees. Because the task is hierarchy, or some geographical constraints.
less business sensitive as some other production task, Mr
Boss decides to delegate it to a part-time secretary named
Sophie. Sophie has just get married and consequently, she
accepts this additional work without commitment. Mr Boss
asks to the IT service manager to give Sophie the necessary
access right to the customers address list. The IT service
manager asks an employee from the IT service named John to
realize the necessary operation for providing this right. On
January the 30th, Mister Boss receives over 100 complains of
customers that didn’t receive Christmas card.
Mr Boss has duly formalized Sophie’s Accountability by
asking her to realize the sending activity. It was consequently
clear about what she was accountable to do. To achieve that
sending, she got the necessary capability that was the access
to the customers file. However, due to the fact that her
thought went to her new husband rather that to the work to
accomplish, she didn’t really want to achieve the work and
failed to assure her responsibility due to a miss of Fig. 2. UML model of responsibility applied to the right management
commitment.
John’s responsibility can also be analyzed by that case
study. John is a well paid IT staff that is very happy with his • Role: Role describes the position of a person in the
function. He has received clear accountability to give access organisation. This position may be related to a hierarchical
right to Sophie and he has the needed capabilities due to its status, a geographic position, the membership to an
position as network administrator. He has consequently been organisation unit or department, or whatever. This component
responsible to fulfill Mr Boss’ request. is largely present in the literature that provides some
definitions of it.
A. Responsibility model • Responsibility: It also exists a plethora of definitions
This section presents our model of responsibility. The of responsibility and this paper has not for duty to propose a
major interest of it is its genericity. Indeed, the model aims to new one. We may however state that commonly accepted
be generic enough to be applied to all kind of organizations, responsible definition encompasses the idea of having the
at each abstraction layers of it, and also for all domains of the obligation to ensure that something happens. Moreover, the
company like for example the IT security (and the above literature review shows that it makes sense to hang on
management of access right), the management, or the to it the three additional elements that are Capability,
production. Accountability and Commitment. One basic relation existing
Some components of the model are generic in that they are in the model is consequently the relationship between
present at all instantiations of it. Others components have Responsibility and Capacity, Accountability and
been added with the objective to illustrate the application of Commitment. This relation is of the form 0..* to 1. That
the model in the context of the management of access rights. means that being responsible involves that it is possible to
Those components are “Access Right” and “Resource”. Our dispose of many Capacities, Accountabilities and
model reuses some commonly accepted components Commitment. But at the opposite, on Commitments is only
presented in the literature survey in sections 3 and 4, whereas bound to one responsibility, and adequately for
others are new. The model encompasses the following Accountability and Capability.
concept: • Task: is the operation performed by the role (or the
• Organization: At the top of the UML model (see Fig. user), which is responsible for it. This concept doesn’t exist in
2) is the organization. Organization represents a structure that the realm of access control model that tends rather to speak
pursues collective goals and that is limited by a defined about right or/and obligation needed to perform an operation.
border. This structure encompasses employees (users) that are E.g.: The right to read a document or the obligation to satisfy
responsible to perform tasks (or processes) that implicitly conditions before executing an operation. By contrast, task is
generate profit. Organization also encompasses resources that a centric concept in requirement engineering. E.g.: in Tropos,
could be whether produced by the task or used by a user to a goal may by achieve by fulfilling a task. The relation
perform a task. between role, responsibility and task is to be underlined. This
• User: User appears as a person external or internal to relation is to be read: “there is one and only one role
an organization, a system or a software component. User has responsible for one task, and one role may have many
to achieve a task he is responsible for. Number of synonyms responsibilities and one responsible may perform many
of it exists like subject, actor or agent. For administration tasks”.
5. • Accountability: is a concept that exists mainly in activity to achieve because he does not shared the result
engineering methods and that appears through the obligation anymore.
to achieve a task or to perform an action. This concept • It addresses the commitment aspect of the
describes the state of being answerable about the achievement responsibility and consequently increases the ethics of the
of a task. The case study above illustrates that Sophie is business in general.
accountable toward Mr Boss regarding the task she has been • It guarantees that the right capability is affected to the
assigned responsible for. In the same way, John is right user. This advantage guarantees that the responsible
accountable toward the IT manager for providing the access receive the minimum privilege necessary for achieving the
right. task and consequently, it limits the vulnerability of the
• Commitment: is the moral engagement of a system.
stakeholder to fulfil a task and the assurance that he will do it.
