Enterprise Information Systems VII [1 ed.] 1402053231, 9781402053238, 9781402053474

Citation preview

Enterprise Information Systems VII

Enterprise Information Systems VII edited by

Chin-Sheng Chen Florida International University, Miami, FL, U.S.A.

Joaquim Filipe INSTICC/ EST, Setúbal, Portugal

Isabel Seruca Universidade Portucalense, Porto, Portugal and

José Cordeiro INSTICC/ EST, Setúbal, Portugal

A C.I.P. Catalogue record for this book is available from the Library of Congress.

ISBN-10 ISBN-13 ISBN-10 ISBN-13

1-4020-5323-1 (HB) 978-1-4020-5323-8 (HB) 1-4020-5347-9 (e-book) 978-1-4020-5347-4 (e-book)

Published by Springer, P.O. Box 17, 3300 AA Dordrecht, The Netherlands. www.springer.com

Printed on acid-free paper

All Rights Reserved © 2006 Springer No part of this work may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, microfilming, recording or otherwise, without written permission from the Publisher, with the exception of any material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work.

TABLE OF CONTENTS

Preface.................................................................................................................................................. ix Conference Committee......................................................................................................................... xi

INVITED SPEAKERS EIS IMPLEMENTATION RESEARCH: AN ASSESSMENT AND SUGGESTIONS FOR THE FUTURE Henri Barki.............................................................................................................................................. 3 CHANGING THE WAY THE ENTERPRISE WORKS - OPERATIONAL TRANSFORMATIONS Thomas J. Greene .........................................................................................................................................................11 ENTERPRISE ONTOLOGY – UNDERSTANDING THE ESSENCE OF ORGANIZATIONAL OPERATION Jan L. G. Dietz ...........................................................................................................................................................19 BUILDING SUCCESSFUL INTERORGANIZATIONAL SYSTEMS - IT AND CHANGE MANAGEMENT M. Lynne Markus .......................................................................................................................................................31

PART 1 – DATABASES AND INFORMATION SYSTEMS INTEGRATION THE HYBRID DIGITAL TREE - A NEW INDEXING TECHNIQUE FOR LARGE STRING DATABASES Qiang Xue, Sakti Pramanik, Gang Qian and Qiang Zhu............................................................................................45 v

vi

Table of Contents

MUSICAL RETRIEVAL IN P2P NETWORKS UNDER THE WARPING DISTANCE Ioannis Karydis, Alexandros Nanopoulos, Apostolos N. Papadopoulos and Yannis Manolopoulos ..............................53 CHANGE DETECTION AND MAINTENANCE OF AN XML WEB WAREHOUSE Ching-Ming Chao.........................................................................................................................................................61 CHOOSING GROUPWARE TOOLS AND ELICITATION TECHNIQUES ACCORDING TO STAKEHOLDERS' FEATURES Gabriela N. Aranda, Aurora Vizcaíno, Alejandra Cechich and Mario Piattini.......................................................... 69 ANALYTICAL AND EXPERIMENTAL EVALUATION OF STREAM-BASED JOIN Henry Kostowski and Kajal T. Claypool.......................................................................................................................77 PART 2 – ARTIFICIAL INTELLIGENCE AND DECISION SUPPORT SYSTEMS CONSTRUCTION OF DECISION TREES USING DATA CUBE Lixin Fu......................................................................................................................................................................87 AN APPLICATION OF NON-LINEAR PROGRAMMING TO TRAIN RECURRENT NEURAL NETWORKS IN TIME SERIES PREDICTION PROBLEMS M. P. Cuéllar, M. Delgado and M. C. Pegalajar .........................................................................................................95 INTELLIGENT SOLUTION EVALUATION BASED ON ALTERNATIVE USER PROFILES Georgios Bardis, Georgios Miaoulis and Dimitri Plemenos..........................................................................................103 USING dmFSQL FOR FINANCIAL CLUSTERING Ramón Alberto Carrasco, María Amparo Vila and José Galindo .............................................................................113 KNOWLEDGE MANAGEMENT IN NON-GOVERNMENTAL ORGANISATIONS: A PARTNERSHIP FOR THE FUTURE José Braga de Vasconcelos, Paulo Castro Seixas, Paulo Gens Lemos and Chris Kimble..............................................121 TOWARDS A CHANGE-BASED CHANCE DISCOVERY Zhiwen Wu and Ahmed Y. Tawfik ...........................................................................................................................131

PART 3 – INFORMATION SYSTEMS ANALYSIS AND SPECIFICATION EARLY DETECTION OF COTS FUNCTIONAL SUITABILITY FOR AN E-PAYMENT CASE STUDY Alejandra Cechich and Mario Piattini........................................................................................................................141 PRESERVING THE CONTEXT OF INTERRUPTED BUSINESS PROCESS ACTIVITIES Sarita Bassil, Stefanie Rinderle, Rudolf Keller, Peter Kropf and Manfred Reichert ......................................................149 THE “RIGHT TO BE LET ALONE” AND PRIVATE INFORMATION Sabah S. Al-Fedaghi..................................................................................................................................................157 PERSPECTIVES ON PROCESS DOCUMENTATION - A CASE STUDY Jörg Becker, Christian Janiesch, Patrick Delfmann and Wolfgang Fuhr......................................................................167

Table of Contents

vii

SUSTAINABLE DEVELOPMENT AND INVESTMENT IN INFORMATION TECHNOLOGIES - A SOCIO-ECONOMIC ANALYSIS Manuel João Pereira, Luís Valadares Tavares and Raquel Soares .............................................................................179 QUALITY OF SERVICE IN FLEXIBLE WORKFLOWS THROUGH PROCESS CONSTRAINTS Shazia Sadiq, Maria Orlowska, Joe Lin and Wasim Sadiq ......................................................................................187 REAL TIME DETECTION OF NOVEL ATTACKS BY MEANS OF DATA MINING TECHNIQUES Marcello Esposito, Claudio Mazzariello, Francesco Oliviero, Simon Pietro Romano and Carlo Sansone.....................197

PART 4 – SOFTWARE AGENTS AND INTERNET COMPUTING GENERIC FAULT-TOLERANT LAYER SUPPORTING PUBLISH/SUBSCRIBE MESSAGING IN MOBILE AGENT SYSTEMS Milovan Tosic and Arkady Zaslavsky........................................................................................................................207 BOOSTING ITEM FINDABILITY: BRIDGING THE SEMANTIC GAP BETWEEN SEARCH PHRASES AND ITEM INFORMATION Hasan Davulcu, Hung V. Nguyen and Viswanathan Ramachandran.......................................................................215 INTEGRATING AGENT TECHNOLOGIES INTO ENTERPRISE SYSTEMS USING WEB SERVICES Eduardo H. Ramírez and Ramón F. Brena...............................................................................................................223

PART 5 – HUMAN-COMPUTER INTERACTION OPENDPI: A TOOLKIT FOR DEVELOPING DOCUMENT-CENTERED ENVIRONMENTS Olivier Beaudoux and Michel Beaudouin-Lafon..........................................................................................................231 WHY ANTHROPOMORPHIC USER INTERFACE FEEDBACK CAN BE EFFECTIVE AND PREFERRED BY USERS Pietro Murano ............................................................................................................................................................241 DISTANCE LEARNING BY INTELLIGENT TUTORING SYSTEM. AGENT-BASED ARCHITECTURE FOR USER-CENTRED ADAPTIVITY Antonio Fernández-Caballero, José Manuel Gascueña, Federico Botella and Enrique Lazcorreta...............................249 A CONTROLLED EXPERIMENT FOR MEASURING THE USABILITY OF WEBAPPS USING PATTERNS F. Javier García, María Lozano, Francisco Montero, Jose Antonio Gallud, Pascual González and Carlota Lorenzo .........................................................................................................................................................257 AUTHOR INDEX................................................................................................................................................265

PREFACE

This book contains the best papers of the Seventh International Conference on Enterprise Information Systems (ICEIS 2005), held in Miami (USA) and organized by INSTICC (Institute for Systems and Technologies of Information, Communication and Control) in collaboration with FLORIDA INTERNATIONAL UNIVERSITY, who hosted the event. Following the route started in 1999, ICEIS has become a major point of contact between research scientists, engineers and practitioners on the area of business applications of information systems. This conference, which is now one of the largest annual conferences in the Information Systems area, has received an increased interest every year, especially from the international academic community. This year, five simultaneous tracks were held, covering different aspects related to enterprise computing, including: “Databases and Information Systems Integration”, “Artificial Intelligence and Decision Support Systems”, “Information Systems Analysis and Specification”, “Software Agents and Internet Computing” and “Human-Computer Interaction”. The sections of this book reflect the conference tracks. ICEIS 2005 received 459 paper submissions from 41 different countries, in all continents. 89 papers were published and orally presented as full papers, i.e. completed work, 110 position papers reflecting work-in-progress were accepted for short presentation and another 90 for poster presentation. These numbers, leading to a “full-paper” acceptance ratio below 20%, show the intention of preserving a high quality forum. As usual in the ICEIS conference series, a number of invited talks, including keynote lectures and technical tutorials were also held. These special presentations made by internationally recognized experts have definitely increased the overall quality of the Conference and provided a deeper understanding of the Enterprise Information Systems field. Some of these contributions have been included in a special section of this book. The program for this conference required the dedicated effort of many people. Firstly, we must thank the authors, whose research and development efforts are recorded here. Secondly, we thank the members of the program committee and the additional reviewers for their diligence and expert reviewing. Thirdly, we thank the invited speakers for their invaluable contribution and for taking the time to synthesise and prepare their talks. Fourthly, we thank the workshop chairs whose collaboration with ICEIS was much appreciated. Finally, special thanks to all the members of the local organising committee, especially Ron Giachetti, whose collaboration was fundamental for the success of this conference. Chin-Sheng Chen, Florida International University, USA Joaquim Filipe, INSTICC / EST Setúbal, Portugal Isabel Seruca, Universidade Portucalense, Portugal José Cordeiro, INSTICC / EST Setúbal, Portugal ix

CONFERENCE COMMITTEE

Conference co-Chairs Joaquim Filipe, INSTICC / EST Setúbal, Portugal Chin-Sheng Chen, Florida International University, USA Programme co-Chairs Isabel Seruca, Universidade Portucalense, Portugal José Cordeiro, INSTICC / EST Setúbal, Portugal Organising Committee Marina Carvalho, INSTICC, Portugal Bruno Encarnação, INSTICC, Portugal Ronald Giachetti, Florida International University, USA Vítor Pedrosa, INSTICC, Portugal Senior Programme Committee Yannis Manolopoulos, Greece José Legatheaux Martins, Portugal Masao Matsumoto, Japan James Odell, USA George Papadopoulos, Cyprus Luís Moniz Pereira, Portugal Alain Pirotte, Belgium Klaus Pohl, Germany Matthias Rauterberg, The Netherlands Colette Rolland, France Abdel-Badeeh Salem, Egypt Bernadette Sharp, UK Alexander Smirnov, Russia Ronald Stamper, The Netherlands Reza Torkzadeh, USA Miguel Toro, Spain José Tribolet, Portugal François Vernadat, Luxembourg Frank Wang, UK Merrill Warkentin, USA Hans Weigand, The Netherlands Roel Wieringa, The Netherlands

Luís Amaral, Portugal Peter B. Andersen, Denmark Ricardo Baeza-Yates, Chile Jean Bézivin, France Enrique Bonsón, Spain João Alvaro Carvalho, Portugal Albert Cheng, USA Miguel Delgado, Spain Jan Dietz, The Netherlands Frank Dignum, The Netherlands António Figueiredo, Portugal Göran Goldkuhl, Sweden Thomas Greene, USA Nuno Guimarães, Portugal Jeet Gupta, USA Jean-Paul Haton, France Alberto Laender, Brazil Maurizio Lenzerini, Italy Michel Léonard, Switzerland Kecheng Liu, UK Peri Loucopoulos, UK Paul Luker, UK Kalle Lyytinen, USA xi

xii

Conference Committee

Programme Committee Jesus S. Aguilar-Ruiz, Spain Patrick Albers, France Salah Al-Sharhan, Kuwait Andreas Andreou, Cyprus Pedro Antunes, Portugal Joaquim Aparício, Portugal Juan Carlos Augusto, UK Bart Baesens, UK Cecilia Baranauskas, Brazil Balbir Barn,UK Senén Barro, Spain Remi Bastide, France Nadia Bellalem, France Peter Bernus, Australia Peter Bertok, Australia Robert Biddle, Canada Oliver Bittel, Germany Fernando Boavida, Portugal Luis Borges Gouveia, Portugal Djamel Bouchaffra, USA Danielle Boulanger, France Jean-Louis Boulanger, France José Braga de Vasconcelos, Portugal Miguel Calejo, Portugal Coral Calero, Spain Luis M. Camarinha-Matos, Portugal Jorge Cardoso, Portugal Fernando Carvalho, Brazil Jose Jesus Castro-Schez, Spain Luca Cernuzzi, Paraguay Maria Filomena de Castro Lopes, Portugal Elizabeth Chang, Australia Laurent Chapelier, France Nian-Shing Chen, Australia William Cheng-Chung Chu, Taiwan Rodney Clarke, UK Chrisment Claude, France Francesco Colace, Italy Bernard Coulette, France Sharon Cox, UK Mohamed Dahchour, Morocco Sergio de Cesare, UK Andrea De Lucia, Italy

Nuno de Magalhães Ribeiro, Portugal José Javier Dolado, Spain Jean-Christophe Dubois, France Schahram Dustdar, Austria Alan Eardley, UK David Emery, UK Jean-Max Estay, France João Faria, Portugal Jesus Favela, USA Eduardo Fernández-Medina, Spain Edilson Ferneda, Brazil Paulo Ferreira, Portugal Filomena Ferrucci, Italy Andrew Finegan, Australia Andre Flory, France Donal Flynn, UK Ulrich Frank, Germany Ana Fred, Portugal Lixin Fu, USA Juan Garbajosa, Spain Marcela Genero, Spain Joseph Giampapa, USA Raúl Giráldez, Spain Pascual González, Spain Robert Goodwin, Australia Silvia Gordillo, Argentina John Gordon, UK Feliz Gouveia, Portugal Virginie Govaere, France Jan Gulliksen, Sweden Rune Gustavsson, Sweden Sissel Guttormsen Schär, Switzerland Lamia Hadrich Belguith, Tunisia Thorsten Hampel, Germany Michael Heng, Australia Francisco Herrera, Spain Colin Higgins, UK Peter Higgins, Australia Erik Hollnagel, Sweden Jun Hong, UK Nguyen Hong Quang, Viet Nam Jiankun Hu, Australia Kaiyin Huang, The Netherlands

xiii

Conference Committee

Patrick C. K. Hung, Canada Hamid Jahankhani, UK Arturo Jaime, Spain Luis Jiménez Linares, Spain Luis Joyanes, Spain Nikos Karacapilidis, Greece Dimitris Karagiannis, Austria Stamatis Karnouskos, Germany Hiroyuki Kawano, Japan Nicolas Kemper Valverde, Mexico A. Rahman Khan, USA Manuel Kolp, Belgium John Krogstie, Norway Stan Kurkovsky, USA Yannick Lallement, Canada Chul-Hwan Lee, USA Carlos León de Mora, Spain Hareton Leung, China Therese Libourel, France John Lim, Singapore Matti Linna, Finland Jan Ljungberg, Sweden Stephane Loiseau, France João Correia Lopes, Portugal María Dolores Lozano, Spain Jianguo Lu, Canada Christopher Lueg, Australia Edmundo Madeira, Brazil Laurent Magnin, Canada Sam Makki, USA Mirko Malekovic, Croatia Nuno Mamede, Portugal João Mangueira Sobral, Brazil Esperanza Marcos, Spain Farhi Marir, UK Maria João Martins, Portugal Herve Martin, France Johannes Mayer, Germany Andreas Meier, Switzerland Emilia Mendes, New Zealand Engelbert Mephu Nguifo, France Miguel Mira da Silva, Portugal Ghodrat Moghadampour, Finland Paula Morais, Portugal Fernando Moreira, Portugal

José Moreira, Portugal Hector Munoz-Avila, USA Mietek Muraszkiewicz, Poland Ana Neves, Portugal Jose Angel Olivas, Spain Luis Olsina Santos, Argentina Peter Oriogun, UK Marcin Paprzycki, USA José R. Paramá, Spain Oscar Pastor, Spain Maria Carmen Gramaje, Spain Gabriel Pereira Lopes, Portugal Laurent Péridy, France Antonio Pescapé, Italy Steef Peters, The Netherlands Paolo Petta, Austria José Adriano Pires, Portugal Jacek Plodzien, Poland Geert Poels, Belgium Macario Polo, Spain Bhanu Prasad, USA Ed Price, USA Pedro Ramos, Portugal Ulrich Reimer, Switzerland Marinette Revenu, France Simon Richir, France António Rito-Silva, Portugal David Rivreau, France Pilar Rodriguez, Spain Agostinho Rosa, Portugal Gustavo Rossi, Argentina Narcyz Roztocki, USA Francisco Ruiz, Spain Henryk Rybinski, Poland Henry Samier, France Manuel Santos, Portugal Daniel Schang, France Arno Scharl, Australia Mareike Schoop, Germany Hanifa Shah, UK Jianhua Shao, UK Timothy K. Shih, Taiwan Charles Shoniregun, UK Alberto Silva, Portugal Maria João Ferreira, Portugal

xiv Janice Sipior, USA Hala Skaf-Molli, France Liz Sokolowski, UK Chantal Soule-Dupuy, France Chris Stary, Austria Vijayan Sugumaran, USA Lily Sun, UK David Taniar, Australia Sotirios Terzis, UK Philippe Thiran, The Netherlands Claudine Toffolon, France Robert Tolksdorf, Germany Ambrosio Toval, Spain Gulden Uchyigit, UK Antonio Vallecillo, Spain Luminita Vasiu, UK Christine Verdier, France

Conference Committee

Maria-Amparo Vila, Spain HO Tuong Vinh, Viet Nam Aurora Vizcaino, Spain Hans Weghorn, Germany Gerhard Weiss, Germany Graham Winstanley, UK Wita Wojtkowski, USA Robert Wrembel, Poland Baowen Xu, China Haiping Xu, USA Hongji Yang, UK Yoneo Yano, Japan Kokou Yetongnon, France Liping Zhao, UK Shuigeng Zhou, China Lin ZongKai, China

Invited Speakers Richard Soley, Object Management Group, Inc., USA Jan Dietz, Delft University of Technology, The Netherlands Thomas Greene, MIT, USA Rosalind W. Picard, MIT, USA Henri Barki, HEC Montreal, Canada Daniel Schwabe, Catholic University in Rio de Janeiro (PUC-Rio), Brazil M. Lynne Markus, Bentley University, USA Raghavan N. Srinivas, Sun Microsystems, USA Eduardo B. Fernandez, Florida Atlantic University, USA

Invited Speakers

EIS IMPLEMENTATION RESEARCH: AN ASSESSMENT AND SUGGESTIONS FOR THE FUTURE Henri Barki Canada Research Chair in Information Technology Implementation and Management HEC Montréal, 3000 chemin de la Côte-Ste-Catherine Montréal, Québec, Canada H3T 2A7 Email: [email protected]

Keywords:

Systems implementation, Acceptance and diffusion of innovations, Behavioral research.

Abstract:

The implementation of information systems in organizations is a long standing research topic that has preoccupied researchers ever since computer-based information systems started being used in businesses in the early 1960s. However, despite more than 40 years of research, the implementation phenomenon continues to present both practical and research difficulties. The present paper presents a broad overview and assessment of past and current research on implementation, and provides suggestions for future research that will help address some of the challenges implementation researchers currently face.

1

challenges implementation researchers currently face. It is important to note that the present paper’s focus is on implementation research that adheres to what Hevner et al. (2004) refers to as the behavioral science paradigm. Research following this approach is typically driven by the practical concerns and difficulties encountered in practice. Its broad objective is the improvement of organizational efficiency and effectiveness via the introduction and use of IT-based solutions. As such, it views implementation broadly to include all stages of IT adoption, diffusion, and use stages, from initial idea to roll out and afterwards (Cooper and Zmud 1990; Markus and Tanis 2000; Swanson and Ramiller 2004). It is concerned with the study of individual, organizational, technological, and societal factors that influence the introduction and use of IT-based solutions in organizations. As such, behavioral science implementation research is different from research that follows the design science paradigm (Hevner et al. 2004) whose focus is the creation of intellectual and computational tools.

INTRODUCTION

The implementation of information systems in organizations is a long standing research topic that has preoccupied researchers ever since computerbased information systems started being used in businesses in the early 1960s. The initial motivation for researching implementation phenomena stemmed from the need to address the practical difficulties that plagued most information system development projects that organizations were implementing at the time. While today’s information system projects are less about development conducted in-house, and more on configuring integrated systems purchased from a vendor and installed by a third party, they continue to suffer from similar difficulties such as budget and schedule overruns, and the frustration and lack of satisfaction on the part of the users. For example, according to Barki et al. (2005), ERP implementations are more than 200% late and more than 170% over budget, with 50% of ERP projects failing to achieve their expected benefits and delivering less than 60% of what is expected.

The next two sections of the paper provide a broad summary and assessment of behavioral implementation research of the last 40 years, grouped into two categories labeled the Early Years and the Middle Ages. This is followed by a discussion of the strengths and weaknesses of past research on implementation, as well as three

The objective of the present paper is to provide a broad overview and assessment of past and current research on the implementation of information systems, and to provide suggestions for future research that will help address some of the 3

C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 3–10. © 2006 Springer.

Henri Barki

4

suggestions for improving the current state of research on this topic. Finally, the paper presents a summary of a presently ongoing research project as an example of one way in which two of these suggestions were operationalized.

2

BEHAVIORAL IMPLEMENTATION RESEARCH: THE EARLY YEARS (1970S)

The beginnings of behavioral IS implementation research can be traced to the 1960s and the early studies that investigated the implementation failures of operations research and management science (OR/MS) solutions in organizations (Schultz and Slevin 1975). The main impetus for this line of research was the fact that many OR/MS solutions proposed by OR/MS researchers and practitioners were not being adopted or used by managers. In an effort to explain why managers were not interested in adopting solutions that seemingly could help organizations operate more efficiently, researchers began to identify and investigate the factors that influenced outcome variables such as adoption and use of OR/MS recommendations (Schultz and Slevin 1975). As most implementations of OR/MS solutions required the use of computers and entailed extensive programming, implementations of OR/MS solutions and computer-based information systems had many parallels and shared similar difficulties. What later came to be known as “factor studies” of IS implementations (Lucas 1981) were essentially an outgrowth of factor studies in OR/MS implementation. The theoretical foundations of many IS implementation factor studies of the late 1960s and early 1970s can be traced to Churchman and Schainblatt (1965) who identified a lack of understanding between managers and the implementers (or the researchers) as a root cause of many implementation problems, and to Ackoff (1967) who identified the assumptions and myths surrounding these implementations as a root cause of implementation failures. As a result, early IS implementation studies typically tried to identify the factors that significantly influenced managers’ reactions to the introduction of IS in organizations and investigate their impact on outcomes such as system use, satisfaction, and system quality. Largely based on case studies and questionnaire-based field

studies, a key practical objective of these studies was to provide recommendations regarding how to manipulate different factors, such as user participation and user training, so as to achieve greater implementation success. While no comprehensive study has examined the legacy of the early years of IS implementation research, three factors identified in that era stand out in terms of the consensus that has existed over the years regarding their importance. These factors are, top management support (Ginzberg 1981; Lucas 1981; Thong et al. 1996), user participation (Hartwick and Barki 2001; Ives and Olson 1984), and user training (Olfman and Pitsatorn 2000). While the general consensus regarding the significant influence these factors have on implementation success (however defined) has been relatively constant, even today these factors remain as disconnected elements with no meaningful theoretical linkages between them. In part as a response to the largely atheoretical nature of the implementation studies of the 1970s, beginning with the 1980s many researchers sought to study implementation phenomena by more strongly grounding their research in theory. However, given the dearth of theories in the IS field, and heeding the calls of senior researchers (Dickson et al. 1982), they borrowed established theoretical frameworks and models from reference disciplines.

3

BEHAVIORAL IMPLEMENTATION RESEARCH: THE MIDDLE AGES (1980 TO NOW)

In the late 1970s and early 1980s, the focus of implementation research began to shift from the study of the development and installation of transaction processing applications in organizations to the study of issues that were faced with the introduction of different system types, such as management information systems, decision support systems, and expert systems in the 1980s. Later, in the 1990s, the objects of implementation studies became more recently created technologies such as Case tools, EDI, data warehousing, and MRP/ERP systems. Note that, while the IT types being studied did change over the years, the implementation problems experienced had not: high project costs and scheduling delays, low usage and satisfaction

An Assessment and Suggestions for the Future

levels continued to plague most implementation projects (Kirsch 2000; Saga and Zmud 1994). To address these recurrent IS implementation concerns, and to base their inquiries on solid theoretical footing, researchers borrowed existing theories from related disciplines, and applied them to the IT implementation context. One such theory that has had considerable influence on implementation research is the Theory of Reasoned Action (Fishbein and Ajzen 1975) and its derivative, the Theory of Planned Behavior (Ajzen 1991). TRA and TPB were modified to better fit IT contexts via the Technology Acceptance Model (TAM) (Davis et al. 1989) and later via UTAUT (Venkatesh et al. 2003), with TAM being studied by a large number of researchers (Lee et al. 2003). Other theories that have been borrowed include Social Cognitive Theory (Bandura 1977) which was employed to study the impact of self-efficacy on individual behaviors, Diffusion of Innovations (Rogers 1983) and Media Richness Theory (Daft et al. 1987) which helped investigate the characteristics of IT that influenced adoption decisions and behaviors, Information Processing Theory (Galbraith 1974; 1977) and Control Theory (Ouchi 1979; Kirsch 1996) which were used to explain implementation outcomes at the project and organizational levels. In addition to grounding their studies on stronger theoretical foundations, IS researchers also began to recognize and increasingly adopt different epistemologies and methodologies (Orlikowski and Baroudi 1991; Walsham 1995). As noted by Markus and Robey (1988), IS implementation phenomena can be examined with at least three different visions which they labeled technological imperative (a deterministic view of technology and its impacts), organizational imperative (a contingent view of technology whereby its organizational impacts depend on what humans do with it), and emergent (an interaction view according to which it is the mutual interaction of the technology and its context that leads to difficult to predict impacts). An increasing number of IS researchers thus began to study implementation phenomena via such alternative research paradigms, using both variance and process approaches. From a theoretical standpoint, the efforts of IS implementation researchers of the last 25 years has resulted in the development of several theoretical models. Investigating the antecedents of users’ technology acceptance and usage behaviors has attracted a lot of research effort (Agarwal 2000). Originally derived from the Theory of Reasoned

5

Action (Fishbein and Ajzen 1975) and its later version, the Theory of Planned Behavior (Ajzen 1991), these efforts have led to a variety of research models which have recently been integrated in UTAUT (Venkatesh et al. 2003), proposed as a synthesis of past research on user acceptance. According to this model, perceived usefulness, perceived ease of use, social influences, and facilitating conditions are four key constructs that influence individuals’ usage of technology with their respective effects being moderated by individual difference variables such as experience, gender, and age. In addition to these integration efforts, researchers have also tried to bridge the gap between different research streams by integrating research on technology acceptance, which typically focused on usage behaviors, with research investigating antecedents of user attitudes and satisfaction (Wixom and Todd 2005). Other constructs have also been identified as important influences on users’ acceptance of technology including computer selfefficacy (Compeau and Higgins 1995), cognitive absorption (Agarwal and Karahanna 2000), and trust (Gefen et al. 2003). From a practical standpoint, the findings of earlier studies regarding the positive impact of user participation, top management support, and user training have also been generally confirmed (Larsen 2003). In addition, the significant positive impacts of having a project champion (Beath 1991; Howell and Higgins 1990), of adequately managing conflicts (Barki and Hartwick 2001; Robey et al. 1993; Smith and McKeen 1992), and of appropriate management of project risks (Barki et al. 2001) have also been empirically shown.

4

TAKING STOCK AND SUGGESTIONS FOR THE FUTURE

First, it is important to note that the constructs and theoretical models that have emerged in the implementation studies of the last 40 years are, for the most part, independent on the nature of the IT artifact being examined. While some factors may have greater importance in certain contexts, many of them such as top management support, user training, conflict management, and risk management are applicable to many implementation contexts, ranging from the increasingly diminishing in-house

6

IS development environments to the increasingly more popular enterprise system implementations by consultants. Thus, future research on implementation stands to benefit more from focusing on theoretical relationships between constructs than trying to reinvent success factors of each new technology that emerges over time. Second, it can be noted that the behavioral IS implementation studies of the last 40 years form a research stream that today is characterized by strong theoretical foundations, methodological rigor as well as methodological multiplicity, and findings that provide some useful guidelines to practitioners. However, despite these advances, implementation problems still continue to occur frequently and at great cost, especially in the implementation of many enterprise systems (Barki et al. 2005). The continuing nature of technology implementation problems suggests that, while our knowledge and expertise in this domain may have increased over the years, there is still a lot that we do not know and that more research needs to be done. However, this research needs to adopt a new stance if it is to yield greater insight into technology implementation phenomena. Looking at the present state of our knowledge, and the types of research articles that are being published, one can not help but wonder whether our current approaches to studying technology implementations have reached their limits. In terms of research methodology, both the variance and process approaches of studying implementation phenomena appear to have reached a stage where they seem to be stagnating. For example, when TAM was introduced in 1989 it provided a fresh start for studying usage behaviors as a form of system acceptance. Since then, however, a large number of papers have been published to test, in different contexts or with different IT types, the original TAM model or slightly modified versions of it that basically added one or more constructs to the initial model. It is interesting to note that, after synthesizing past research efforts on user acceptance, the integrative UTAUT model proposed by Venkatesh et al. (2003) is not very different from Ajzen’s TPB. Thus, after 17 years of research on user acceptance, we seem to have essentially returned back to square one, which is not a very encouraging sign of progress. The introduction of Structuration Theory and interpretivism to IS implementation research (Orlikowski 1992; 1996; Orlikowski and Baroudi 1991; Walsham 1995) provided a qualitative

Henri Barki

approach that enabled the study of implementation phenomena with greater realism and by taking all its complexities into account. The increased use of positivist case study methods (Dubé and Paré 2003) and other qualitative approaches have also enabled researchers to examine IS implementations in greater depth and detail (e.g., Beaudry and Pinsonneault 2005; Lapointe and Rivard 2005). However, the lessons learned from such process approaches, while interesting in their own right, have been generally difficult to mold into theories that can be subjected to empirical testing. This is especially difficult when most researchers who adopt process approaches shun the adoption of variance approaches in their research and stay largely within their own theoretical and epistemological silos. Note that many variance researchers are guilty of the same given their reluctance to conducting process studies. While conceptually and methodologically more challenging, efforts that combine both approaches are also likely to help IS implementation research to significantly advance from its current state. In essence, the new stance that future implementation research needs to adopt includes: 1) Better conceptualizations of key constructs in variance models so that they better reflect the realism and richness inherent in actual IS implementations. A potentially useful source for doing so is the data and findings that are currently available in past process research on implementation; 2) As IS implementations involve actions and outcomes at individual, project, and organizational levels, we need to construct multilevel theories that span all three levels. For example, presently, most researchers theorize within a single level, with same-level constructs in their research models. By ignoring the significant constraints and influences that variables at higher levels have on lower level constructs, such single-level approaches to theory building leave out an important part of typical implementation contexts out of the research equation; 3) IS implementations occur over a relatively long period of time during which the relationships between the constructs of a research model may vary. For example, users’ satisfaction with a system a year following roll out and after all corrections and adjustments to the system have been made may be different from their satisfaction right after go live. More importantly, different constructs and different model relationships may be needed to explain what happens in the two time periods. Until now, many researchers have ignored such timedependent relationships between their model

An Assessment and Suggestions for the Future

constructs, with many of them using a static variance model to explore relationships between constructs that exist or occur at different time periods of an implementation. Given the potential inaccuracy and confound threats of such approaches, IS implementation researchers need to explicitly take into account the timing aspects of their model constructs into their future modeling efforts.

5

A RESEARCH PROGRAM FOR STUDYING A MULTI-STAGE MODEL OF AN EXPANDED CONCEPTUALIZATION OF SYSTEM USE

This section of the paper provides an outline of an ongoing research program that was undertaken to address some of the shortcomings discussed in the above paragraphs. The program focuses on the development of a broad conceptualization and assessment of the system use construct, and an examination of its antecedents at different time periods in IS implementations. Information system use is a key dependent variable when assessing various information technology development and implementation phenomena such as IT adoption, acceptance, and diffusion (Agarwal 2000; Brancheau and Wetherbe 1990; DeLone and McLean 1992; Straub et al. 1995). The construct of individual-level IS use is generally operationalized in terms of frequency, duration, or variety of system functions used, providing quantitative measures that are useful in testing complex multivariate relationships. However, this approach has important limitations including their failure to consider the multidimensional nature of IS use (Doll and Torkzadeh 1998), their lack of relevance in mandatory use contexts (DeLone and McLean 1992; 2003), their difficulty in specifying what is "… the ideal, or at least sufficient, level of use for a successful or effective IS?" (Szajna 1993, p. 148), the fact that "Simply measuring the amount of time a system is used does not properly capture the relationship between usage and the realization of expected results." (DeLone and McLean 2003, p. 16), and the fact that they miss "[...] much of the richness present in organizational utilization contexts." (Lassila and Brancheau 1999, p. 65) These limitations indicate that "[…] prior measures of system usage […] are inadequate from a conceptual point of view." (Straub et al. 1995, p.

7

1339), and that "The problem to date has been a too simplistic definition of this complex variable." (DeLone and McLean 2003, p. 16) Viewing individual-level IS use as a multidimensional, behavioral construct can address some of these shortcomings. Indeed, recently it has been suggested that researchers adopt a comprehensive conceptualization of users’ post-adoptive behaviors by focusing on “…factors that influence users to continuously exploit and extend the functionality built into IT applications.” (Jasperson et al. 2005, p. 525) Other researchers have suggested that "Technology acceptance outcomes need to be extended to more formally include the notions of adaptation, reinvention, and learning" (Agarwal 2000, p.102) Similarly, "emergent use" during IT infusion has been defined as "[…] using the technology in order to accomplish work tasks that were not feasible or recognized prior to the application of the technology to the work system." (Saga and Zmud 1994, p. 80). This definition suggests that the concept of emergent use includes activities of adaptation and reinvention (Rice and Rogers 1980), as well as learning behaviors. These behaviors also constitute key behavioral components of the individual cognition model of the recently proposed conceptual model of post-adoptive behavior (Jasperson et al. 2005). Based on the above considerations, an initial longitudinal study was conducted using a grounded theory approach to examine the behaviors of twelve users (located in different departments of a large organization) and what they actually did in their daily routines over an 18-month period as they used a recently implemented ERP (Boffo 2005). Based on the findings of that study, users’ system usage behaviors were categorized into: a. Task oriented usage. This category of use behaviors includes users' interactions with an IS in the accomplishment of their organizational tasks. It includes active, hands-on employment of an IS as a tool that supports the performance of an organizational task, as well as the employment of an IS through one or more intermediaries. b. Adaptation oriented usage. This category includes all user behaviors directed at changing or modifying IT and how they will be deployed and used in an organization. An underlying theme of such behaviors is reinvention which reflects deliberate modification-oriented and creative activities which users of IT engage in (Johnson and Rice 1987; Nambisan et al. 1999; Orlikowski 1996;

Henri Barki

8

Rice and Rogers 1980; Tornatzky et al. 1983; Tyre and Orlikowski 1994). These can be further categorized into (a) Technology adaptation: user behaviors that change an IT that has been implemented; (b) Operational adaptation: user behaviors that change the way in which an implemented IT operates; and (c) Organizational adaptation: user behaviors that change how an IT is used in the organization. c. Learning oriented usage. As they learn how to use a new technology, users interact with each other and exchange information in order to adapt to new ways of performing their tasks (Papa and Papa 1992; Papa and Tracy 1988). They also engage in selfdirected learning behaviors such as browsing or scanning a system (Vandenbosch and Higgins 1996). This type of use can be categorized into (a) Communication: interactions with other users or professionals for information exchange; (b) Independent exploration: information search behaviors independently undertaken by users to improve their knowledge and mastery of an IT that has been implemented. We think that the above categories of user behaviors provide a comprehensive and meaningful framework for conceptualizing the construct of individual-level IS use. By providing a more complete and richer representation of what individual users do in terms of system use activities and behaviors, this three-dimensional view of system use can also be useful in explaining the relationships between different facets of this usage and other important IT implementation constructs. For example, each facet of use can be separately examined with existing models of user acceptance in order to better explain and understand the antecedents of users’ adaptation and learning behaviors. To further explore this idea, we undertook a longitudinal study to test a two-stage UTAUT model with IS use conceptualized as the three-dimensional construct described above, and measured at two time periods: the first immediately after go live, and the second after system use becomes routinized. A key hypothesis of the study is that users’ task oriented use, adaptation, and learning behaviors in the first time period will influence their perceived ease of use, perceived usefulness, social norms, and perceived behavioral control (i.e., the antecedents of task oriented use in UTAUT) at time period two. These in turn are hypothesized to influence users’ task oriented use, adaptation, and learning behaviors in the second time period.

As can be seen, the above research program attempts to address the shortcomings of past IS implementation research by (1) conceptualizing IS use with an approach that captures its inherent complexity and realism (a conceptualization made possible by combining process and variance research approaches), and (2) a variance model that reflects the time-dependent nature of the relationships between implementation constructs. While it presently does not address the multi-level aspects of IS implementations, efforts are also being made in that direction with the hope that the research program summarized here will provide a first step in the development of the next stage in IS implementation research.