B. Selection of a formal system
Commitment is the most infrequent concept. Traditional
policy model such as RBAC do not address it, however i* Even if this model brings up a first contribution for
partly introduces it (e.g. when defining dependency as an verifying the organization structure and detecting policy
“agreement” between two actors). However, to distinguish if problems and inconsistency, it appears impossible to exploit it
it is a moral concept or an obligation remains interpretable. without the help of a formal language. This section introduces
This component is illustrated through the cases study as a preliminary reflection over the selection of that language.
follow: Firstly, we may state that because Sophie has other To select a language, we may state that the model of
duty in mind, she has not the willingness to achieve the task. responsibility formalizes information that represents
We may state that she is not committed to do it. At the responsibility elements in force in the company. That
opposite, John is a well paid IT staff that is very happy with information composes a system that is part of the real world
his function. He is fully committed to perform the task. called the universe of discourse and that encompasses a
• Capability: which describes the quality of having the number of properties (constraints) that the system must
requisite qualities, skills or resources to perform a task. satisfy. In [38], Meyer at al. explains that some of the
Capability is a component that is part of all models and constraints may not be violated and could be formalized using
methods, and is most frequently declined through definition predicate logic, temporal logic or dynamic logic whereas
of access rights, authorizations or permissions. Based upon others are violable and formalized using deontic logic. The
the above case study, the Capability is illustrate through the constraint that before to have access to a file, it is necessary
Sophie’s capability to access the customer’s file. This that the right for accessing the file has been dully set on the
Capability exists because John was responsible to provide that fileserver is inviolable. Indeed, according to our case study, it
access right. The case study illustrates also John’s Capability is impossible that Sophie get access to the customers list if
to be responsible for providing access right. Indeed, due to his she doesn’t have the right to read the concerned file. If we
position of network administrator, he has the right to manage consider that read the file is a proposition, we can deduce that
all employees’ access right. having the access right is a capability or a modal operator of
Additionally, the UML model of responsibility (Fig. 2) “read the file”. Some others constraints are considered as
includes two added elements to the basic responsibility ideal but violable. This could be illustrated by the
model: “access right” and “resources”. These elements permit responsibility of John (that as to set the necessary access right
to illustrate the case of a particular type of Capability that is for Sophie) that due to an overload of work did not have
the access to resources. We define a resource as something enough time to achieve it. Time is considered in that example
needed for or produced by performing a task and that can as the capability necessary to fulfill the task. John has not
takes a large scale of representation such like information, assumed is responsibility because the statement that John is
manpower or money. The access right is defined as a capable to do it has been violated.
statement over the type of action that could be performed by a In [33], Cholvy et al. propose a formalization of the
user over that resource. This access right is a Capability for a concept of responsibility. In her work, she explains that
responsible while being at the same time accountability for responsibility is a concept that has several facets that
another. This relationship between Capability, access right correspond to very different meanings. She extracts three
and accountability has been more deeply explained in [2] and definitions of responsibility, which implicitly encompasses
[36]. In our model, Capability is a broader concept than the the three concepts from our model (capability, accountability,
mere one of access right. commitment). The first definition links the responsibility
concept to something bad that has happened to a person that
The advantages of such a model (Fig. 2) are important for
could have caused or prevented it. This definition is mainly
4 reasons:
issued from the legal world. The second definition issued
• It permits to improve the business/IT alignment and from Cholvy’s paper claims that responsibility is an
brings material to answer to the principle 1 of the ISO/IEC obligation or a moral duty to report or explain the action or
38500:2008 standard [40]: Establish clearly understood someone else’s action to a given authority (answerability).
responsibilities for IT. This definition helps at defining the commitment as a moral
• The accountability is bound to the agent rather than to duty in parallel with an obligation that is considered as a legal
a group of agents (like in others models [39]). This makes the duty. The third definition defines the responsibility according
agent personally more involved and more concerned by the to a position in an organization and explains that someone
6. responsible for something should be prepared to justify his
action. This justification brings the content of the concept of
accountability and consequently nuances accountability
versus answerability. Based upon the three definitions,
Cholvy proposes a logic framework and explains how the
framework may be used to model different aspects of the
responsibility. She used the deontic logic and the logic of
actions to achieve that. Deontic logic is the field of logic that
is concerned with obligation (O), permission (P) and
prohibition (F), and that permits to reason about ideal versus
actual states or behavior.
According to her approach, and based upon the Meyer’s
explanations over the necessity to prefer deontic logic for
modeling system that encompasses ideal but violable
properties, we may rightly agree that Cholvy’s choose is
suitably justified. If we consider the model of responsibility
as a user based representation of one responsibility, what
means in other words, that the concepts of responsibility
introduced in the model represents the responsibility of a
unique user to perform a unique task, the three components
that compose the responsibility tuple are violable. For
example, regarding the capability, we may state that based
upon the case study, Sophie must have the list of addresses.
However, it may happen that due to undefined reasons, she Fig. 3. UML model of multiple responsibilities interactions
doesn’t have it.
If we expand the sphere of responsibility from a user While based on our hypotheses that the existence of
based perception to an organization based perception, this capability and accountability is inviolable, the concept of
statement is no more automatically true. Indeed, if the commitment is more likely to discussion. Because this
company is considered as a set of tasks, persons, and concept is strongly depending of the moral willingness, we
responsibilities, we may suppose that in an ideal situation, it may argue that no real elements may absolutely guarantee its
must exist at least one Capability, one Accountability and one inviolability. This affirmation may however be nuanced if we
Commitment corresponding to each responsibility. look toward social, psychology, or managerial sciences. The
The existence of capability and accountability concepts is salary, the relationship with colleagues, or the concordance of
easily manageable and verifiable. Indeed, it is easy for an the job with the interest of the employee are some elements
operation or a processes manager to determine the dully that probably influence it. However, in this paper we consider
capabilities necessary to perform a task or to clearly fix the that those elements are not objectively manageable and do not
expected accountabilities. Moreover, such concepts are easily provide a guarantee of inviolability. We will consequently
traceable in a database for example or with a software tool. prefer the usage of deontic logic for formalizing that element.
This exercise has already been achieved in previous works We may consequently suppose that some elements of
[36]. The consistency between both concepts may also be responsibility may be formalized using predicate logic and
examined based upon the supposition that the capability others with deontic logic.
needed for assuming a responsibility corresponds to
accountability of another user’s responsibility. V. FUTURE WORKS REGARDING THE FORMALIZATION OF THE
Fig.3 illustrates that links. Based upon our cases study, we RESPONSIBILITY
may consider that : Additionally to the Cholvy’s proposition to formalize
a) Sophie’s capability (having access right) is the responsibility with deontic logic and action logic, our future
accountability of John (provides access right). works extend the formalization of the responsibility with the
b) John’s capability (having time for performing the components of the responsibility tuple (Capability,
right management) is the accountability of the IT Accountability and Commitment). The responsibility (R)
service manager (provide time the IT service staff) assigned to a user (u) to perform a task (t) is written R([t]u).
c) IT service manager’s capability (having budget to Based upon our previous observations, we state that this
hire IT employees) is the accountability of Mr Boss formalization has one specificity that resides in that the
(provide IT service manager budget) components of the responsibility’s tuple are at the same time
If we base our work on that reasoning that in an ideal conceptual components and modal operators: capability (CA),
situation, responsibilities in a company are dully fixed and accountability (AC) and commitment (CO). We have
that capabilities and accountability exist for each consequently to develop a formalization based on the deontic
responsibility, we may conclude that those two concepts are logic to formalize the user based formalization of the
inviolable and may be formalized using predicate logic. responsibility and extend this formalization to predicate logic
7. to represent the responsibility at an organization level. An Whatever, not achieving a task for which the user is
envisaged possibility to define responsibility’s modal accountable may lead to some kind of blame. This aspect is
operators is to develop the user based representation of the not discussed in that paper.
responsibility based on the adaptation of the Traditional Future formalization works will also aims at defining the
Threefold Classification (TTC) [37]. To achieve that, we commitment. We already suppose that it will be necessary to
transpose Obligatory to Accountable in that both modal also define it based on the TTC. Fig. 5 shows how it seems
operators bring up the notion of a constraint that is logic to represent it.