REFERENCES Ackoff, R., 1967. Management Misinformation Systems. Management Science. 13(12), B147-B156. Agarwal, R., 2000. Individual Acceptance of Information Technologies. In R.W. Zmud (ed.), Framing the Domains of IT Management, Pinnaflex, Cincinnati, OH, 85-104. Agarwal, R. and E. Karahanna. 2000. Time Flies When You're Having Fun: Cognitive Absorption and Beliefs about Information Technology Usage. MIS Quarterly, 24(4), 665-694. Ajzen, I., 1991. The Theory of Planned Behavior. Organizational Behavior and Human Decision Processes. 50(2), 179-211. Bandura, A., 1977. Self-efficacy: Toward a Unifying Theory of Behavioral Change. Psychological Review. 84(2), 191-215. Barki, H., S. Oktamıú and A. Pinsonneault. 2005. Dimensions of ERP Implementations and Their Impact on Project Outcomes. Journal of Information Technology Management. 16(1), 1-9. Barki, H. and J. Hartwick. 2001. Interpersonal Conflict and Its Management in Information System Development. MIS Quarterly. 25(2), 195-228. Barki, H., S. Rivard, S. and J. Talbot. 2001. An Integrative Contingency Model of Software Project Risk Management. Journal of MIS. 17(4), 37-70. Beath, C.M., 1991. Supporting the Information Technology Champion. MIS Quarterly. 15(3), 355372. Beaudry, A. and A. Pinsonneault. 2005. Understanding User Responses to IT: A User Adaptation Coping Acts Model. MIS Quarterly. 29(3), 493-524. Boffo, C., 2005. L’évolution des pratiques individuelles d’utilisation d’un système ERP : Comment se fait l’appropriation d’un changement technologique. Ph.D. thesis, HEC Montréal. Brancheau, J.C. and J.C. Wetherbe. 1990. The Adoption of Spreadsheet Software: Testing Innovation Diffusion

An Assessment and Suggestions for the Future Theory in the Context of End-User Computing. Information Systems Research. 1(2), 115-144. Compeau, D.R., and C.A. Higgins. 1995. Computer Selfefficacy: Development of a Measure and Initial Test. MIS Quarterly. 19(2), 189-212. Cooper, R.B. and R.W. Zmud. 1990. Information Technology Implementation Research: A Technological Diffusion Approach. Management Science. 36(2), 123-139. Churchman, C.W. and A.H. Schainblatt. 1967. The Researcher and the Manager: A Dialectic of Implementation. Management Science. 11(4), B69-87. Daft, R. L., R. H. Lengel and L. Trevino. 1987. Message Equivocality, Media Selection, and Manager Performance. MIS Quarterly. 11(3), 355-366. Davis, F.D., R.P. Bagozzi and P.R. Warshaw. 1989. User Acceptance of Computer Technology: A Comparison of Two Theoretical Models. Management Science. 35(8), 982-1003. DeLone, W.H. and E. McLean. 1992. Information Systems Success: The Quest for the Dependent Variable. Information Systems Research. 3(1), 60-95. DeLone, W.H. and E. McLean. 2003. The DeLone and McLean Model of Information Systems Success: A Ten Year Update. Journal of Management Information Systems. 19(4), 9-30. Dickson, G.W., I. Benbasat and W. King. 1982. The MIS Area: Problems, Challenges, and Opportunities. Database. 14(1), 7-13. Doll, W.J. and G. Torkzadeh. 1998. Developing a Multidimensional Measure of System-Use in an Organizational Context. Information & Management. 33, 171-185. Dubé, L. and G. Paré. 2003. Rigor in IS Positivist Case Research: Currents Practices, Trends, and Recommendations. MIS Quarterly. 27(4), 597-635. Fishbein, M. and I. Ajzen. 1975. Attitude, Intention and Behavior: An Introduction to Theory and Research, Addison-Wesley, Reading, MA.. Galbraith, J.R., 1974. Organizational Design: An Information Processing View. Interfaces. 4(3), 28-36. Galbraith, J. R., 1977. Organization Design, AddisonWesley. Gefen, D., E. Karahanna and D.W. Straub. 2003. Trust and TAM in Online Shopping: An Integrated Model. MIS Quarterly. 27(1), 51-90. Ginzberg, M.J., 1981. Key Recurrent Issues in the MIS Implementation Process. MIS Quarterly. 5(2), 47-59. Hartwick, J. and H. Barki. 2001. Communication as a Dimension of User Participation. IEEE Transactions on Professional Communication. 44(1), 21-36. Hevner, A.R., S.T. March, J. Park, and S. Ram. 2004. Design Science in Information Systems Research. MIS Quarterly. 28(1), 75-106. Howell, J.M., and C.A. Higgins. 1990. Champions of Change: Identifying, Understanding, and Supporting Champions of Technological Innovations. Organizational Dynamics. 40-55.

9 Ives, B. and M.H. Olson. 1984. User Involvement and MIS Success: A Review of Research. Management Science. 30(5), 586-603. Jasperson, J., P. E. Carter and R.W. Zmud. 2005. A Comprehensive Conceptualization of Post-Adoptive Behaviors Associated with Information Technology Enabled Work Systems. MIS Quarterly. 29(3), 525557. Johnson, B.M. and R.E. Rice. 1987. Managing Organizational Innovation: The Evolution From Word Processing to Office Information Systems, Columbia University Press, New York, NY. Kirsch, L.J., 1996. The Management of Complex Tasks in Organizations: Controlling the Systems Development Process. Organization Science. 7(1), 1-21. Kirsch, L.J., 2000. Software Project Management: An Integrated Perspective for an Emerging Paradigm. In Framing the Domains of IT Management, R.W. Zmud (ed.), Cincinnati, OH, Pinnaflex, 285-304. Lapointe, L. and S. Rivard. 2005. A Multilevel Model of Resistance to Information Technology Implementation. MIS Quarterly. 29(3), 461-491. Larsen, K.R.T., 2003. A Taxonomy of Antecedents of Information Systems Success: Variable Analysis Studies. Journal of Management Information Systems. 20(2), 169-246. Lassila, K.S. and J.C. Brancheau. 1999. Adoption and Utilization of Commercial Software Packages: Exploring Utilization Equilibria, Transitions, Triggers, and Tracks. Journal of Management Information Systems. 16(2), 63-90. Lee, Y., K.A. Kozar and K.R.T. Larsen. 2003. The Technology Acceptance Model: Past, Present, and the Future. Communications of the AIS. 12, 752-780. Lucas, H., 1981. Implementation: The Key to Successful Information Systems, Columbia University Press, New York. Markus, L.M. and D. Robey. 1988. Information Technology and Organizational Change: Causal Structure in Theory and Research. Management Science. 34(5), 583-598. Markus, L.M. et C. Tanis. 2000. The Enterprise System Experience—From Adoption to Success. In Framing the Domains of IT Management, R.W. Zmud (ed.), Pinnaflex, Cincinnati, OH, 173-207. Nambisan, S., R. Agarwal and M. Tanniru. 1999. Organizational Mechanisms for Enhancing User Innovation in Information Technology. MIS Quarterly. 23(3), 365-395. Olfman, L. and P. Pitsatorn. 2000. End-User Training Research: Status and Models for the Future. In Framing the Domains of IT Management, R.W. Zmud (ed.), Pinnaflex, Cincinnati, OH, 129-146. Orlikowski, W.J. and J.J. Baroudi. 1991. Studying Information Technology in Organizations: Research Approaches and Assumptions. Information Systems Research. 2(1), 1-28. Orlikowski, W.J., 1992. The Duality of Technology: Rethinking the Concept of Technology in Organizations. Organization Science. 3(3), 398-427.

10 Orlikowski, W.J., 1996. Improvising Organizational Transformation over Time: A Situated Change Perspective. Information Systems Research. 7(1), 6392. Ouchi, W.G., 1979. A Conceptual Framework for the Design of Organizational Control Mechanisms. Management Science. 25(9), 833-848. Papa, W.H. and M.J. Papa. 1992. Communication Network Patterns and the Re-Invention of New Technology. Journal of Business Communication. 29(1), 41-61. Papa, W.H. and K. Tracy. 1988. Communicative Indices of Employee with New Technology. Communication Research. 15, 524-544. Rice, R.E. and E.M. Rogers. 1980. Reinvention in the Innovation Process. Knowledge: Creation, Diffusion, Utilization. 1(4), 499-514. Robey, D., L.A. Smith and L.R. Vijayasarathy. 1993. Perceptions of Conflict and Success in Information Systems Development Projects. Journal of Management Information Systems. 10(1), 123-139. Rogers, E.M., 2003. Diffusion of Innovations. Free Press, New York, NY, 5th edition. Saga, V. and R.W. Zmud. 1984. The Nature and Determinants of IT Acceptance, Routinization and Infusion. In Diffusion, Transfer and Implementation of Information Technology, L. Levine (ed.), North Holland, New York, NY, 67-86. Schultz, R.L. and D.P. Slevin (eds.). 1975. Implementing Operations Research/Management Science, Elsevier, New York, NY. Smith, H.A. and J.D. McKeen. 1992. Computerization and Management: A Study of Conflict and Change. Information & Management. 22, 53-64. Straub, D.W., M. Limayem, and E. Karahanna-Evaristo. 1995. Measuring System Usage: Implications for IS

Henri Barki Theory Testing. Management Science. 41(8), 13281342. Swanson, E.B. and N.C. Ramiller. 2004. Innovating Mindfully with Information Technology. MIS Quarterly. 28(4), 553-583. Szajna, B., 1993. Determining Information System Usage: Some Issues and Examples. Information & Management. 25, 147-154. Thong, J.Y.L., C.S. Yap and K.S. Raman. 1996. Top Management Support, External Expertise and IS Implementation in Small Businesses. Information Systems Research. 7(2), 248-267. Tornatzky, L.G., J.D. Eveland, M.G. Boylan, W.A. Hetzner, E.C. Johnson, D. Roitman, and J. Schneider. 1983. The Process of Technological Innovation: Reviewing the Literature, National Science Foundation, Washington, DC. Tyre, M. J. and W.J. Orlikowski. 1994. Windows of Opportunity: Temporal Patterns of Technological Adaptation in Organizations. Organization Science. 5(1), 98-118. Vandenbosch, B. and C.H. Higgins. 1996. Information Acquisition and Mental Models: An Investigation into the Relationship Between Behavior and Learning. Information Systems Research. 7(2), 198-214. Venkatesh, V., M.G. Morris, G.B. Davis and F.D. Davis. 2003. User Acceptance of Information Technology: Toward a Unified View. MIS Quarterly. 27(3), 425-478. Walsham, G., 1995. The Emergence of Interpretivism in IS Research. Information Systems Research. 6(4), 376-394. Wixom, B.H. and P.A. Todd. 2005. A Theoretical Integration of User Satisfaction and Technology Acceptance. Information Systems Research. 16(1), 85102.

CHANGING THE WAY THE ENTERPRISE WORKS Operational Transformations Thomas J. Greene Computer Science & Artificial Intelligence Laboratory,(CSAIL) at MIT, 32 Vassar Street, Cambridge.MA, USA E-mail: [email protected]

Keywords:

information revolution, enterprise, operational transformation.

Abstract:

The communication and information revolution is caused by a fast changing sets of technologies that have already caused changes in the enterprise. Furthermore the expectations of the "customers" of the enterprise have changed because of personal use of the internet and web. Customers expect the Time of response for any transaction to be instantaneous. Managing the pace of change is today’s big enterprise problem. The technologies of computers, networks, software that enable very fast response are complex and themselves fast changing .To use the new versions of technologies requires both learning new skills and changing internal operational procedures. Operational Transformation is the next frontier of business advantage. Because of global competition in uncertain times, Any enterprise of any size must be configured to change; change the way they conduct business and change basic operations. Failure to do this will mean losing to competitors who do change. These issues will be examined and a possible solution to the problem offered.

1

I first spoke at an ICEIS conference in 1999 and at that time I spoke of the changes that were occurring, but even then I could not predict the intensity of those changes and the pace at which they would occur. Let us begin by looking at a short history of people and technology.

INTRODUCTION

We can all agree that this new millennium is already characterized by change both on a human level and a technology level. The information explosion continues at a forever-increasing pace. In order for our enterprise systems to be successful in this everchanging world; we need to look at our systems in a different and more flexible manner. In the following presentation, I would like, with you, to explore what the problems of this accelerated change may be; where we are now in our design of systems; and where we need to be in the near future.

1.1 People Growth In the time of Julius Caesar (35 BCE) there were said to be a total of 150 million people living in the world. Now in 2000 A.D. the population of the world is 6 billion people. This increase did not occur in a straight line or in an even distribution.

During this presentation we will consider the following: x A short history of people and technology x Some abstractions for Enterprise Managers x The Forces causing faster change x Why your Models need both open design and event monitors x Why the enterprise must be nimble in accessing updates and Changes.

It took until 1800 for the first billion people then from that time to the year 2000, the population has increase to the present population of 6 billion, a mere 200 years for the earths population to increase times 6. When we look at the distribution of the population, we see that the US, Canada, and Western Europe have only 17% of the population. Asia has 61%, Latin America; 9%, and Africa; 13%.

11 C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 11–17. © 2006 Springer.

Thomas J. Greene

12

In the 1400’s we saw the invention of the Guttenberg Press enabling the masses access to the written word. The first time a radio wave was used for communication was with the invention of the telegraph in 1837 and then the telephone in 1876. In 1948 the first transistor was manufactured.

Figure 1: Billions of people.

At a critical time during this population boom, it was felt that this world would not be able to sustain this growth because of an inability to feed these numbers. It was because of a scientific discovery that enabled a substantial increase in the amount of grains that could be grown, that this dire prediction did not become a reality. Even with that we continue to live in a world were millions go hungry. In Sept 2002, an article appeared in the HBR on Serving the World’s Poor, Profitably. A novel model proposed by an enterprise to respond to the evergrowing problem of world hunger, while continuing to consider the necessity of profitability of the enterprise.

The WWW initially was very successful for moving technical text around the world, but it wasn’t until 1994, when graphic capability was established that the Web became the force in society that it is today. In 2000, we had the successful draft of the human genome, which will enable great strides in the understanding of the structure and biology of humankind, which could contribute to the ability to cure some of the most difficult diseases in the world. As we can see then, the pace of change in population and technology has been extremely fast and continues to accelerate at an every increasing pace today and in the future. The amount of information available to us at this time is often overwhelming, so today’s enterprises must find ways to access and use this information and technology to promote growth.

2

ABSTRACTIONS TO MANAGE COMPLEXITY

Let us now look at some abstractions for enterprise managers, which will assist in understanding the rate of technological change and respond.

2.1 The Phase Change Metaphor

Figure 2: Technology growth.

1.2 Technology Growth Along with the population growth and change, we have also seen consistent change in the rate of growth of technology. In 3000 BCE, we see the abacus being used for calculations. A number of years ago they used to have a competition between someone using an abacus and someone using a calculator to ascertain the amount of time it took for numerical calculation. The abacus always won.

When we look at information space, let us consider a water molecule as metaphor. A water molecule can exist in different phases, and as it changes phases its world becomes very different. Suppose this molecule is in its solid state. His neighbours are constant and easily found. When this molecule finds itself in a liquid stage, he finds that he still has neighbors, but they are dynamic and many other molecule are flowing by. In the gaseous state, the molecule finds no neighbors, and other molecules are moving away in all directions. That is where we find ourselves at the present time; in a gaseous state. We all now Moore’s law that states the rate of information doubles every two years. Since the inception of the network, information through the network is doubling every 18 months. The speed of travel of information has also evolved over time from the use of the spoken word; then the ability to

Changing the Way the Enterprise Works

write and send letters; then the move to the use of the horse and then phone which allowed us to transmit information at the speed of sound (600mph) Now with the use of the internet, we send information by the speed of light (186,000mps).

13

The future is in connecting across industries to provide new services from complementary enterprises.

2.2 Change as Transforms Perhaps thinking of the transformation being caused by transforms. The abstract state can be any set of properties or objects, e.g. color, letters, people. Let us say that A=blue, or 50 lbs or 10 men and B=red, 20 lbs and 15 women. A process has occurred that changed A to B. This process may involve ideas, people, machines, or paintbrushes. Call T. That is B = Top A. Some us may consider this as Hibert space or Linear Algebra. However you define it; it is just a powerful picture.

2.3 Business Process Management The processes we are concerned with in the business enterprise has its roots in the: process managed realtime enterprise”, that is you buy an item, add value, and sell it at a profit. Business Process Management takes the islands of knowledge,, data, business rules and applications that represent core enterprise activities and unites then into an information system that is accessable to ordinary business people to help them get work done. This is accomplished through a process-oriented architecture which begins with information services that moves to integration and interaction services which become collaboration services. These processes must be scalable in real time and agile. ”

Figure 3: Business Process Management.

Figure 4: Process Oriented architecture.

3

FORCES CAUSING ENTERPRISE CHANGES

What are some of the forces that are causing the acceleration of change. The big buzz word at the end of the last century and beginning of this century has been globalization. We became distracted from this process of globalization by a number of events in the beginning of this millennium. One was the famous dot.com “bubble”. Innovation and investment moved at very rapid pace and some companies did not have substancial products and customers.. Start up companies were popping up everywhere and a lot of people were making a lot of money. A university administer was quoted as having said.” There will be no classes today, the faculty has all called in rich!”. Then the “bubble” burst and the energy needed to recover from that was deflected away from the development of globalization. Another factor was “9/11” which brought the entire world to somewhat of a standstill in which the global economy and our concepts of being citizens of the world was truly shaken. Following that, there was a breakdown of trust in large corporations resulting from the scandals in the operation of big business. However, at the same time, the interconnectedness that continued growing because of the network and the WWW enabled information to flow across all boundries of geography and language.

14

3.1 Unconstrained Barriers Distance, Language, Time

Thomas J. Greene

Language barriers are down. Computer systems provide translation in multiple languages at the touch of a mouse.

You were now able to innovate without emigrating. Distance is no longer an issue; language is no longer an issue, and design and innovation cant occur anywhere and be instantly available for use everywhere. On the other side of that, any economic incident, legislation, strike , or medical discovery anywhere on the Globe can directly and immediately effect your Enterprise both positively and negatively. In recent times we can see how information flows freely and instantly around the Globe. We were witness to the last days of the Pope and were present outside the Sistine Chapel waiting for the results of the election. The relief effort during the Tsunami disaster was able to be immediately set in motion as we watched in real time a tragedy of epic proportion unfold. The events of 9/11 galvanized the world. We follow elections in Britain, Iraq, and Palestine, because they have global impact Technology has made us into a global community and we must evolve our systems to reflect that reality. Recently Thomas Friedman has published a book the states that Columbus was wrong…the world is not round, but the world, in respects to the information space at least, is flat…and becoming flatter.

3.2 The Big Changes Let us look at some of the realities of today’s world that support that concept of a FLAT WORLD. China and India are now on-line. Remember back to the percentages of world populations with Asia having 61% of the population. These countries as they enter the cyber world in a big way, will require new systems and increased resources; The concern of China over the growing economy of Taiwan will only grow. Technology is going to continue to grow and change the face of the world as we know it, and enterprises will have to react in a proactive way or they will not survive. The world’s consumers will continue to look for maximum value in a cheaper, better product. And they will expect it at an everfaster rate. Other factors that support the concept of the FLAT EARTH are becoming more and more evident.

Figure 5: The Google translator.

Translations of small and large amounts of text are easily done. The languages now offered at Google include Spanish, French, German, Portuguese, Italian, and Korean, Japanese and Chinese. Native speakers tell me that there is room for improvement in the quality of translations, but a quick peak into the document the scholar or curious layman can reveal whether the material is relevant and worth pursuing. This is a very different world and more languages are being added. Soon Russian will be available. When I was a graduate student in the 1960’s the translation time from Russian to English was done by the American Physical Society. The time delay was 6 months and many experiments were duplicated because the translation had not been available in time. Now a push of a button and the information is there, to first order.

Figure 6: Some Sample Translations.

Changing the Way the Enterprise Works

3.3 Examples of Information Space Flatness Information is easily assessable and can be excessive. I saw an ad for a disk containing 10,000 books for $9:00. A whole library at my fingertips. I had to have it. I then found a disk that has instruction in 35 languages. In both those examples, there is more information than I could process in a lifetime.

3.3.1 Everyone is a Journalist-BLOGGING

15

4

OPEN INFORMATION

The trend toward information openness is also a challenge in dealing with the level of available information.

4.1 Open Courses at MIT OCW We have already mentioned the fact that MIT has made available Open Course Ware about five years ago. At present four new universities are offering their own Open Course Ware.

The BLOG where people can tell the story of there lives and you can read it if so moved. Recently BLOGGING directly effected the change in administration at the National lab in Los Alamos. Employees were Blogging to each other regarding the practices of the head administrator. The federal government read these blogs and the administrator was replaced. Pretty powerful stuff.

3.3.2 World Goods A rather strange example that I came upon recently was an article stating that statues of Our Lady of Guadalupe in Mexico were now being made in China.