indispensable and makes obligatory by a legal issue (e.g.: a
policy), we transpose Permissible by Capable in that both VI. CONCLUSIONS
defend the idea that this constraint permits an action to be We have analyzed the literature to understand the
performed. And we keep the Optional (OP) modal operator of semantics of AC policy conceptual models and engineering
the standard deontic logic unchanged. To achieve that methods. We have observed that some elements are
transposition, we need to define the Incapacity (IN) and the commonly accepted components whereas others remain
Unaccountability (UN) (see 2’ And 3’). Moreover, equally to debated or not addressed. Commonly accepted concepts are
the deontic standard schema, the Fig. 4 highlights that the user (and related ones such as group or role), resource and
three rectangular cells are jointly exhaustive and mutually capability. Capability is most frequently declined under
exclusive. Indeed, each proposition is accountable, optional or access right, authorizations or permissions. Accountability is
incapable. Moreover, Capable modal operators are those that a concept that exists mainly in engineering methods and that
are either Accountable or Optional and Unaccountable modal is declined as the obligation to achieve a task or to perform an
operators are those that are either Optional or Incapable. action. Commitment is the most infrequent concept. Based
upon that observation, we have developed a conceptual model
of responsibility using an UML class diagram and have
defined all the conceptual components and clarified some
important relationships between those. Thereafter, to propose
a formal representation of the model, we have selected the
suitable language and logic system. The analyze highlights
Fig. 4. From Traditional toward a Responsibility based Threefold
Classification that an important variable is whether the responsibility is
perceived at a user or at a company level.
Based upon the TTC, the Traditional Definitional Scheme In this paper, the responsibility concept has mainly been
(TDS) [37] states by the set of definitions from 1 to 4 that addressed based on an IT approach. However, the
something is permissible if and only if its negation is not “operational” and “management” fields are also rich of
obligatory, impermissible if and only if its negation is responsibility’s theories [34] and [35]. This area will be the
obligatory, gratuitous if and only if it is not obligatory, and focus of our future researches and will permit to refine our
optional if and only if neither it nor its negation is obligatory. first findings. Consequently, our future works will focus on
If we consider that the proposition (p) is the performance of a continuing the development of the model of responsibility,
task (t) by a user (u) and is noted [t]u, the set of definitions and most specially the concept of commitment that is
from 1’ to 4’ may defines the concepts of the responsibility important to consider in high-level layer of the organizational
according to the Responsibility based Threefold model. Moreover, defining policy that allows taking into
Classification. account the commitment opens doors to new approaches that
have right now poorly be taken into account in traditional and
PEp ↔ ~OB~p (1) renowned risk management solutions
IMp ↔ OB~p (2) As a conclusion regarding the Camerer’s warning of
GRp ↔ ~OBp (3) section I we have done this analysis to clarify the semantic of
OPp ↔ (~OBp & ~OB~p) (4) all components that encompass the responsibility and we may
consequently state that symptom 1 and 3 identified by
CA[t]u ↔ ~AC~ [t]u (1’) Camerer has been addressed. Firstly the symptom 1 that is
IN[t]u ↔ AC~ [t]u (2’) “Concepts are often ambiguous and their definitions are not
UN[t]u ↔ ~AC[t]u (3’) agreed upon” has been partially tackled with clear literature-
OP[t]u ↔ (~AC[t]u & ~AC~ [t]u) (4’) based enlightenment of the concepts. Secondly symptom 3
that is “Theories do not ‘cumulate’ or built upon previous
For achieving a task, u must have the necessary theories as they should.” has been addresses with a tentative
capabilities and be committed to perform it. Whether or not definition of “responsibility” considering the way its
he is accountable do not presents any impact on the conceptual component are addresses by others authors.
realization. Another part of our work aims at defining a new approach
to derive the responsibility from the high-level down to the
lower one. Our first researches demonstrate that potentials
solutions are to link responsibility’s concepts with
organization’s processes. To support the progress of that
approach, a software prototype has been developed based on
“egroupware open framework”. Those researches and the
Fig. 5. Commitment on Responsibility Threefold Classification prototype have been presented in [36].
8. REFERENCES [24] Robert Crook, Darrel Ince, Bashar Nuseibeh, Towards an Analytical
Role Modelling Framework for Security Requirements, Security
[1] R. Sandhu, J. Park, Usage Control: A Vision for Next Generation Requirements Group, Departement of Computing, The Open University,
Access Control, The Second International Workshop on Mathematical Walton Hall, Milton Keynes, MK7 6AA, UK.
Methods, Models and Architectures for Computer Networks Security, [25] Henry Mintzberg, Structure in Fives: Designing Effective
2003. Organisations, Englewood Cliffs, NJ: Prentice-Hall, 1983. pp. 312
[2] C. Feltus, A. Rifaut, An Ontology for Requirements Analysis of [26] Qingfeng He, Annies I. Antón, “A Framework for Privacy-Enhanced
Managers’ Policies in Financial Institutions, I-ESA2007, Madeira, Access Control Analysis in Requirements Engineering”, Proc. of the 9th
Portugal. International Workshop on Requirements Engineering: Foundation for
[3] Gustaf Neumann, Mark Strembeck, A Scenario-driven Role Engineering Software Quality (REFSQ'03), pp. 137-146, Klagenfurt/Velden, Austria,
Process for Functional RBAC Roles, SACMAT’02, June 34, 2002, June 16-17, 2003.
Monterey, California, USA. [27] E. B. Fernandez and J. C. Hawkins, “Determining Role Rights from Use
[4] Coyne, E. J. 1996. Role engineering. First ACM Workshop on Role- Cases”, Proc. of the ACM Workshop on Role-Based Access Control,
Based Access Control, Gaithersburg, Maryland, United States. 1997.
[5] N. Damianou, N. Dulay, E. Lupu, M. Sloman , The Ponder Policy [28] Roeckle, H., Schimpf, G., and Weidinger, R. 2000. Process-oriented
Specification Language Workshop on Policies for Distributed Systems approach for role-finding to implement role-based security
and Networks (Policy2001), HP Labs Bristol, 29-31. Springer-Verlag. administration in a large industrial organization. In Proceedings of the
[6] Bertino, E., Mileo, A., and Provetti, A. 2005. PDL with Preferences. Fifth ACM Workshop on Role-Based Access Control (Berlin, Germany,
IEEE international Workshop on Policies For Distributed Systems and July 26 - 28, 2000). Role-Based Access Control '00.
Networks, Policy 2005 – Vol. 00, IEEE Computer Society, Washington, [29] Chandramouli, R. 2001. A Framework for Multiple Authorization Types
DC, 213-222. in a Healthcare Application System. 17th Annual Computer Security
[7] Basile, C.; Lioy, A.; Perez, G. Martinez; C., F. J. Garcia; Skarmeta, A. Applications Conference, 2001. ACSAC. IEEE Computer Society,
F. Gomez, POSITIF: A Policy-Based Security Management Washington, DC, 137.
SystemPolicies for Distributed Systems and Networks, 2007. [30] D. J. Thomsen, Richard C. O'Brien and C. Payne, Napoleon: Network
POLICY’07, pp. 280 – 280. Application Policy Environment, ACM Workshop on Role-Based
[8] Lalana Kagal, Rei : A Policy Language for the Me-Centric Project, Access Control, 1999, pp. 145-152.
TechReport, HP Labs, September 2002. [31] N. Dulay, E. Lupu, M. Solman, N. Damianou, A Policy Deployment
[9] Colin Camerer, Redirecting Research in Business Policy and Strategy, Model for the Ponder Language , An extended version of paper in Proc.
Strategic Management Journal, Vol.6, No. 1. (Jan. – Mar., 1985), pp. 1- IEEE/IFIP International Symposium on Integrated Network
15. Management, (IM’2001), Seattle, May 2001, IEEE Press.
[10] René Wies, Using a Classification of Management Policies for Policy [32] OASIS, “eXtensible Access Control Markup Language (XACML)
Specification and Policy Transformation. In Proc. ISINM '95, Santa Version 2.0” February 2005. www.oasis-open.org/committees/xacml/
Barbara, California, May 1995. [33] L. Cholvy, F. Cuppens, and C. Saurel. Towards a logical formalization
[11] André Rifaut, Christophe Feltus, Improving Operational Risk of responsibility. In Proc. of the Sixth International Conference on
Management Systems by Formalizing the Basel II Regulation with Goal Artificial Intelligence and Law, pages 233--242, 1997.
Models and the ISO/IEC 15504 Approach, REMO2V’2006, [34] Mintzberg H. Mintzberg on Management: Inside our strange world of
Luxembourg. organizations. The Free Press, New York, 1989.