Figure 7: MIT’s Open Course Ware project.

We all know that new bad word, “Outsourcing”. Your ‘help’ desk may be anywhere on the globe, and your new payroll program may come from India.

The traffic on the MIT OSW website shows not only a frequency in the millions, but also a distribution of hits world-wide.

3.3.3 University Courses

4.2 Open Software – LINUX Plus

A University education is free and instantly accessible. Certification is still the issue , but the information is accessible MIT began putting it’s courses on line 5 years ago. That provides everyone with being able to access the information and use it in any way they choose. They will not receive any certification for that learning, but the material is there for self study by all. Let us consider this again later

More that 25 years ago the concept of Open Source Ware was being developed with the Emacs project. The term used to label the openness of the source ware was that academics held this material by “copyleft” instead of “copy right” and the material was held in the public domain. This enabled other users to actually change the software to better implement it to their needs and the only restriction was that they must give away their improved version, and reference the original.

3.3.4 Personal Effects People can make direct phone calls from the Amazon River .On a more personal note, my energy bill has doubled in 12 months because of situations across the world over which I have no control., such global events as Wars, weather, elections, etc. are immediately and directly connected to my daily life.

4.3 DSpace - Open University Research More recently there has been a move towards the concepts of “creative commons” and “science commons”. Basically this would enable the Academy to keep the copyright on materials and keep them in the public domain. This would enable

Thomas J. Greene

16

the public to use these materials for both creative and scientific endeavors. In the past ten years the cost of professional journals has doubled. In response to this, the concept of DSPACE has been developed. The DSPACE Federation would coordinate planning, development, research and distribution of DSPACE in an open source digital repository. They also encourage digital archiving to provide open access to scientific literature.

the pressures of the 1980s and the 1990s look tame in comparison. Incumbents must understand how powerful forces are aggregating the once-distant product and geographic markets, enhancing marketclearing efficiency, and increasing specialization in the supply chain. They should respond by adopting a new approach strategy-one that combines speed, openness, flexibility, and forward focused thinking. Mature companies must learn to be young at heart. Boundless new opportunities await executives who recognize that days of slow change are over.” Again the responses must be a flexible, nimble, continuous self- educating, new models. These model now need world monitoring capabilities for timely updates. The enterprise must create almost “real time” operational changes or they will cease to exist. Every local working enterprise then must be “global in thinking”. An example of a 21st century value network is a project called GLORIAD. Here, the network is the value-delivery system. GLORIAD is the first optical fiber network research and education network encircling the globe.

Figure 8: DSPACE.

5

THE ENTERPRISE CHALLENGED

I hope it has become evident to you as we went through these material that there are many challenges to the Enterprise to enable it to remain relevant and timely in new developments. Some of these challenges are: Extreme competition Globalization Rapidly changing technologies Forces beyond our control (world events are now directly coupled with your activities) The Enterprise response must be a flexible, nimble, continuous self-educating, new models. These models now need world monitoring capabilities and open design to be nimble to keep with up new developments and uncontrollable Changes. An article in The McKinsey Quarterly (23 May 2005) described what the responses to these challenges must be: “Established companies should brace themselves for a future of extreme competition which may make

5.1 Across the Generations The enterprise must not only integrate its efforts across the space of the globe, but also across the time of the ages in its workforce. The accelerating change effects we have seen above have had significant effects on the generations that are now in our work force. In a recent article in the student paper TECH TALK (2 Feb 2005) results of a study were given. “The generations at work” found that there are four co-existing generations in the workplace today. They divided the workforce into four groups: x “Matures” born between (1909 and 1945) – Matures are the silent generation. They value sacrifice, commitment, and financial and social conservatism. They remember the depression. They are the establishment.

x

“Boomers” born between (1946 and 1964)-Boomers value themselves. They are competitive and anti-authority. They grew up with Vietnam, Watergate, and Woodstock. They have high expectations. They’re diplomatic, loyal and want validation. And they value privacy.

Changing the Way the Enterprise Works

x

“Gen Xers” born between (1965 and 1978). Gen Xers were the first latchkey kids. There entrepreneurial, pragmatic, straightforward. They grew up with AIDS, MTV, PCs, divorce.

x

“Millennials” born from (1978 and Millennials are onward)-The nontraditionalists, optimistic, and very community centered. They are technologically adept and very busy, busy. They grew up with the OJ Simpson trial, Columbine, and 9/11. They are versatile and they write blogs about their lives.

To the Enterprise this means that co-workers and customers may have fundamentally different approaches to work, teamwork, privacy, respect for authority, and values., and customers are not a single collection of people.

5.2 Globalization as a New Marketplace When we look at the world population-income distribution, it shows us that a small percentage occupies the top of the pyramid with incomes of over 20, 000. Most companies concentrate on doing business with the very tip of the pyramid and completely ignore the business potential at its base. What they lack in income, could be more than overcome by the sheer numbers-over 4 billion strong.

5.3 The Biggest Challenge Fifty percent of finding strategic advantages for the Enterprise is learning how to use our technologies.

17

The other fifty percent is how fast the human component of the Enterprise can absorb change. Not solving both issues can be a problem. In conclusion, “The World is Flat” in information space and the new enterprise must learn to live with it to be able to survive global competition.

REFERENCES Diamond J. (1997). Guns, Germs and Steel: The Fates of Human Societies. New York, Norton, Friedman., Thomas L. (2000) The Lexus and the olive tree New York : Anchor Books, Friedman., Thomas L. (2005) The world is flat : a brief history of the twenty-first century. : Waterville, Me Thorndike Press, Barabasi, A-L (2002), LINKED: The New Science of Networks, Perseus, Cambridge, MA Slywotzky, (2000) Adrian and David Morrison How digital is your business? New York : Crown Business, Naisbitt., John, (1982) Megatrends : ten new directions transforming our lives New York : Warner Books, Toffler, Alvin (1980) . The Third Wave / New York : Morrow, 1980. Fingar, Peter and Howard Smith (2003) , Business Process Management (BPM): The Third Wave MIT’s Open Courseware: http://ocw.mit.edu/index.html Google Translator: http://www.google.com/language_ tools?hl=en DSpace at MIT: http://libraries.mit.edu/dspace-mit/World population Growth: http://www.prb.org/content/ navigationMenu/PRB/Educators/Human_Population/ population_Growth/Population_Growth.htm Technology Timeline: http://www.efn.org/~peace/ past/ spiral/

ENTERPRISE ONTOLOGY – UNDERSTANDING THE ESSENCE OF ORGANIZATIONAL OPERATION Jan L. G. Dietz Delft University of Technology, PO Box 5031, 2600 GA Delft, The Netherlands [email protected]

Abstract:

1

Enterprise ontology, as defined in this paper, is the essential knowledge of the construction and the operation of the organization of an enterprise, completely independent of the ways in which they are realized and implemented. A methodology is presented for producing the ontology of an enterprise. It has a sound theoretical foundation, which is summarized to the extent needed for understanding the methodology. A small example enterprise serves to illustrate how the methodology works, and to demonstrate the practical usefulness of the notion of enterprise ontology. The motivation for the reported research is the apparent need to make societal institutions, both companies and government agencies, transparent to its customers, as well as to its employees and managers.

independent from all realization and implementation issues. We call such a conceptual model the ontology or the ontological model of the enterprise. The original Greek word from which the English word “ontology” stems, means study or knowledge of what is or exists. In its modern use, ontology has preserved this original meaning, but it has also a definite practical goal. It serves to provide a basis for the common understanding of some area of interest among a community of people who may not know each other at all, and who may have very different cultural backgrounds. There are various definitions of the modern notion of ontology getting around. A widely adopted definition is the one in (Gruber, 1995): an ontology is a formal, explicit specification of a shared conceptualization. We will call this notion of ontology, like those in (Bunge , 1977), (Gómez-Pérez et al., 2004), (Guarino, 1998), and (Meersman, 2001), world ontology, because it basically describes the state space of a world or universe of discourse. Common examples of worlds are the world of traveling and the world of baking. The focus of a world ontology is on the core elements in such a world and their interrelationships. The notion of ontology as applied in this paper is the notion of system ontology (Bunge, 1979), (Dietz, 2006). Our goal is to understand the essence of the construction and operation of systems, more specifically, of enterprises. As will become clear, this notion of system ontology includes the notion of world ontology.

INTRODUCTION

Managing an enterprise, but also getting services from it as a client or collaborating with it as partner in a network, is nowadays far more complicated than it was in the past. The problems in current enterprises, of any kind, are well investigated and well documented. They are all about complexity, and complexity can only be mastered if one dispose of a comprehensive theory about the kind of things whose complexity one wants to master, and of appropriate analysis methods and techniques, based on that theory. The knowledge that one acquires at management or business schools does not suffice anymore. Even the gifted entrepreneur or manager cannot succeed anymore without a basic, systematic, and integral understanding of how enterprises work. In order to cope with the current problems and the future challenges, a conceptual model of the enterprise is needed that is coherent, comprehensive, consistent, concise, and essential. By coherent we mean that the distinguished aspect models constitute a logical and truly integral whole. By comprehensive we mean that all relevant issues are covered, that the whole is complete. By consistent we mean that the aspect models are free from contradictions or irregularities. By concise we mean that no superfluous matters are contained in it, that the whole is compact and succinct. The most important property, however, is that this model is essential, that it concerns only the essence of the enterprise, 19

C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 19–30. © 2006 Springer.

Jan L.G. Dietz

20

A major motivation for this paper stems from our conviction that people are in need for transparency about the operation of the systems we daily work with, ranging from the domestic appliances to the big societal institutions. This need can only increase if one imagines a future life in a cyber culture (Bell and Kennedy, 2000). Let us give some examples to clarify the point. First, regarding technical devices, if you read the user manual of a video recorder or a computer, you become overloaded with irrelevant details. You mostly end up with a headache instead of any relevant understanding. And in case you persevere, there is a high chance that you will discover so many errors and omissions in the description that reading has become solving a puzzle. Second, have you ever phoned the help desk of a company or a government agency in order to get the service they claim to deliver? Mostly you end up not by having what you were looking for, but by being frustrated. Why? Because the operation of these institutions is completely opaque to you. You do not know what to believe and what not to believe; you are literally lost in cyberspace. And, in case you have succeeded in penetrating to the right place, there is a chance that the responsible person does not take on his or her responsibility and concludes your case by blaming the computer or any other thing that he or she uses as an aid. Most probably, he or she acts in this way not to hamper or frustrate you, but because the institution is also opaque to him or her. This situation should stop because it is in no one’s interest that it continue, as it has been in no one’s interest to have come this far. To the best of our knowledge, there has never anywhere been a plan to organize modern society in such a way that nobody is able to understand how it works. Imagine that it is possible for you to acquire the right amount of the right kind of knowledge of the operation of the company from which you bought something you want to complain about, or of the government agency from which you are trying to get a license but have not succeeded yet. In summary, imagine that the business processes of these enterprises have become transparent to you. It is the goal of this paper to offer a new understanding of enterprises, such that one is able to look through the distracting and confusing appearance of an enterprise right into its deep kernel, like an X-ray machine can let you look through the skin and the tissues of the body right into the skeleton. We will try to achieve this goal through a notion of ontology that includes the dynamic aspects of a system, and that at the same time does justice to the nature of enterprises. This nature is that enterprises are social systems, of which

the operating principle consists of the ability of human beings to enter into and comply with commitments. In summary, this paper introduces the notion of enterprise ontology, and demonstrates its practical usefulness by applying the DEMO 1 methodology to an example case. In Sect. 2, the first_fee (M) = ((12 - Current_Month#)/12) * annual_fee(Current_Year) age(P) = < difference in years between birth year of P and current year > The last, and most comprehensive, aspect model is the Construction Model (Figure 11). The two transaction patterns in Figure 9 are, so to speak, ‘compressed’ to only one symbol in Figure 11, namely, the disk with a diamond in it. The actor roles involved are represented by a box. They are

aspirant member

CA02

A01 T02

T01 admitter

membership start

payer

membership payment

CPB02

personal data

Figure 11: Ontological Construction Model of Volley.

Assigning actor roles to persons is a matter of implementing the enterprise; one completely abstracts from it on the ontological level of understanding the enterprise. There is only one internal actor role, namely, A01. It is colored white because it is an elementary actor role. An elementary actor role is an atomic amount of authority and responsibility. It is producer of exactly one transaction type, and customer of zero, one, or more transaction types. In our case, A01 is the producer of T01 and the customer of T02. An actor role is fulfilled by a human being. If one rereads the description of Volley, then it appears that actor role A01 is fulfilled by both Miranda and Charles. This is a deviation from the ideal implementation of an actor role (being the assignment of an elementary actor role to one organizational function or person).

Enterprise Ontology – understanding the Essence of Organizational Operation

It has its price, namely, the need for a continuous tuning in by Miranda and Charles of the norms and values they apply. The transaction symbol actually has two interpretations. In addition to representing a transaction type of which instances are carried through in the enterprise, it is the combination of a coordination bank (the disk) and a production bank (the diamond). A coordination bank contains all coordination facts created; they allow one to monitor the progress of all transaction instances. A production bank contains all created production facts. Production bank PB01 (of T01) contains instances of the type MEMBERSHIP as well as instances of the fact type “the member of M is P” and instances of the fact type “membership M has been started”. Production bank PB02 (of T02) contains instances of the fact type “the first fee for membership M has been paid”. There are two composite production banks (CPB01 and CPB02). They contain facts that are needed by A01 but that are produced outside the enterprise under consideration. CPB01 contains instances of the property types “minimum age”, “annual fee”, and “maximum number”. CPB02 contains instances of the type PERSON as well as instances of the property type “date of birth”. The dashed lines indicate that actor role A01 (the only internal actor role) has access to the contents of these banks. As the producer of T01 and the customer of T02, it has also access to the production bank and the coordination bank of T01 and to those of T02. These access rights are completely independent on the way it is realized and implemented. For example, it does not say that actor A01 is informed by some other actor or that he or she has to be active himself or herself to get the information needed. In addition, it does not say by which technological means the information is acquired.

5

CONCLUSIONS

Let us assess what has been presented and discussed in the previous sections, and try to answer some emerging questions. What is exactly the difference between the ontological model of Volley, expressed in the four aspect models, and any other kind of model, like the flow chart? What are the benefits of the ontological model, and for what purposes? Without trying to be exhaustive, let us look at some striking matters and discuss their practical consequences.

29

First, the ontological model of Volley is really and fully abstracted from the current way in which it operates. It does not contain organizational functions, like secretary and administrator and members, or references to persons (Miranda or Charles). It also does not contain any infological or datalogical things: no computing, no inquiring, no letter book, no register, etc. Moreover, it completely abstracts from the way in which the fulfillers of the distinguished actor roles communicate: no letters, no telephone calls, etc. These properties, of course, make the ontological model very stable. A new organizational structure will not change the ontology; nor will replacing letters by e-mails; nor will replacing the register book by a database, and so on. Second, the ontological model of Volley shows things that have no explicit implementation, like the promise and the acceptance of T01. As you may tell from your own experience, these omissions are potential breakdowns in business processes as soon as changes are implemented, e.g., the replacement of an employee by somebody new (who does not know all the “no news is good news” rules that are in place). Put differently, the ontological model is the only right starting point for proposing, analyzing, and implementing such changes because there is only one thing that one has to see to while bringing about changes in an enterprise. It is that all parts of the ontological model are implemented, nothing more and nothing less. The ontological model also provides the right amount of (re)design and (re)engineering freedom. For example, the state model of Volley rightly does not contain the postal mail address of members. Such information is dependent on the particular communication channel one chooses, in this case the postal mail service. However, should we choose e-mail, we would need e-mail addresses instead. The ontological model only states in this respect that the (fulfillers of the) two actor roles must be able to communicate. Third, the four aspect models constitute a truly coherent set of models, based on a common theoretical foundation (the 30), and n2 = count(age > 30) – n1. All other variables are computed similarly for evaluating the splits. Suppose that after computation and comparison the best split at B is “income ” $40, 000,” the diagram shown in Fig. 3. gives the initial steps of evaluating splits of nodes A, B, and C. A Age PRDS2 š HRML > HRDS1 š HRML > HRDS2 š MMRML < MMRDS1 š MMRML < MMRDS2 for an (adjustable) number of recent descriptions submitted by the user. The strictness of this set of conditions may be relaxed by omitting some of the inequalities. In any case, it is important to observe that, if the complete set of conditions is repeatedly true, this implies that the ML component will be capturing preferences better than the weight vectors submitted by the user himself/herself. In such a case, it will also be interesting to explore the possibility of capturing additional criteria that the user is not fully aware of, i.e. sub-conscious criteria. This could become apparent through the examination of experimental results and users’ comments regarding system performance with respect to their preferences.

8 FUTURE WORK This stage of our work will conclude with the detailed design and implementation the ML component. Subsequent performance comparison of the two components will lead to further refinement of their properties. Extending the solution evaluation to grade assignment instead of plain approval/rejection will also be considered. In that case performance indices will have to be modified to also reflect the quality of the selected set of solutions.

Intelligent Solution Evaluation Based on Alternative User Profiles

The next major stage of our work will focus on the enhancement of the user profile model with information originating from the connection between the declarative description and the corresponding approved solutions. Such an association will offer insight regarding the specific user’s interpretation of declarative properties and relations. Successful modeling of user preferences at the declarative as well as the geometric level will allow incorporation of user profile information to the process of solution generation, thus significantly improving system performance.

ACKNOWLEDGMENTS This study was co-funded by 75% from the European Union and 25% from the Greek Government under the framework of the Education and Initial Vocational Training Program – ‘Archimedes’.

REFERENCES Bardis G., Miaoulis G., Plemenos D., 2004. An Intelligent User Profile Module for Solution Selection Support in the Context of the MultiCAD Project. 7e Infographie Interactive et Intelligence Artificielle (3IA), Limoges, France. Bonnefoi P.-F., Plemenos D., 2002. Constraint satisfaction techniques for declarative scene modeling by hierarchical decomposition, 3IA, Limoges, France Brusilovsky P., 2001. Adaptive Hypermedia, User Modeling And User-Adapted Interaction 11: 87-110. Chen C.C., Chen M.C., 2002. PVA: A Self-Adaptive Personal View Agent, Journal Of Intelligent Information Systems, 18:2/3, 173–194. Essert-Villard C., Schreck P., Dufourd J.-F. 2000. SketchBased Pruning of a Solution Space within a Formal Geometric Constraint Solver, Artificial Intelligence 124, 139-159. Fribault P., 2003. Modelisation Declarative d’Espaces Habitable, (in French), Doctoral dissertation, University of Limoges, France. Golfinopoulos V., Dragonas J., Miaoulis G., Plemenos D., 2004. Declarative Design in Collaborative Environment, 7e 3IA, Limoges, France. Goodwin P., Wright G., 1998. Decision Analysis for Management Judgement, Second Edition, Wiley. Joan-Arinyo R., Luzon M.V., Soto A., 2003. Genetic Algorithms for Root Multiselection in Constructive Geometric Constraint Solving. Computers and Graphics 27, 51-60.

111

Makris D., Ravani I., Miaoulis G., Skourlas C., Fribault P., Plemenos D., 2003. Towards a domain-specific knowledge intelligent information system for Computer-Aided Architectural Design, 3IA conference, Limoges, France. Miaoulis G., 2002. Contribution à l'étude des Systèmes d'Information Multimédia et Intelligent dédiés à la Conception Déclarative Assistée par l'Ordinateur – Le projet MultiCAD (in French), Professorial dissertation, University of Limoges, France. Miaoulis G., Plemenos D., Skourlas C., 2000. MultiCAD Database: Toward a unified data and knowledge representation for database scene modeling, 3IA, Limoges, France. Nassar K., Thalet W., Beliveau Y., 2003. A Procedure for Multicriteria Selection of Building Assemblies, Automation in Construction 12, 543-560. Pazzani M., Billsus D., 1997. Learning And Revising User Profiles: The Identification Of Interesting Web Sites, Machine Learning 27, 313–331. Plemenos D., 1995. Declarative modeling by hierarchical decomposition. The actual state of the MultiFormes project, Communication in International Conference GraphiCon'95, St Petersburg, Russia. Plemenos D., Miaoulis G., Vassilas N., 2002. Machine learning for a General Purpose Declarative Scene Modeler. International Conference GraphiCon'2002, Nizhny Novgorod, Russia. Plemenos D., Tamine K., 1997. Increasing the efficiency of declarative modeling. Constraint evaluation for the hierarchical decomposition approach. International Conference WSCG’97, Plzen, Czech Republic. Ravani I., Makris D., Miaoulis G., Constantinides P., Petridis A., Plemenos D., 2003. Implementation of Architecture-oriented Knowledge Framework in MultiCAD Declarative Scene Modeling System, 1st Balcan Conference in Informatics, Thessaloniki, Greece. Ravani J., Makris D., Miaoulis G., Plemenos D., 2004. Concept-Based Declarative Description Subsystem for Computer Aided Declarative Design (CADD). 7e 3IA, Limoges, France. Roberts R., Goodwin P., 2002. Weight Approximations in Multi-attribute Decision Models, Journal of Multicriteria Decision Analysis 11: 291-303. Saaty, T.L., 1990. The Analytic Hierarchy Process, RWS Publications, Pittsburgh, USA. Soltysiak S.J., Crabtree I.B., 1998. Automatic learning of user profiles — towards the personalization of agent services, BT Technology Journal Vol. 16, No 3. Vassilas N., Miaoulis G., Chronopoulos D., Konstantinidis E., Ravani I., Makris D., Plemenos D, 2003. MultiCAD-GA: A System for the Design of 3D Forms Based on Genetic Algorithms and Human Evaluation, SETN 203-214, Thessaloniki, Greece. Vincke P., 1992. Multicriteria Decision-aid, Wiley (1992).

USING dmFSQL FOR FINANCIAL CLUSTERING Ramón Alberto Carrasco Dpto. de Lenguajes y Sistemas Informáticos, Universidad de Granada, Granada, Spain Email: [email protected]

María Amparo Vila Dpto. de Ciencias de la Computación e I.A., Universidad de Granada, Granada, Spain Email: [email protected]

José Galindo Dpto. de Lenguajes y Ciencias de la Computación, Universidad de Málaga, Spain Email: [email protected]

Keywords:

Clustering, Flexible Queries, Data Mining, Fuzzy SQL, Fuzzy Databases.

Abstract:

At present, we have a dmFSQL server available for Oracle© Databases, programmed in PL/SQL. This server allows us to query a Fuzzy or Classical Database with the dmFSQL (data mining Fuzzy SQL) language for any data type. The dmFSQL language is an extension of the SQL language, which permits us to write flexible (or fuzzy) conditions in our queries to a fuzzy or traditional database. In this paper, we propose the use of the dmFSQL language for fuzzy queries as one of the techniques of Data Mining, which can be used to obtain the clustering results in real time. This enables us to evaluate the process of extraction of information (Data Mining) at both a practical and a theoretical level. We present a new version of the prototype, called DAPHNE, for clustering witch use dmFSQL. We consider that this model satisfies the requirements of Data Mining systems (handling of different types of data, high-level language, efficiency, certainty, interactivity, etc) and this new level of personal configuration makes the system very useful and flexible.

should be predictable and acceptable when dealing with very large amounts of data. - Handling of Different Types of Data. There are different kinds of data and databases used in diverse applications (relational data, objects, hypertext, etc.) so it would be desirable that a Data Mining system would carry out its work in an effective way. - Interactive Mining Knowledge at Multiple Abstraction Levels. The interactive discovery of knowledge allows the user to refine a Data Mining request on line, dynamically change data focusing, progressively deepen a Data Mining process, and flexibly view the data and Data Mining results at multiple abstraction levels and from different angles. - Mining Information from Different Sources of Data. Currently the knowledge mining from different sources of formatted or unformatted data with diverse data semantic is perceived to be a difficult challenge.

1 INTRODUCTION We can define Data Mining as the process of extraction of interesting information from the data in databases. According to (Frawley 1991) a discovered knowledge (pattern) is interesting when it is novel, potentially useful and non-trivial to compute. A serie of new functionalities exist in Data Mining, which reaffirms that it is an independent area (Frawley 1991): - High-Level Language. This representation is desirable for discovered knowledge and for showing the results of the user's requests for information (e.g. queries). - Certainty. The discovered knowledge should accurately reflect the content of the database. The imperfectness (noise and exceptional data) should be expressed with measures of certainty. - Efficiency. The process of extraction of knowledge should be efficient, i.e. the running time 113

C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 113–119. © 2006 Springer.

Ramón Alberto Carrasco et al.

114

-

Figure 1: Trapezoidal possibility distributions: A, B.

In this paper we discuss the implementation of two prototypes for Data Mining purposes: we have used a combination of DAPHNE which was initially designed for clustering on numeric data types (Carrasco, 1999) and dmFSQL which was designed for fuzzy (or flexible) queries (Galindo 1998, Galindo 1998b, Galindo 1999). At this point, we would like to point out that Data Mining is an autonomous and self-interesting field of research, in which techniques from other fields could be applied. Among these techniques are the use of dmFSQL (data mining Fuzzy SQL), which is a database query language which incorporates fuzzy logic. In particular, we use dmFSQL to solve, in real time, queries, which obtain objects (tuples) with similar characteristics, i.e. objects of a specific group through a process of clustering. Often, the clustering is carried out on a set of examples from the database and not on the entire database. We present some experimental results with this alternative solution in the context of a bank. This area needs a Data Mining system tailored to its needs, because this area manages very large databases and these data has a very concrete meaning. Thus, data must be treated according to this meaning. Finally, as conclusions we consider that this model satisfies the requirements of Data Mining systems [Chen 1996, Frawley 2001) (handling of different types of data, high-level language, efficiency, certainty, interactivity, etc.) and this new level of personal configuration makes the system very useful and flexible.

2 dmFSQL A LANGUAGE FOR FLEXIBLE QUERIES The dmFSQL language (Galindo 1998, Galindo 1998b, Galindo 1999) extends the SQL language to allow flexible queries. We have extended the SELECT command to express flexible queries and, due to its complex format, we only show an abstract with the main extensions added to this command:

-

Linguistic Labels: If an attribute is capable of undergoing fuzzy treatment then linguistic labels can be defined on it. These labels will be preceded with the symbol $ to distinguish them easily. They represent a concrete value of the attribute. dmFSQL works with any kind of attributes (see 2.1.1 section) therefore, by example, a label can have associated: a trapezoidal possibility (Figure 1), a scalar (if there is a similarity relationship defined between each two labels in the same domain), a text, a XML document, etc. Fuzzy Comparators: In addition to common comparators (=, >, etc.), dmFSQL includes fuzzy comparators in Table 1. There are some different kinds of fuzzy comparators. By example a fuzzy comparator is used to compare two trapezoidal possibility distributions A, B with A=$[DA,EA,JA,GA] B=$[DB,EB,JB,GB] (see Figure 1). In the same way as in SQL, fuzzy comparators can compare one column with one constant or two columns of the same type. More information can be found in (Galindo 1998b, Galindo 1999). These definitions can are based in fuzzy set theory, classical distance functions and other type of similarity functions. Table 1: Fuzzy Comparators for dmFSQL Fuzzy Comparator (fcomp) Significance for: Possibility Necessity FEQ NFEQ Fuzzy EQual FGT NFGT Fuzzy Greater Than FGEQ NFGEQ Fuzzy Greater or Equal FLT NFLT Fuzzy Less Than FLEQ NFLEQ Fuzzy Less or Equal MGT NMGT Much Greater Than MLT NMLT Much Less Than

-

-

-

Fulfilment Thresholds J: For each simple condition a Fulfilment threshold may be established with the format THOLD J, indicating that the condition must be satisfied with a minimum degree J in [0,1] fulfilled. CDEG() function: This function shows a column with the Fulfilment degree of the condition of the query for a specific attribute, which is expressed in brackets as the argument. Fuzzy Constants: We can use and store all of the fuzzy constants (which appear in Table 2) in dmFSQL.

Using dmFSQL for Financial Clustering

115

Table 2: Fuzzy Constants of dmFSQL F. Constant

Significance

UNKOWN UNDEFINED NULL

Unknown value but the attribute is applicable

A=$[DA,EA, JA,GA] $label

Fuzzy trapezoid (DAdEAd JAdGA): See Figure 1

The attribute is not applicable or it is meaningless Total ignorance: We know nothing about it

Linguistic Label: It may be a trapezoid or a scalar (defined in dmFMB)

[n, m]

Interval “Between n and m” (DA=EA=n and JA=GA=m)

#n

Fuzzy value “Approximately n” (EA=JA=n and nDA=GA=margin)

2.1 Architecture of dmFSQL In this section, we shall describe the first prototype to be integrated in our approach. At present, we have a dmFSQL Server available for Oracle© Databases, mainly programmed in PL/SQL. The architecture of the Fuzzy Relational Database with the dmFSQL Server is made up by: 1. Data: Traditional Database and data mining Fuzzy Meta-knowledge Base (dmFMB). 2. dmFSQL Server. 2.1.1 Data: Traditional Database and dmFMB The data can be classified in two categories: -

Traditional Database: They are data from our relations with a special format to store the fuzzy attribute values. The fuzzy attributes are classified by the system in 4 types: - Fuzzy Attributes Type 1: These attributes are totally crisp (traditional), but they have some linguistic trapezoidal labels defined on them, which allow us to make the query conditions for these attributes more flexible. Besides, we can use all constants in Table 2 in the query conditions with these fuzzy attributes. - Fuzzy Attributes Type 2: These attributes admit crisp data as well as possibility distributions over an ordered underlying domain. With these attributes, we can store and use all the constants we see in Table 2. - Fuzzy Attributes Type 3: These attributes have not an ordered underlying domain. On these attributes, some labels are defined and on these labels, a similarity relation has yet to be defined. With these attributes, we can only use the fuzzy comparator FEQ, as they have no relation of order. Obviously, we cannot store or use the constants fuzzy trapezoid, interval and approximate value of Table 2.

-

- Attributes Type 4: There are different kinds of data in a database used in diverse applications (relational data, objects, hypertext, XML, etc.) therefore, it would be desirable that a Data Mining system would carry out its work in an effective way. In order to manage these data we have defined these attributes. It is a generic type (fuzzy or crisp), which admits some fuzzy treatment. We permitted this attribute is formed by more than a column of the table (complex attributes). Therefore, with attributes Type 4 is possible to redefine the attributes Type 1, 2 and 3 using other representations (by example, alternative representation to the fuzzy trapezoid) or fuzzy comparators. With these attributes, we can store and use the constants linguistic label in Table 2. Data mining Fuzzy Meta-knowledge Base (dmFMB): It stores information about the Fuzzy Relational Database in a relational format. It stores attributes which admit fuzzy treatment and it will store different information for each one of them, depending on their type: - Fuzzy Attributes Type 1: In order to use crisp attributes in flexible queries we will only have to declare them as being a fuzzy attribute Type 1 and store the following data in the dmFMB: Trapezoidal linguistic labels: Name of the label and DA, EA, JA and GA values (as in Figure 1). Value for the margin of the approximate values (see Table 1). Minimum distance in order to consider two values very separated (used in comparators MGT/NMGT and MLT/NMLT). - Fuzzy Attributes Type 2: As well, as declare them as being a fuzzy attribute Type 2, these attributes have to store the same data in the dmFMB as the fuzzy attributes Type 1. - Fuzzy Attributes Type 3: They store in the dmFMB their linguistic labels, the similarity degree amongst themselves and the compatibility between attributes of this type, i.e., the attributes that use the same labels and that can be compared amongst them. - Attributes Type 4: The dmFMB stores information for the fuzzy treatment of the attributes Type 4: - Fuzzy Comparison Functions: The user can define the functions of comparison (Table 1) for the treatment of each attribute of Type 4. The format is: CDEG (A fcomp B) -> [0,1] with CDEG the compatibility degrees, A, B two attributes or linguistic labels Type 4 and fcomp any fuzzy comparator in Table 1. The user can

Ramón Alberto Carrasco et al.

116

associate each attribute functions already defined in the dmFMB. - Representation Functions: The user can optionally define it to show the attributes in a more comprehensible way. Of course, the user can associate each attribute functions already defined in the dmFMB - Linguistic labels: They represent a concrete value of the attribute. - Complex attributes: We permitted this attribute is formed by more than a column of the table. Therefore, the dmFMB stores information on structure of the attributes Type 4. 2.1.2 dmFSQL Server It has been programmed mainly in PL/SQL and it includes three kinds of functions for attributes Type 1, Type 2 and Type 3: - Translation Function: It carries out a lexical, syntactic and semantic analysis of the dmFSQL query. If errors, of any kind whatsoever, are found, it will generate a table with all the found errors. If there are no errors, the dmFSQL query is translated into a standard SQL sentence. The resulting SQL sentence includes reference to the following kinds of functions. - Representation Functions: These functions are used to show the fuzzy attributes in a comprehensible way for the user and not in the internally used format. - Fuzzy Comparison Functions: They are utilized to compare the fuzzy values and to calculate the compatibility degrees (CDEG function). As we have seen, Translation and Representation Functions are included in the dmFMB for the attributes Type 4.

3 USING dmFSQL TO CLUSTERING PROCESS In this section, we shall describe the integration of dmFSQL Server to the clustering process. This is a part of a project, which is currently under investigation with some Spanish banks. It deals with customer database segmentation, which allows differentiated treatment of customers (Direct Marketing).

Included in this project we have a prototype called DAPHNE (Carrasco, 1999). It is a generic tool for clustering focused on the financial environment. The prototype uses techniques, which come from diverse fields: hierarchical clustering, unsupervised learning based on fuzzy-set tools, statistical techniques, etc. In this paper, we show a new version of DAPHNE witch incorporate the dmFSQL Server to do effective clustering. Following we explain the full process. Operation of DAPHNE: In the first step, the relevant features of the customers for the clustering are chosen using the user's knowledge. For this selection, the user can use a method that we have developed for automatic selection of relevant characteristics based on genetic algorithms (MartínBautista 1998). Therefore, the user inserts a new project for clustering in the meta-database of the prototype specifying the table or view with the source data (id_table_clustering) and the attributes, which DAPHNE will use for the clustering (col_clu1, col_clu2,…, col_clum). Theses attributes have to define in the dmFMB as Type 1, 2, 3 or 4 specifying their characteristics. The user does not need to specify anything on the domains of the previously used attributes. It is important to note that they are not restriction: on the type of attributes to use for the clustering process (text, scalar, binary, numerical, etc) and the on possible uncertainty of the value of this attributes (unknown, undefined, null and certain degree of belong). Besides the user specify the weight of each attributes in the clustering process (w_clu1, w_clu2,…, w_clummsuch that w_clur ෛ [0,1] with r=1..m and verifying ¦ w _ clur 1 ) r 1

Subsequently the main processes of DAPHNE are explained, as well as its underlying theoretical base: 1. Computing Ultrametric Distance Matrix (see Figure 2): This process attempts to obtain the population's ultrametric distance matrix. Since the results by Dunn, Zadeh y Bezdek (Delgado 1996) it has been well known that there is equivalence between hierarchical clustering, max-min transitive fuzzy relation, and ultrametric distances. Therefore, in the ultrametric matrix all the possible clustering that can be carried out on the population specified. The “dendogram" or “tree diagram" may be viewed as a diagrammatic representation of the results of a hierarchical clustering process which is carried out in terms of the distance matrix. This process contains the following treatments:

117

Using dmFSQL for Financial Clustering

Figure 2: Computing a ultrametric distance matrix (dendograme) for six elements.

- Computing population's normalized (in [0,1]) distance matrix (by example, the matrix D in Figure 2). For each pair of the population's individuals (i, j) the distance that separates both (dij) is obtained using dmFSQL as following: SELECT A1.ROW_ID AS i, A2.ROW_ID AS j, 1-(CDEG(A1.col_clu1)* wclu1 +…+ CDEG(A1. col_clum)* w_clum) AS dij, FROM id_table_clustering A1, id_table_clustering A2 WHERE A1.ROW_ID < A2.ROW_ID AND (A1.col_clu1 fuzzy_ecomp1 A2.col_clu1 THOLD 0 | A1.col_clu1 fuzzy_ecomp1 A2.col_clu1 THOLD 0 AND A2.col_clu1 fuzzy_ecomp1 A1.col_clu1 THOLD 0 | A1.col_clu1 fuzzy_ecomp1 A2.col_clu1 THOLD 0 OR A2.col_clu1 fuzzy_ecomp1 A1.col_clu1 THOLD 0) AND … AND (A1.col_clum fuzzy_ecompm A2.col_clum THOLD 0 | A1.col_clum fuzzy_ecompm A2.col_clum THOLD 0 AND A2.col_clum fuzzy_ecompm A1.col_clum THOLD 0 | A1.col_clum fuzzy_ecompm A2.col_clum THOLD 0 OR A2.col_clum fuzzy_ecompm A1.col_clum THOLD 0);

where fuzzy_ecompr is the fuzzy equal comparator (FEQ or NFEQ) chosen for the user for the fuzzy attribute col_clur. For each attribute col_clur the WHERE clausule has three optional forms (specified by | symbol): a) If fuzzy_ecompr is symmetric: A1.col_clur fuzzy_ecompr A2.col_clur THOLD 0

b) Using a T-norm if fuzzy_ecompr is not symmetric: A1.col_clum fuzzy_ecompr A2.col_clur THOLD 0 AND A2.col_clum fuzzy_ecompr A1.col_clur THOLD 0

c) Using a T-conorm if fuzzy_ecompr is not symmetric: A1.col_clum fuzzy_ecompr A2.col_clur THOLD 0 OR A2.col_clum fuzzy_ecompr A1.col_clur THOLD 0

- Computing population's ultrametric distance matrix (by example, the matrix D’ in Figure 2). In the distance matrix, each of the three elements verifies the triangle inequality. The matrix is transformed so that each of the three elements of the ultrametric inequality is also verified. An algorithm based on the method of Benzécri (Benzécri, 1976) is used. For this purpose, we use a parallel algorithm using MPI (Quinn 2003). 2. Computing possible ˞ -cuts: Since the ultrametric matrix is finite, it contains only a finite set of different values. Thus, for the hierarchical clustering or ultrametric matrix we can always determine unequivocally the set of all possible different ˞ cuts, that is, the set of all different equivalence relations associated with the matrix. In other words, every ˞ -cut implies a different partition or the population's clustering. By example, in the Figure 2 the possible ˞ -cuts are 0.1, 0.15, 0.2, 0.5 and 0.6. 3. Clustering: This process assigns each individual in the population to a certain cluster. In order to do so it is necessary to obtain a certain partition from the ultrametric matrix. Therefore, the problem consists of choosing an ˞ -cut among the possible ˞ -cuts already obtained, according to the hypothesis that no previous information about the

Ramón Alberto Carrasco et al.

118

structure of the data is available. The partition can be obtained in different ways according to the user's choice: - Absolute good partition. We obtain the partition determined by the ˞ -cut 0.5 (Vila 1979). By example, in the Figure 2 the ˞ -cut 0.5 determines the classes {5, 6, 3} and {4, 2, 1}. - A good partition. We use an unsupervised learning procedure based on fuzzy-set tools. This procedure determines a good partition as the minimum value of a measure denned on the set of all possible ˞ -cuts (Delgado 1996). - Partition that determines a certain number of groups. By means of a binary search algorithm on all possible ˞ -cuts, we obtain the ˞ -cut which implies a number of groups which are closest to the user's request.