[12] Davrondhon Gafurov, Kirsi Helkala, Nils Kalstad Svendsen, Security [35] Gray, B. Collaborating. Jossey-Baas, San Francisco, 1991.
models for electronic medical record, Telektronikk 1.2005. [36] J. Aubert, B. Gateau, C. Incoul, C. Feltus, SIM : An Innovative
[13] David F. Ferraiolo, Ravi Sandhu, Serban Gavrila, D. Richard Kuhn and Business-Oriented Approach for a Distributed Access Management,
Ramaswamy Chandramouli, Proposed NIST Standard for Role-Based International Conference on Information & Communication
Access Control, ACM Transactions on Information and System Technologies: from Theory to Applications (IEEE ICTTA2008),
Security, Vol. 4, No. 3, August 2001, Pages 224-274. Damascus, Syria.
[14] C. Bettini, S. Jajodia, X. S. Wang, and D. Wijesekera, Provisions and [37] http://plato.stanford.edu/entries/logic-deontic
Obligations in Policy Management and Security Applications, 28th [38] J.-J. Ch. Meyer, R.J. Wieringa, F.P.M. Dignum, The Role of Deontic
VLDB conference, China, 2002. Logic in the Specification of Information Systems, International Series
[15] Robert Crook, Darrel Ince, Bashar Nuseibeh, Modelling access policies In Engineering And Computer Science archive, Logics for databases
using roles in requirements engineering, Information and Software and information systems book contents, Kluwer, pp. 71-115, 1998.
Technology 45 (2003) 979-991. [39] C. Feltus, Preliminary Literature Review of Policy Engineering
[16] Charles B. Haley, Robin C. Laney, Jonathan D. Moffett, and Bashar Methods- Toward Responsibility Concept, ICTTA2008, Damascus,
Nuseibeh, Using Trust Assumptions with Security Requirements, Syria.
Requirements Engineering Journal, vol. 11 no. 2 (April 2006) pp. 138- [40] International Standard for Corporate Governance of IT (IT Governance)
15. - ISO/IEC 38500, 2008
[17] Robert Crook, Darrel Ince, Bashar Nuseibeh, On Modelling access [41] I. Sommerville, T. Storer, and R. Lock. Responsibility modelling for
policies: Relating Roles to their Organisational Context, RE 2005, Paris. contingency planning. In Workshop on Understanding Why Systems
[18] Pete A. Epstein, Engineering of Role/Permission Assignement, PhD Fail, Contingency Planning and Longer Term Perspectives on Learning
thesis. from Failure in Safety Critical Systems, June 2007.
[19] Crook, R., Ince, D., and Nuseibeh, B., “Using i* to Model Access [42] [42] P.M Wright, K. White, D. Gaebler-Spira (2004). Exploring the
Policies: Relating Roles to their Organisational Context”, Social relevance of the personal and social responsibility model in adapted
Modelling for Requirements Engineering, Giorgini, P., Maiden, N., physical activity: A collective case study. Journal of Teaching in
Mylopoulos, J., and Yu, E., eds., MIT Press, 2006. Physical Education, 23(1), 71-87.
[20] P.J. Fontaine, Goal-Oriented Elaboration of Security Requirements. [43] B. Gâteau, D. Khadraoui, C. Feltus, B. de Rémont, Multi-Agents based
M.S. Thesis, Dept. Computing Science, University of Louvain, June Architecture for IS Security Incident Reaction, 6th IEEE International
2001. Conference on Computer Science, 2008 IEEE International Conference
[21] Yu, E. S. and Liu, L. 2001. Modelling Trust for System Design Using on Research, Innovation & Vision for the Future (IEEE RIVF 2008),
the i* Strategic Actors Framework. Workshop on Deception, Fraud, and 14-16/7/2008, Ho Chi Minh City, Vietnam.
Trust in Agent Societies Held During the Autonomous, Eds. Lecture 35
194.
Manuscript received September 30, 2008. Corresponding author: C. Feltus
[22] L. Liu, E. Yu, J. Mylopoulos, Analyzing Security Requirements as
(e-mail: christophe.feltus@tudor.lu).
Relationships Among Strategic Actors, SREIS’02, Raleigh, North
Carolina, 2002.
[23] Antón, Goal-Based Requirements Analysi,. Second ICRE’96, Colorado
Springs, USA, 1996.