4 EXPERIMENTAL RESULTS This system has been applied to some problems of the segmentation of bank customers in real life situations. Here we show a particular case of segmentation. The relevant attributes identified by the banking expert have been: - Payroll (payroll): is a binary attribute that indicates if the client receives payroll through the financial company (value 1) or not (value 0). We decide define this attribute as Type 4 specifying a FEQ comparator in the dmFMB based in the Sokal and Michener distance. - Average account balance of the client in last 12 moths (balance): it is obtained through an analytic study in the company data warehouse system. This is a crisp attribute but we decide define this as Type 1 in the dmFMB using the fuzzy constants value #n = 500 (approximately n, see Table 2). - Geographic area of clients (area): there are three areas in the study: Madrid, Barcelona (Spanish cities) and rest of World. Obviously, this is a scalar attribute (Type 3), therefore we define a similarity relationship for the FEQ comparator in the dmFMB (see Table 3). Table 3: Similarity relationship defined for area area Madrid Barcelona

Rest of World

Madrid

Barcelona

1

0.6

Rest of World 0

1

0

1

Now we must specify the weight of each attributes in the clustering process in order to better focus the customers clustering according to the user

criteria. The weights chosen are 0.4 for area and payroll and 0.2 for balance. Finally, by means of a sample of a few tuples the system here proposed has obtained six clusters as the optimum number in the population (see Table 4). Table 4: Results of clustering: six clusters id_ client 93036

Rest of World

pay roll 0

-959

id_ cluster 1

60932

Rest of World

0

1

1

65940

Rest of World

0

35

1

07788

Madrid

0

10

4

87992

Madrid

0

241

4

67476

Madrid

1

1

2

44596

Madrid

1

16

2

14160

Madrid

1

141

2

11281

Madrid

1

353

2

65532

Madrid

1

631

2 2

area

balance

74188

Madrid

1

965

18096

Barcelona

0

-36

5

45700

Barcelona

0

0

5

21184

Barcelona

0

5

5

10427

Barcelona

0

9

5

49867

Barcelona

1

0

6

01384

Barcelona

1

7

6

50392

Barcelona

1

1580

3

55689

Barcelona

1

1831

3

87752

Barcelona

1

1989

3

23952

Barcelona

1

2011

3

5 CONCLUSIONS dmFSQL Server has been extended to handling of different types of data (Carrasco 2002) and used as a useful tool for certain Data Mining process (Carrasco 1999, Carrasco 2001, Carrasco 2002) and other applications (Galindo 1999). Now we have applied dmFSQL for the clustering problem. Besides the specific requirements of the clustering problem, the prototype has been designed considering the above-mentioned desirable functionalities of Data Mining systems: - Handling of Different Types of Data: The possibility of combination any type of data for the clustering process is considered novel in the implementations of systems of this type. - Mining Information from Different Sources of Data: DAPHNE is very flexible when managing data of different DBMS.

Using dmFSQL for Financial Clustering

- Efficiency and Interactive Mining Knowledge: The prototype has been designed to be interactive with the user and to give the answer in real time in order to obtain the wanted population's partition. - Accuracy: The use of the classic method of Benzécri to obtain the hierarchy of parts has guaranteed the goodness of such a partition. In addition, the procedure to obtain a good partition based on fuzzy sets has given excellent results during the tests. - Friendly Interface: The interface of DAPHNE is graphic and completely user guided. Like-wise, the prototype includes a meta-database, in such a way that the management of a clustering project can become quick and easy for the user. Regarding future works: we will show a theoretical study of the properties of the new similarity functions incorporated in this work (combining fuzzy set theory, classical distance functions, etc.) and how imply the clustering process; - we will specify an extension of dmFSQL language that includes clustering clausules; - we will integrate DAPHNE functionalities into dmFSQL Server. -

REFERENCES J.P. Benzécri et coll, 1976. L'analyse des données; Tomo I: La Taxinomie; Tomo II: L'analyse des correspondences. Paris, Dunod. R.A. Carrasco, J. Galindo, M.A. Vila, J.M. Medina, 1999. Clustering and Fuzzy Classification in a Financial Data Mining Environment. 3rd International ICSC Symposium on Soft Computing, SOCO'99, pp. 713720, Genova (Italy), June 1999. R.A. Carrasco, J. Galindo, A. Vila, 2001. Using Artificial Neural Network to Define Fuzzy Comparators in FSQL with the Criterion of some Decision-Maker. In Bio-inspired applications of connectionism.-2001, eds. J. Mira and A. Prieto, Lecture Notes in Computer Science (LNCS) 2085, pp. 587-594. Ed. SpringerVerlag, 2001, ISBN: 3-540-42237-4. R.A. Carrasco, M.A. Vila, J. Galindo, 2002. FSQL: a Flexible Query Language for Data Mining. In Enterprise Information Systems IV, eds. M. Piattini, J.

119 Filipe and J. Braz, pp. 68-74. Ed. Kluwer Academic Publishers, 2002, ISBN: 1-4020-1086-9. M. Chen, J. Han, P.S. Yu, 1996. Data Mining: An overview from a Data Base Perspective. IEEE Transac. On Knowledge and Data Engineering, Vol 86 pp. 866-883. M. Delgado, A.F. Gómez-Skarmeta, A. Vila, 1996. On the Use of Hierarchical Clustering. In Fuzzy Modelling. International Journal of Approximate Reasoning, 14, pp. 237-257. W.J. Frawley, G. Piatetsky-Shapiro, C.J. Matheus, 1991. Knowledge Discovery in Databases: An Overview. In G. Piatetsky-Shapiro, W.J. Frawley eds. Knowledge Discovery in Databases pp. 1-31, The AAAI Press. J. Galindo, J.M. Medina, O. Pons, J.C. Cubero, 1998. A Server for Fuzzy SQL Queries. In Flexible Query Answering Systems, eds. T. Andreasen, H. Christiansen and H.L. Larsen, Lecture Notes in Artificial Intelligence (LNAI) 1495, pp. 164-174. Ed. Springer. J. Galindo, J.M. Medina, A. Vila, O. Pons, 1998. Fuzzy Comparators for Flexible Queries to Databases. Iberoamerican Conference on Artificial Intelligence, IBERAMIA'98, pp. 29-41, Lisbon (Portugal), October 1998. J. Galindo, J.M. Medina, J.C. Cubero, O. Pons, 1999. Management of an Estate Agency Allowing Fuzzy Data and Flexible Queries. EUSFLAT-ESTYLF Joint Conference, pp. 485-488, Palma de Mallorca (Spain), September 1999. M.J. Martín-Bautista, M.A. Vila, 1998. Applying Genetic Algorithms to the Feature Selection Problem in Information Retrieval. In Flexible Query Answering Systems, eds. T. Andreasen, H. Christiansen and H.L. Larsen, Lecture Notes in Artificial Intelligence (LNAI) 1495, pp. 272-281. Ed. Springer. M.J. Quinn, 2003. Parallel Programming in C with MPI and OpenMP. McGraw-Hill. F.E. Petry, 1996. Fuzzy Databases: Principles and Application (with chapter contribution by Patrick Bosc). International Series in Intelligent Technologies. Ed. H.-J. Zimmermann. Kluwer Academic Publishers (KAP). M.A. Vila, 1979. Nota sobre el cálculo de particiones óptimas obtenidas a partir de una clasificación con jerárquica. Actas de la XI Reunión Nacional de I.O., Sevilla, España.

KNOWLEDGE MANAGEMENT IN NON-GOVERNMENTAL ORGANISATIONS A Partnership for the Future

José Braga de Vasconcelos, Paulo Castro Seixas and Paulo Gens Lemos University Fernando Pessoa, Porto, Portugal Email: [email protected],[email protected], [email protected]

Chris Kimble Department of Computer Science, University of York, York, UK Email: [email protected]

Keywords:

Knowledge Management, Communities of Practice, Non-Governmental Organisations, Civil Society Organisations, Information Society, Humanitarian Aid, Social Development.

Abstract:

This paper explores Knowledge Management (KM) practices for use with portal technologies in NonGovernmental Organizations (NGOs). The aim is to help NGOs become true Civil Society Organizations (CSOs). In order to deal with more donors (at the top) and more beneficiaries (at the bottom), NGOs working in Humanitarian Aid and Social Development increasingly need systems to manage the creation, accessing and deployment information: within the NGOs themselves, between different NGOs that work together and, ultimately, between NGOs and Society as a whole. Put simply, NGOs are organizations that need an effective KM solution to tackle the problems that arise from both their local-global nature and from the difficulties of effective communication between and within NGOs and Civil Society. To address these problems, the underlying objectives, entities, activities, workflow and processes of the NGO will be considered from a KM framework. This paper presents the needs of a responsible, cooperative and participative NGO from a KM perspective, in order to promote the growth of Communities of Practice in local as well as in global network.

democratic change”, or as agencies for carrying out “political agendas of foreign interests” (Tvedt, 2002: 363). This technical/ideological paradox reveals the problem of the participative-democratic versus specialized-directive approach to development. Nevertheless, more and more one cannot ignore the important role of the development NGOs in shaping national and global civil societies. The purpose of the applied research we present here is to pursue for a stronger network between NGOs and Civil Society in order to turn them into Civil Society Organizations (CSOs) in which a global network of citizens and institutions can interact and intervene in a local and global – a so-called glocal – way. Supported by a University-NGOs network and built on existing NGOs workflows, this applied research aims to promote the application of KM practices across individuals, groups, institutions and

1 INTRODUCTION Knowledge in an organization is the collection of expertise, experience and information that individuals and workgroups use during the execution of their tasks. It is produced and stored by individual minds, or implicitly encoded and documented in organizational processes, services and systems. Non-Governmental Organizations (NGOs) dealing with Humanitarian Aid and Social Development face a paradox concerning the production of knowledge: interventions require particular, even specialized expertise, and, at the same time, must be a participative undertaking in which each and every individual, group and organization must be involved, regardless of its own particular skills. This technical paradox could be seen as an ideological one, where NGOs are viewed either “as voices of global civil society and 121

C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 121–130. © 2006 Springer.

122

communities in order to bridge citizens and development through a proper web tool KM for development turning NGOs into CSOs. For this purpose, a web prototype system (section 4) is being developed in order to enhance knowledge sharing and reusing mechanisms for a selected set of NGOs, and their related networks, based in Portugal and Brazil. The following section presents the main mission and objectives of a NGO, the third section introduces the KM research area and our KM approach in NGOs and the fourth section analyses KM shortfalls and related problems within and between NGOs. Finally, the fifth section presents a web-based KM prototype for the management of NGOs activities, concluding this paper with some final remarks and future directions for this research field.

2 HUMANITARIAN AID AND NON-GOVERNMENTAL ORGANISATIONS In the history of humanitarian aid and social development, “aid to others” and “bilateral aid” were the predecessors of present partnerships or affiliations and even of development cooperation. At the beginning of 21st century, we must try to reflect on what humanitarian and emergency aid as well as social development means based on the rejection of all and any naïveté regarding goodwill, altruism and solidarity of western white man. We must also reject the manipulation that hinders aid to the "Other" and aid among one’s own from becoming an extreme anthropological element, in other words, from becoming a part of the foundations of human sociability (Seixas, 2003). It has become necessary to assume a global culture based on assumption of the right of all to have rights, so that the aid for others may be replaced by a binding contract of multilateral cooperation based on the certainty that the defence of the rights of any person in any part of the world is the defence of the rights of all human beings (Seixas, 2003). Bearing this in mind Knowledge Management (KM) through information society could represent a partnership for the future in order to promote a glocal counter-hegemonic continuous intervention. Although local, regional and world (as well as the several thematic) Forums have created a strong reflexive and intervention tool either in counterhegemonic “cosmopolitism”, either towards a “common heritage for humanity” (Santos, 2000) this revolution should make his way within and between organizations in a local-global continuum.

José Braga de Vasconcelos et al.

Aid and development workers of NGOs build up a invaluable stock of local knowledge as are in permanent contact with local needs and aims, assessing them and building on them in their day-today interventions. However, this priceless knowledge is often sidetracked and misplaced in the complexity of the communication hierarchy, forgotten over the length of field missions, dispersed due to the high level of turn-over associated with many NGOs or, as Winograd and Flores (1986) put it, simply ‘lost in the unfathomable depths of obviousness’. The recent incentive, even obligation, for local partnerships in development cooperation and for consortiums of NGOs is, obviously, a way of enhancing and promoting either a local knowledge network or an international knowledge network to improve development practices. However, local partnerships are often just a presence and international consortiums are simply ways of getting more money without creating this desired exchange of knowledge. Thus, development urgently needs a civic infrastructure (from village to global scale) in which “glocal” knowledge exchange promotes a continuous sustained appropriation and use of knowledge in a more democratic way. The proposal that we present here sustains that KM and NGOs through the Information Society and could constitute a very relevant civic tool that would give back development to citizens, grass roots organizations and local communities without losing the training and specialization which are required in professionalized development work. Information Society should be extensible in a planetary way enhancing shared knowledge and practices concerning concrete local development projects in which local and international NGOs, as well as other organizations, are involved. This local web turns global as the information flows through organizational hierarchies, bridging up the problems as they are accessed not only by development workers but also, in a more relevant way, by local citizens and grass roots organizations. KM through the Information Society in partnership with NGOs may therefore enhance a web for development and turning therefore, NGOs into CSOs.

3 THE KNOWLEDGE MANAGEMENT APPROACH: From NGO to CSOs The KM approach views knowledge as the key asset of an organization and systematically develops activities to manage it efficiently. The main objectives of Knowledge Management are to

Knowledge Management in Non-governmental Organisations

promote knowledge growth, knowledge communication and knowledge preservation (Steels 1993). KM is a topic of great interest in the management and organizational sciences and it is argued that KM should be appropriately supported by enterprise information infrastructures (Wiig 1993, Davenport & Prusak 2000).

3.1 Knowledge Management Systems In many organisations, the knowledge used to solve problems, to direct actions and to make decisions, together with any lessons learnt, are lost in the 'noise' of a turbulent business environment (Vasconcelos et al., 2003). In addition, knowledge may be geographically distributed and stored in a variety of different representations, e.g. tacit knowledge in people minds and structured information in databases. To be successful a KM initiative must address both the 'hard' knowledge in databases and the 'soft' knowledge in people's minds (Hildreth and Kimble, 2000). A Knowledge Management System (KMS) addresses these problems by providing a mechanism to capture, retain and distribute knowledge assets within and between organizational agents (e.g., employees and information systems). KMS generally deal with several phases of the KM life cycle (Abecker et al 1998): identification, acquisition, development, dissemination, use and preservation of knowledge. This KM life cycle will be applied in this research work regarding with the NGO’s mission and objectives. Individuals and workgroups are the prime location where the knowledge assets of an organization are located. KMS can easily deal with, for example, explicit (encoded) representations of organizational structures, and process descriptions, however this research work offers a KM approach to tackle specific problems concerning the activities of NGOs. This will involve the integration of another approach to KM: Communities of Practice (CoPs)

3.2 Communities of Practice Communities of Practice are often described as an approach to KM that creates the proper environment for groups to come together to exchange existing knowledge and create new knowledge. These groups have similar goals and a shared understanding of their activities (Brown and Gray 1998, Greer et al. 2001); this often leads to CoPs becoming the basis for so-called "Knowledge Networks" (Hildreth and Kimble, 2004).

123

The term Community of Practice (CoP) was coined in 1991 when Jean Lave and Etienne Wenger (Lave and Wenger, 1991). Lave and Wenger saw the acquisition of knowledge as a social process in which people participated in communal learning at different levels depending on their authority in a group, i.e. whether they were a newcomer to the group or had been an active participant for some time. The linking of CoPs to KM came in 1998, when Wenger (1998) published the results of a study of a large insurance company. According to Wenger (2002), CoPs are groups of people who share common problems and interests, and their knowledge and expertise in specific areas is shared by interacting on an ongoing basis. Over time, the main objective is the dynamic creation of a common body of knowledge, practices and approaches. These informal networks can act in several ways, such as resolving conflicting goals or disseminating best practices across communities. The development of Internet-based networking technologies, which can provide a convenient single platform for groups or networks of groups to form within larger organizations, have led to a proliferation of various forms of virtual groups and communities. Subsequently, there has been much discussion about virtual CoPs (Kimble et al, 2001). These virtual CoPs depend on a common communication platform, and an organization to support this by providing both the communications infrastructure and the means to easily find and join the CoP (Lock Lee and Neff, 2004). This concept of a CoP is applied in the web based prototype system presented in the following section.

3.3 Knowledge Management Shortfalls The underlying objective of this research is to develop mechanisms to minimize KM problems that happen across NGOs. Both academic and corporate KM literature has identified a set of KM deficits that happen at the organizational and corporate level; this literature can also be adapted and applied to NGOs. Macintosh’s (1997) work on knowledge asset management identified a set of organizational impediments to more productivity and performance in knowledge-based companies were: “Highly paid workers spend much of their time looking for needed information”. “Essential know-how is available only in the heads of few employees”. “Valuable information is buried in piles of documents and data”. “Costly errors are repeated due to disregard of previous experiences”.

José Braga de Vasconcelos et al.

124

“Delays and suboptimal product quality result from insufficient flow of information”. Based in these statements, Dieng et al. (1998) elicited possible motivations to build a KMS based on Organizational Memories. x To avoid the loss of corporate expertise when a specialist leave the company; x To explore and reuse the experience acquired in past projects in order to avoid the repetition of previous mistakes; x To improve the information circulation and communication across the company; x To integrate the know-how from different sources in the company; x To ultimately to improve the process of individual and organizational learning. In what concerns NGOs, big business NGOs (socalled “BINGOs”) already dealt with the “KM for development” problem and created their own internal devices to respond to those problems. Nevertheless, great number of small and medium size NGOs deal with constant constraints that are presented in detail below. Our KM tool addresses, in particular, these issues.

3.4 KM Constraints in NGOs Contextual Global and National information

Some specific problems are: a)

Personalization of the information resulting in non accounted overheads moreover when fieldmissions are 6 to 10 months length;

b) Loss of non bureaucratic/operational information (social and cultural) which isn’t refereed in standard reports; c)

Loss of information in mission team turnover.

Communication between the field mission and the main office NGOs have a multi-level Knowledge Management which goes, in the field, from the Project manager to the Program manager / Country manager and in the main office, from the Project Director and Finances Director to the Direction Board. Through this several local, national and international steps, too much information is lost. Some specific problems are that there might be a)

A strict hierarchical top to bottom decisionmaking, which works against a more participative approach to decision making built through local knowledge;

b) The autonomy of field missions, which could lead, sometimes, to an information crisis in the management of the project or even an crisis in the NGO it self;

NGOs, either international or national, frequently become involved in missions without a deep background knowledge of the global/national/local problem and without skilled personal or proper accessible methodologies.

c)

Some specific problems are absence of just in time access to:

Communication between NGOs

a)

Specific information concerning the countries where NGOs will (or already have) a mission;

b) Skilled specialized personal in a particular country or linguistic grouping; c)

Manuals, checklists and other sources of managing knowledge needed to enhance the efficacy of project elaboration, formulation and implementation.

Field-mission information NGOs projects and missions are often “go and run away” missions, that depend too much on the personalities that are send to the field, with scarce time too much focused on bureaucratic/operational work and with difficult beginnings and final periods to each of the mission field-workers. Great lost of knowledge and capital is the usual balance.

An absence of a communication platform accessible by levels of responsibilities for a just in time proper information flow and information register.

To often several NGOs, work in the same country, or even in the same region, without knowing about each other organizational purposes, projects and activities. Some specific problems are an absence of access to: a)

A map of previous NGO interventions, if possible through purpose and projects;

b) Simple and direct access to communication forums or to create one which could invite and congregate NGOs professionals through purpose, project or activities a Community of Practice in the and in each field; c)

Best practices databases of projects selected by NGOs Direction Boards in order to have an identification card of each NGO as well as to publicise a problem-solving database for development.

125

Knowledge Management in Non-governmental Organisations

Communication between NGOs and the beneficiaries NGOs relations with beneficiaries of the projects are not so easy and well done as they should be and frequently a project is elaborated and formulated without sufficient participative enrolment by the community of beneficiaries. In addition, in the implementation phase, authorities are often more aware of the project purposes and activities than the ones the project will direct supposedly benefit. Interface between NGOs and beneficiaries should be done probably moreover in a face-to-face basis, nevertheless, Knowledge Management through web interface tools could be an asset because besides and beyond information concerning the project, beneficiaries should have a continuous possibility of taking positions in relation to it. Some specific problems: a)

Inadequate, un-participative analysis of the needs felt by a particular population in which a NGO pinpoint an intervention;

b) Inadequate, un-participative representation of the beneficiary community in the formulation and implementation of the project c)

Required of a development concept as a citizen tool (an interactive day-to-day activity) through which everyone could have a word and participate in action.

Communication between NGOs and the donors Although institutional donors usually have their own ways of controlling the uses of applied funds and the impacts of the projects, the non-organized social responsibility response of civil society through NGOs is much less informed in what concerns either the concrete development projects supported, or their real impact in the field. NGOs are usually much more concerned with reports to institutions like World Bank or EU Offices than with Civil Society donors. Some specific problems: a)

Absence of a communication toll through which donors have direct link with the project in the field and with its impacts;

b) High levels of turn over in NGOs, personalization of the information in the field, as well as problems with storage of information often lead to difficulties either in internal supervision, either in external auditing by sponsors and donors; c)

Information coming from the field mission concerning the project is, to many times, sent

only the country, mission or project manager without any kind of feed-back by the population who were impacted by the project. Communication between NGOs and Civil Society Each individual and each organization should, must and could be an active development actor and agent if only could have the proper knowledge capital (understood as social, symbolic and, therefore, economic capital) to make a difference. This utopia could be built through a good communication network between Development NGOs and Civil Society in order to turn themselves into CSOs, Civil Society Organizations. Therefore, we believe, KM through information society could be the tool to turn NGOs into CSOs, being this purpose the engine of the present project. Some specific problems: a) Absence of a KMS to enrol individuals and organizations in order to a participative effort toward development, both in a local and in a global sense. Such a systems should deploy of information concerning 1) basic continuously renewed geo-strategic and anthropological situation of countries in risk; 2) basic training towards citizen and organizational intervention; 3) intervention protocols and counselling; 4) cultural online counselling and 5) psychological support. b) Absence of a development best practices database that could be used as an intervention guide not only to NGO experts but also to any citizen enrolled in a local development process or with global development concerns. This guide could enhance not only the analysis, discussion and choosing of alternative development paths but also could be a way of a more adequate impact analysis of development projects by comparing the achieved goals in similar projects. c) Absence of a Community of Practice of Knowledge Network that could cut across NGOs competence and competition but also that could bridge NGOs, donors and beneficiaries in a more coherent and focused way.

4 GLOCAL COLLABORATION TOOL A practical result of this research work is a webbased KM tool (or KM portal) that is currently under development. This web tool is being developed to act as a KM portal for individuals, organizations and more specifically, for NGOs. This Glocal Collaboration Tool aims to promote the

José Braga de Vasconcelos et al.

126

democratization across different and heterogeneous communities. Bearing in mind the several NGO constraints presented and the difference between “soft knowledge” or “tacit knowledge” and “hard knowledge” or “explicit knowledge” (Hildreth and Kimble, 2001), the first one more centred in the knower and interactivity through “conversation”; the second one more centred in the storage of knowledge. Table 1 presents the portal functionalities as problem-solving devices to the constraints referred in the previous point. “Conversations” in CoPs are the most important device because of the multiple contexts (personal, social and cultural) that its interactivity includes. The goal of the research and development of our tool is to create a KM system based on “conversation analysis” which could help different users and preserve the context in which the knowledge is created. CoPs can be seen as a glocal simulacrum of such places as corridors or water coolers where

knowledge is exchanged in informal conversations. In many organisations, these conversations have been replaced by mobile phone calls in which the decisions of formal meetings are planned for and prepared. The goal is to try to capture some information about both these calls and their context.

4.1 Application Functionalities and Knowledge Resources The web Portal application (figure 1) has a specific registration area (for individuals and organizations) in order to access to other areas, both general and with specific interactive tools, such as a bestpractices database (DB), collaborative tools (forums) and knowledge (and glocal) libraries. Other functionalities include personalisation mechanisms based on the registration profile of each individual/organization, and keyword-based and advanced search mechanisms.

Table 1: Problem-solution analysis NGO constrains

Portal functionalities: Tacit knowledge 1. Intranet CoPs by project and thematic 2. Extranet CoPs by project and thematic 1. Intranet CoPs by project and thematic 2. Extranet CoPs by project and thematic 1. Intranet CoPs by project and thematic 2. Extranet CoPs by project and thematic 1. Extranet CoPs by project and thematic

Portal functionalities: Explicit knowledge 1. Lay-out plan with NGOs missions 2.Library 3. Best Practices 1.Library

Communication between NGOs and the donors

1. Extranet CoPs by project and thematic

NGOs

Communication Society

1. Extranet CoPs by project and thematic

Contextual global and national information

Field mission information

Communication between field mission and main office

Communication beneficiaries

between

between

NGOs

NGOs

and

and

the

Civil

1. Lay-out plan with missions, 2. Library 3. Projects showcase 1. Lay-out plan with missions, 2. Library 3. Projects showcase 4. Best Practices 1. Lay-out plan with missions, 2. Library 3. Projects showcase 4. Best Practices 1. Lay-out plan with missions, 2. Library 3. Projects showcase 4. Best Practices

NGOs

NGOs

NGOs

127

Knowledge Management in Non-governmental Organisations

Figure 1: Web Collaboration Tool.

4.2 Best-Practices Database Based on the following attributes (table 1) and related registration area (figure 3), we are defining a best-practices database in order to reuse this information for future Civil Society Organizations (such as a NGO) projects. The idea is the definition of a common, shared web space where CSOs, individuals and citizens representing different communities could upload their experiences, and related project’s best practices in a structured manner. The best practice DB includes specific classification techniques based on the proposed taxonomy (figure 2) for development areas. Using the proposed collaboration tool, this taxonomy will have dynamic expansion based on the experiences of each CSO, and the inputs (and related uploads), which they include in the web platform. Trough this expansion and depending on particular requests (local knowledge), beyond the Internet platform, we will build specific Intranets to provide

Best Practices by thematic area ƒ Conflict management and negotiation ƒ Healthcare - Emergency - Rehabilitation and development - Public health and sanitation - Nutrition ƒ Economics - Emergency - Rehabilitation and development ƒ Social and Cultural - Emergency - Rehabilitation and development

Results ƒ General guides to run effectively CSOs - Protocols, Manuals, Standards - FAQs, Project rules, Proposals Classification mechanisms

ƒ Best practices by world regions - Continents - Countries - National regions ƒ Best practices by CSO

Figure 2: Best practices taxonomy.

context-based data access for a better decision making in each CSO and related responsibility level. These attributes are used to create a database set of CSOs including their project experiences and best practices. To create the initial profile, an individual or organization will register (figure 3) to create a personal (or organization) account that makes available the remaining functionalities.

José Braga de Vasconcelos et al.

128

Table 2: Data attributes for the best practices registration

Attribute

Meaning

Internal code (year/project)

Application use for future data manipulation

Project title

Short project designation

Start date

Project start date

Closing date

Estimated closing date

Activity area

Short description of the underlying activities

Applicant(s)

The registered NGO, individual or organization

Project cost

An estimation of the project cost (if applicable)

Objectives

Overall objective and specific objectives

Principal local partners

The main project stakeholders

Target groups

Target communities, citizens, individuals

Expected results

Quantitative results; Qualitative results

Activities

Project timeline (different project stages) the credentials of a client, such as a Web browser, to connect to a database server, and to perform the web requested operations.

Figure 3: Collaboration tool: registration area.

4.3 Application Architecture This prototype is based on a multi-tier architecture that allows a web-enabled personal computer (client) to interact with an application server connected to the Internet (figure 4). This web infrastructure is crucial considering the purpose of this solution which means that clients are supposed to be any computers connected to the Internet anywhere near the area of intervention of the ONG. A multi-tier architecture environment provides data for clients and serves as an interface between clients and database servers (figure 5). This architecture enables the use of an application server to validate

Figure 4: Web-enabled architecture.

Application Server The application server provides access to the data for the client. It serves as an interface between the client and one or more database servers, which provides an additional level of security. The application server assumes the identity of the client when it is performing operations on the database server for that client. The Application Server for the proposed Web-KM system is based on the Microsoft (MS) .NET Framework with ASP.NET. The .NET Framework is used for building and running all

Knowledge Management in Non-governmental Organisations

kinds of software, including Web-based applications. This software platform uses components that facilitate integration by sharing data and functionality over a network through standard, platform-independent protocols. ASP.NET presents a fully object-oriented architecture that promotes the development of well structured and easy to maintain.

Database engine Application server Web server - Business rules - User interface

Client CSO/Individual Web browser

Figure 5: Multi-tier architecture and services.

129

This database server is commonly used by governments and businesses for small to medium sized databases. Client In a social viewpoint, the client could be an Individual or a CSO. In a technological viewpoint, a client initiates a request for an operation to be performed on the database server. The client can be a Web browser or other end-user process. In a multi-tier architecture, the client connects to the database server through one or more application servers. The client tier consists of a typical webenabled personal computer browser. Applications are accessible by users running a browser on any operating system. The Glocal Collaboration Tool is being developed to be used as a KM web-based application that could run anywhere in order to make it available to any CSO/Individual with a basic fixed or mobile Internet access. Therefore, this research project and the proposed KM tool also intend to promote the democratization of the Information Society. This could be achieved by providing and disseminating context-based CSOs information resources and collaborative services across different world regions and communities.

Web Server Our system uses the MS Internet Information Server (IIS) as the Web Server for the Glocal Collaboration Tool. This Internet Information Service provides integrated, reliable, scalable, secure and manageable Web server capabilities over an intranet, the Internet or an extranet. IIS is a tool for creating a strong communications platform of dynamic network applications. Organizations of all sizes use IIS to host and manage Web pages on the Internet or on their intranets. Database Server A database server (engine) provides the data requested by an application server on behalf of a client. The database server does all of the remaining query processing. The database server can audit operations performed by the application server on behalf of individual clients as well as operations performed by the application server on its own behalf. For example, a client operation can be a request for information to be displayed on the client, whereas an application server operation can be a request for a connection to the database server. Our system uses the Microsoft SQL Server 2000 for the necessary database management system services.

5 CONCLUSIONS AND FUTURE WORK At medium-term, the practical result of the proposed KM portal should enhance knowledge sharing and reuse tasks between and within CSOs and individuals. The idea is to apply and promote collaborative tasks, knowledge (glocal) libraries and the dissemination of CSOs best practices across different communities. Personalisation is a crucial factor to improve KM practices. In this context, this research work and the related Glocal Collaboration Tool needs to investigate more personalisation mechanisms to incorporate into the KM tool. These mechanisms should provide and distribute contextual information based on the specific profile (roles and responsibilities) of each registered organization. The collection and classification of heterogeneous information resources into wellstructured CSO web pages (acting as individual CSO Intranets) is also a key success factor for an effective maintenance of this KM system. In order to enhance all these developments, the Glocal Collaboration Tool has to be tested in real organizational and communities’ environments. Access expectancy towards resources of this kind of

130

tool will be our first challenge. Nevertheless, we believe strong partnerships with boards of NGOs must be build in order to have a commitment of change in the NGO internal information and communication structure. Relations between organizational intranets and extranets will also take some time and be the source of some problems. The effectiveness of Communities of Practices, from a local project level to a global development area strategy level, however is the deepest challenge, as this calls for an organizational transformation of NGOs into more Glocal CSOs. Pilot project, focused in the beginning on the lusophone world, will entail Portuguese and Brazilian NGOs and within a year we are hopping to have several NGOs involved turning this Collaboration Tool in a nonstop glocal project in the construction of a new Glocal Civil Society.

REFERENCES Abecker, A., Bernardi, A., Hinkelmann, K., Kuhn, O. and Sintek, M., 1998. Towards a Technology for Organizational Memories, IEEE Intelligent Systems, Vol. 13, No. 3, May/June, pp. 30-34. Brown S. and Gray S., 1998. The People are the Company Fast Company [Online] Available: http://www.fastcompany.com/online/01/people.html Davenport, T. and Prusak, L., 2000. Working Knowledge, Harvard Business School Press. Greer K., Bell D., Wang H., Bi,Y. and Guo G., 2001. An Application of Knowledge Management using Intelligent Agents, the Intelligent CONtent Management. Hildreth, P. and Kimble, C., 2002. The duality of knowledge [Online] Information Research, 8(1), paper no. 142. Available at http://InformationR.net/ir/81/paper142.html [November 19, 2004]. Hildreth, P. and Kimble, C. 2004., Knowledge Networks: Innovation through Communities of Practice, Idea Group Publishing. Hershey (USA)/London (UK). Kimble, C. Hildreth, P and Wright. P., 2001. "Communities of Practice: Going Virtual", Chapter 13 in Knowledge Management and Business Model Innovation, Idea Group Publishing. Hershey (USA)/London (UK), 2001. pp 220-234.

José Braga de Vasconcelos et al. Lave J. and Wenger E., 1991. Situated learning. Legitimate Peripheral Participation. Cambridge: Cambridge University Press. Lock Lee, L and Neff, M. 2004. How Information Technologies Can Help Build and Sustain an Organization's Communities of Practice: Spanning The Socio-Technical Divide?" Chapter 15 in Hildreth, P. and Kimble, C. (2004) "Knowledge Networks: Innovation through Communities of Practice", Idea Group Publishing, Hershey (USA)/London (UK), pp 165 – 183. Macintosh, A., 1997. Knowledge asset management, AIring (20). Pearce, J., 2000. Development, NGOs, and Civil Society, Oxford, Oxfam GB. Santos, B., 2000. Globalização. Fatalidade ou Utopia?, Porto. Afrontamento. Seixas, P. 2003. Emergency and Humanitarian Aid. Revista ForumDC http://www.forumdc.net/forumdc/artigo.asp?cod_artig o=145335 Seixas, P. forthcoming 2005 Antropologia e Intervenção Humanitária e para o Desenvolvimento. A Humanidade que o Humanitário construiu: Conceptualização e Acção, Perez, Xerardo Pereiro e al Antropologia Aplicada. Vila Real, UTAD. System (ICONS), Project ID: IST2001 - II.1.2: Knowledge Management. Tvedt, T., 2002. Development NGOs: Actors in a Global Civil Society or in a New International Social System?”, Voluntas: International Journal of Voluntary and Nonprofit Organizations Vol. 13, No. 4. Vasconcelos, J, Kimble C and Rocha, Á., 2003. Organizational Memory Information Systems: An Example of a Group Memory System for the Management of Group Competencies, The Journal of Universal Computer Science, 9(12), pp. 1410 – 1427. Wenger E, McDermott R and Snyder W., 2002. Cultivating Communities of Practice: A Guide to Managing Knowledge, Harvard Business School Press, Boston, Massachusetts. Wenger E., 1998. Communities of Practice. Learning, Meaning and Identity. CUP. Winograd T. and Flores F., 1986 Understanding computers and cognition: a new foundation for design Norwood NJ: Ablex.

TOWARDS A CHANGE-BASED CHANCE DISCOVERY Zhiwen Wu and Ahmed Y. Tawfik School of Computer Science, University of Windsor,401 Sunset Ave.,Windsor,Ontario N9B 3P4, Canada Email: [email protected] , [email protected]

Keywords:

Chance discovery, knowledge base, relevance, planning, ontology.

Abstract:

This paper argues that chances (risks or opportunities) can be discovered from our daily observations and background knowledge. A person can easily identify chances in a news article. In doing so, the person combines the new information in the article with some background knowledge. Hence, we develop a deductive system to discover relative chances of particular chance seekers. This paper proposes a chance discovery system that uses a general purpose knowledge base and specialised reasoning algorithms.

argumentation-based framework for chance discovery in domains that have multi agents. Each agent has a partial view of the problem and may have insufficient knowledge to prove particular hypotheses individually. By defining locutions and rules for dialogues, new information and chances can be discovered in the course of a conversation. In this paper, we incorporate some new elements into the chance discovery process. These elements have implications to both the conception and discovery of chances and can be summarized as follows: x Chances are not necessarily unknown hypotheses. Many chances result from known events and rules. For example, applying for the right job at the right time represents a chance for an employment seeker as well as the employer. In this case, the goal is clear. However, chance discovery means that the employment seeker applies at the proper time and for the employer, it means to correctly project which applicant will be better for the job. x Inherently, chance discovery has a temporal reasoning component. New risks and opportunities are typically associated with change. An invention, a new legislation, or a change in weather patterns may result in many chances. Incorporating chance discovery in a belief update process is fundamental to this work. Chances are relative; someone’s trash may be another’s treasure. For example, finding a cure for a fatal disease represents more of a chance to an individual suffering from this condition or at risk to contact it.

1 INTRODUCTION According to Ohsawa and McBurney (2003), a chance is a piece of information about an event or a situation with significant impact on decision-making of humans, agents, and robots. A ‘chance’ is also a suitable time or occasion to do something. A chance may be either positive –an opportunity or negative – a risk. For example, predicting a looming earthquake represents a “chance discovery”. Many approaches have been applied to chance discovery. Rare events may represent chances known to co-occur with important events, while the important events can be extracted using data mining techniques. KeyGraph, the application of this technique, was applied to various data, such as earthquake sequences, web pages, documents (Ohsawa et al., 1998; Ohsawa and Yachida, 1999; Ohsawa, 2003a; Ohsawa, 2003b). Tawfik (2004) proposes that chance discovery represents a dilemma for inductive reasoning. Induction assumes that current trends will carry into the future thus favoring temporal uniformity over change. However, current observations may lead to different possible futures in a branching time model. Finding a proper knowledge representation to represent all these possible futures is important. Otherwise some chances will be missed. Bayesian and game theoretic approaches are presented as viable chance discovery techniques. Abe (2003a, 2003b) considers chances as unknown hypotheses. Therefore, a combination of abductive and analogical reasoning can be applied to generate such knowledge and chances can be discovered as an extension of hypothetical reasoning. McBurney and Parson (2003) present an 131

C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 131–138. © 2006 Springer.

132

x

To discover chances and take advantage of them, a system which can perform deductive reasoning is needed. Therefore, we consider chance discovery as a process that tries to identify possibly important consequences of change with respect to a particular person or organization at a particular time. For this to happen, a logical reasoning system that continuously updates its knowledge base, including its private model of chance seekers (CS) is necessary. A chance discovery process may act as an advisor who asks relevant “what if” question in response to a change and present significant consequences much like seasoned parents advise their children. Such advice incorporates knowledge about the chance seekers, their capabilities, and preferences along with knowledge about the world and how it changes. In a word, to discover chances, we need three things: First, a knowledgeable KB which can infer and understand commonsense knowledge and that can incorporate a model of the chance seeker. Second, we need a source for information about change in the world. Third, we need a temporal projection system that would combine information about change with the background knowledge and that would assess the magnitude of the change with respect to the knowledge seeker. Cyc knowledge base is supposed to become the world's largest and most complete general knowledge base and commonsense reasoning engine and therefore represents a good candidate as a source for background knowledge. Information about changes occurring in the world is usually documented in natural languages. For example, a newspaper can serve as a source for information about change. We need Nature Language Processing (NLP) tool to understand this newspaper. We assume that Cyc natural language module will be able to generate a working logic representation of new information in the newspaper. However, for the purpose of the present work, understanding news and converting it to Cyc representation has been done manually. This paper proposes an approach for assessing the implications of change to the chance seeker and bringing to the attention of the chance seeker significant risks or opportunities. The paper is organized as follows: Section 2 establishes the notion that chance and change are tied together. Section 3 introduces Cyc knowledge base and its technology. Section 4 presents the chance discovery system based on Cyc.

Zhiwen Wu and Ahmed Y. Tawfik

2 CHANCES IN CHANGES Chances and changes exist everywhere in our daily life. In general, changes are partially observable by a small subset of agents. Therefore, it is more likely to learn about changes happening in the world through others. For example, information about change could be deduced from conversations in chat rooms, newspapers, e-mail, news on the WWW, TV programs, new books and magazines, etc. In another word, change causing events occur daily around the world. The amount and rate of those events is very large. However, a relatively small portion of these changes represent risks or opportunities to any particular chance seeker. Initially, the system starts with a stable knowledge base KB. The knowledge base represents the set of widely held knowledge. As part of KB’s knowledge, each chance seeker maintains its own private knowledge that describes its current attributes. In addition to KB, each chance seeker also maintains its private goals and plans about how to achieve those goals. If chance seeker doesn’t maintain its goals, the system will use default goals that are widely accepted as common goals. For example, the system assumes that all people want to become more famous or richer, want their family members and relatives to be rich and healthy, etc. We assume that the chance seeker has already exploited the chances present in the current KB and that the current plans of chance seeker are the best according to current KB. However, current plans may only be able to achieve part of the goals. For example, the goal to own a house in Mars is unachieved by current knowledge. A goal of chance seeker can be represented by a set of sentences describing a future status of chance seeker’s attributes. For example, if chance seeker set up the goal to be a famous scientist, the system can judge the achievement of the goal by measuring chance seeker’s current attributes, such as education, occupation, published papers, social class, etc. The system maintains an attribute framework of chance seeker in KB. The attribute framework can be able to change if necessary. A goal can be considered as a future projection of current framework. On the other hand, a future set of attributes could satisfy many goals of chance seeker. Current plans of chance seeker project current set of attributes to the most achievable set of attributes. As new information B becomes available, an update operation is triggered. The update operation proceeds in two phases: a explanation phase and a projection phase. The explanation phase tries to revise current plans that may have been proven to be inaccurate by the occurrence of B. Similarly, the

Towards a Change-Based Chance Discovery

projection phase, revises current plans to take into account the occurrence of B. A risk is detected if the occurrence of B results in a threat to the causal support for one of the plans of the chance seeker. An opportunity is detected if B satisfies one of the followings: the occurrence of B enables another one of the goals of the chance seeker to become achievable, or better plans can come up after B. In some cases, a particular piece of new information will result in both risks and opportunities.

3 CYC KNOWLEDGE BASE FOR CHANCE DISCOVERY The Cyc knowledge base (KB) (OpenCyc.org, 2002) is a formal system that represents of a vast quantity of fundamental human knowledge: facts, rules of thumb, and heuristics for reasoning about objects and events of everyday life. The medium of representation is the formal language known as CycL. CycL is essentially an augmentation of firstorder predicate calculus (FOPC), with extensions to handle equality, default reasoning, skolemization, and some second-order features. For example: (#$forAll ?PERSON1 (#$implies (#$isa ?PERSON1 #$Person) (#$thereExists ?PERSON2 (#$and (#$isa ?PERSON2 #$Person) (#$loves ?PERSON1 ?PERSON2))),

in English, means “Everybody loves somebody.”

In Cyc, a collection means a group or class. Collections have instances. Each instance represents an individual. For examples, (#$isa #$AbrahamLincoln, #$Person). (#$isa #$BillGates, #$Person).

Abraham Lincoln and Bill Gates are individuals. Person is a collection. A collection could be an instance of another collection. For example, (#$genls #$Dog, #$Mammal),

means “Collection Dog is an instance collection of collection Mammal”.

133

In other word, Dog is a specialization of Mammal. It can be said that every individual is an instance of Thing, which is the most general collection in Cyc KB. Some individuals could be part of other individuals. For example, Microsoft is an individual. Joe works for Microsoft. Joe is part of Microsoft. Constants are the "vocabulary words" of the Cyc KB, standing for something or concept in the world that many people could know about. For example, #$isa, #$Person and #$BillGates are constants. The assertion is the fundamental unit of knowledge in the Cyc KB. Every assertion consists of: x an expression in CycL language that makes some declarative statement about the world x a truth value which indicates the assertion’s degree of truth. There are five possible truth values, including monotonically true, default true, unknown, default false and monotonically false. x A microtheory of which the assertion is part of a theory. Section 3.1 gives a detailed explanation of microtheories. x A direction which determines whether inferences involving the assertion are done at assert time or at ask time. There are three possible values for direction: forward (inferences done at assert time), backward (inferences done at ask time), and code (assertion not used in regular inference). x A justification which is the argument or set of arguments supporting the assertion's having a particular truth value. An assertion could be a rule or a Ground Atomic Formula (GAF). A rule is any CycL formula which begins with #$implies. A GAF is a CycL formula of the form, (predicate arg1 [arg2 ...argn]), where the arguments are not variables. In Cyc, time is part of the upper ontology. It is a physical quantity. A temporal object such as an event, a process, or any physical object has a temporal extent. The time model is interval-based with suport for points. TimeInterval has dates, years, and so on, as its subcategories. An event is a set of assertions that describe a dynamic situation in which the state of the world changes. An event has nonempty space and time components. It may also have performer, beneficiaries, or victims. A script in CycL is a type of complex event with temporallyordered sub-events. Applications can use script recognition – that allows them to identify a larger script from some stated events that are constituent parts of the script. Scripts can also be used for planning and for reading comprehension.

Zhiwen Wu and Ahmed Y. Tawfik

134

#$BiologyMt

#$ChemistryMt

#$OrganizationMt Figure 1: Cyc Knowledge Base as a sea of Assertions.

3.1 Microtheories A microtheory (Mt) is a bundle of assertions. The bundle of assertions may be grouped based on shared assumptions, common topic (geography, football, etc), or source (CIA world fact book 1997, USA today, etc). The assertions within a Mt must be mutually consistent. Assertions in different Mts may be inconsistent. For example, MT1: Mandela is President of South Africa MT2: Mandela is a political prisoner

Microtheories are a good way to cope with global inconsistence in the KB, providing a natural

way to represent things like different points of views, or the change of scientific theories over time. Mts are one way of indexing all the assertions in Cyc KB. There are two special Mts, one is #$BaseKB (always visible to all other Mts), the other one is #$EverythingPSC (all other Mts are visible to this Mt). #$EverythingPSC is a microtheory which has no logically consistent meaning but has a practical utility just because it is able to see the assertions in every microtheory. The Cyc KB is the repository of Cyc's knowledge. It consists of constants and assertions involving those constants. It could be regarded as a sea of assertions, see figure 1. Form ontology point of view, the Cyc KB could also be thought of as

Figure 2: Chance Discovery System.

Towards a Change-Based Chance Discovery

made up of layers ordered by degree of generality. Cyc uses two rules of inference in theorem proving, modus ponens and modus tollens. Cyc-NL is the natural language processing system associated with the Cyc KB. It could translate natural language into CycL. Cyc-NL has three main components: a lexicon, a syntactic parser and a semantic interpreter. The lexicon along with a generative morphology component generates partof-speech assignments for words in a sentence. The syntactic parser uses a grammar to generate all valid parses for the sentence. The semantic interpreter produces pure CycL equivalent for the input sentence.

4 CHANCE DISCOVERY SYSTEM Figure 2 shows the framework of chance discovery system. Nature Language Processing (NLP) modules analyze daily news and generate new knowledge which is represented in logic. The new knowledge is then integrated into public Cyc KB servers. The private Cyc KB server owned by the chance seeker will connect to public KB servers and update its knowledge. On the other hand, the chance seeker updates its private attributes in the private Cyc KB. The knowledge about chance seeker can be regarded as a virtual chance seeker living in Cyc KB. A chance seeker sets up its goals or uses default goals in the Goals & Plans Module. New knowledge triggers the CD modules that measure the relevance of the new knowledge to the chance seeker. The new knowledge is considered to be a chance candidate if the relevance score is above a certain threshold. By trying to revise current plans using the new knowledge, the magnitude of this chance candidate can be measured using a utility evaluation process. When the magnitude of the utility is above a specified threshold, a chance is detected. Finally, the system visualizes the chances to chance seeker, and revises current plans for future chance detections.

4.1 The Relevance of New Knowledge New knowledge is relevant to the chance seeker if it has an immediate impact on the seeker’s attributes or on the achievability of the chance seeker’s goals. For example, the new knowledge that shows that the chance seeker inherited a fortune is relevant as it changes the seeker’s wealth attribute. The new information can affect the achievability of goals in three ways: x making new goals achievable, x making some previously achievable goals unattainable, or

135

x

changing the cost or reward of achieving some goals. A goal is considered achievable if the system finds a plan to the goal from the current state. To impact the achievability of a plan, the new knowledge could affect the causal support for actions in the plan or the likelihood of success. Testing the relevance of new information to the chance seeker is desirable to filter out irrelevant information. Fully testing the relevance of new information with respect to its impact on the chance seeker’s attributes and plans could be computationally expensive. Therefore, we gradually apply a series of relevance tests with increasing computational cost. These tests are: x testing if the new information is subsumed by existing knowledge, x testing for temporal relevance, x testing for spatial relevance, x testing for impact on the chance seeker’s attributes, and x testing for impact on the chance seeker’s plans. To verify that the new information is actually new, and is not subsumed by knowledge already in the KB, we test if it is entailed by existing knowledge. For example, if the KB contains assertions indicating that Paul Martin is the leader of the Liberal Party, that the Liberals won the largest number of seats in the parliament and that the leader of the party that wins the most seats becomes the Prime Minister. It becomes redundant to add an assertion indicating that Paul Martin became the Prime Minister. Similarly, if KB contains a generalization of the new information, this information will be redundant. The relevance of information in a dynamic stochastic system degenerates gradually over time. The rate of degeneration of information relevance with respect to a rational decision maker depends on the probabilities of change as well as on the relative utilities (Tawfik and Khan, 2005). Cyc supports a notion of possibility akin to probability. However, it is unlikely that the probabilistic knowledge in the KB will be specified fully to construct dynamic belief networks. Therefore, we rely on the intersection of the temporal extents associated with temporal object in the KB to verify the mutual relevance of temporal objects. Similarly, most spatial effects also weaken with distance. Therefore, it is fair to filter out new knowledge whose spatial or temporal effects lie outside the scope of interest. New knowledge could be divided into rules and events (facts). We consider that the chance seeker relies on a rule if chance seeker includes some actions that are causally supported by the consequences of the rule into its plan. The impact of the rule measures the role of the rule in reaching the

Zhiwen Wu and Ahmed Y. Tawfik

136

goals. It could be regarded as the utility changes that are credited to the rule B. If S represents the state of chance seeker’s attributes, then impact is given by: impactB=V(SB)-V(S)

To assess V(SB), we consider two cases: In one case, V(SB) may already be stated clearly in the rule. For example, the time saving from taking a newly built high speed train to a certain destination will be clearly stated in the news. On the other hand, if V(SB) is unclear, we can deduce a reasonable hypothesis by combining the new rule and existing rules in background KB. This hypothesis will not go beyond the known knowledge. For example, if there is an assertion in KB stating that all the people in the same country speak the same language, then communicating with all Brazilians will be the utility of learning Portuguese for a chance seeker who wants to travel to Brazil. Note that this utility could be inaccurate since it is based on a hypothesis. In general, impactB may act as a greedy measure of progress towards the goals but does not guarantee reaching these goals. An exogenous rule may undermine actions in the other part of chance seeker. When new knowledge is an event, to determine the value of an event, we have to take other factors into account. An event could be composed by a bundle of assertions describing its features, such as actions, locations, time, physical object involved, etc. The impact of an event according a particular chance seeker is based on the following features: x Importance of the entities involved in the event. To evaluate an event, we take the importance of those objects into account. For example, ‘Microsoft’ may be considered to be a more important company than other small companies. However, a small company currently working with Microsoft may be important. x The relationship between involved objects and chance seeker needs to be taken into account. For example, a company owned by family members may mean a lot to chance seeker though it’s a small company. For example, the chance seeker may work for this small business. Generally, close relatives, friends, and acquaintances are more important that strangers. According to the above: impact Event

¦V

E

( Size(Objectsi ),relations (Objecti , CS ))

i

Where VE is a value function that takes into account the importance/size of objects, the attributes involved and the relationships between objects and the chance seeker including spatio-temporal relationships. VE tries to guess the potential change in the chance seeker’s attributes.

A negative impact indicates that the new knowledge is a potential threat. In the case of irrelevant new knowledge, the impact will be inside the range of [negative threshold, positive threshold]. The new knowledge will be integrated into KB for future reference. On the other hand, the new knowledge will be considered as a chance candidate if the impact is outside the range.

4.2 The Magnitude of Chances Here, B is the set of new knowledge that passes the relevance tests, the system will try to revise current plans (CP) of the chance seeker using B. Partial Order Planning (POP) and SATplan algorithm (Russell and Norvig, 2002) can be used to generate new plans (NPB) by taking B into account. In our system, SHOP (Nau et al. 1999) generates the plans for the chance seeker. SHOP is a domainindependent automated-planning system. It is based on ordered task decomposition, which is a type of Hierarchical Task Network (HTN) planning. By adopting NPB instead of CP, the chance seeker may be able to achieve a different set of goals, or save less time and/or money while achieving the same goals. All these features can be reflected by a utility function mapping. The magnitude of B denoted by MB is represented as the utility difference between NPB and CP. There could be a gap between the goals of NPB and the goals of CS. As describing in section 2, a set of goals can be represented by a future status of attributes important to the chance seeker. If we use a utility function (V) to map those attributes into real values and add them together, we can represent a notion of preference. The change in the utilities could be represented as: MB=VNPB -VCP

MB represents the difference between new plans and current plans. If MB in the range of [negative threshold, positive threshold], it means that NPB and CP are roughly the same. The magnitude of B is low. Whether B is a chance or not, there are the following possible cases: ƒ Short-term setback: When B has negative effect on chance seeker’s attribute and no threat to the current plans, B will be ignored. ƒ Potential risk: When B has negative effect on chance seeker, and threatens some of the current plans. However, repair plans can be found such that the new plans including the repair plans can achieve the same goal as before. This is considered a potential risk even though it is possible to repair the plans because if the

Towards a Change-Based Chance Discovery

chance seeker proceeds with the original plans the goals may not be reached. ƒ Risk: Repair plans cannot be found, NPB achieve fewer goals than before. MB is out of range. The system will consider B is a risk. ƒ Short-term prosperity: When B has positive effect on chance seeker’s attribute, and no effect on the current plans. ƒ Exploitable efficiency: NPB can achieve the same goals as CP but in significantly shorter time or costs less. B is considered as a chance. ƒ Improved reliability: NPB can achieve the same goals as before for approximately the same cost but offer an alternative for some plan elements. ƒ Inefficient alternative: Exploiting B, NPB can achieve fewer goals than before or the same goals at a higher cost without threatning CP. B is ignored. ƒ Opportunity: NPB can achieve more goals than before. MB is significant and positive and B is considered a chance. ƒ Short-term gain long-term risk: When B has positive effect on chance seeker, threatens some of the current plans and the plans cannot be repaired. ƒ Short-term loss long-term gain: B results in an immediate loss but enables longer term plans. Finally, if a chance is detected, NPB will be set as CP.

4.3 Visualizing Chances When a chance is detected, visualizing chances is important as the last step of chance discovery. Sometimes chance seeker may not understand why chances returned by chance discovery system are chances. Visualization of chances could emphasize on the explanation and help chance seeker to realize chances. A detail visualization explanation including display of the future status of attributes of chance seeker, display of chance seeker’s current plans, etc, may be necessary. Kundu et al. (2002) present a 3-D visualization technique for hierarchical task network plans. Such visualizations will be useful for the chance seeker to understand the interactions between various elements in the plan.

5 DISCUSSION & EVALUATIONS The evaluation of chance discovery (CD) systems could be based on precision, efficiency and chance management. As discussed in Section 1, many previous CD approaches regard chances as unknown hypothesises, focusing on techniques to derive

137

common chances, i.e. chances for all people. Our approach focuses on knowledge management, finding chances in known knowledge (news, WWW, etc) for a particular chance seeker by the support of a large and rich knowledge base. In the 2005 tsunami tragedy, scientists correctly detected the occurrence of the tsunami, but failed to warn the relevant people in South Asia in time to evacuate. Hence, chances are relative. KeyGraph, as introduced in Section 1, is a widely used technique in CD research. Matsumura and Ohsawa (2003) present a method to detect emerging topic (web page as chance) by applying KeyGraph on web pages. A “Human Genome project” example was presented. Its benefits include finding cures to conquer fatal illness. Two sets of web pages (CA and CB), each containing 500 web pages, were obtained by searching “human genome” in Google. CA was obtained on Nov 26, 2000. CB was on Mar 11, 2001. In the output of KeyGraph, Celera (www.celera.com), a growing HG research website, was detected as a chance in CB because Celera co-occurred with the most important (foundation) websites in CB. The set of foundation websites of CA and CB, such as NCBI (the National Centre for Biotechnology Information), etc, is almost the same. The following events about Celera were reported in the meantime: 1. The Human Genome Project team and Celera announced the completion of the draft sequence of the human genome in June, 2000. 2. Craig Venter, President and Chief Scientific Officer of Celera and Francis Collins, Director of the Human Genome Project, met President Bill Clinton and British Prime Minister Tony Blair for the progress of the human genome analysis. 3. Papers about the completion were published in Nature and Science in 2001. For a researcher in medicine whose goals include finding a cure for genetic diseases, our CD system would report a chance after evaluating events 1&2 and would propose new plans. The system may draw the researcher’s attention to the draft sequence as early as on Jun 27, 2000 because Clinton and Blair are very important individuals. The degree of relevance will be high. The magnitude of “the draft sequence” will be high since it makes the researcher’s unattainable goals achievable. Therefore, our approach could discover chances fast.

6 CONCLUSION This paper describes a chance discovery system based on Cyc Knowledge base. The knowledge base

138

works as a virtual reality. Cyc KB simulates the development of real society by continuously updating its knowledge. The new knowledge comes from newspaper, magazine, and WWW, etc. The chance discovery system searches chances in KB for on behalf of the virtual chance seekers. By assessing the relevance of new knowledge, the irrelevant knowledge to a chance seeker is ignored. Then chance in relevant knowledge is detected by considering its impact on the current plans and the possibility of new plans that are built based on the new knowledge.

REFERENCES Abe, A., 2003a.. Abduction and analogy in chance discovery. In Ohsawa, Y. and McBurney, P., editors, Chance Discovery, pages 231–247. Springer-Verlag Berlin Heidelberg. Abe, A., 2003b. The role of abduction in chance discovery. New Gen. Comput., 21(1):61–71. Kundu, K., Sessions, C.,,desJardins, M. and Rheingans, P. 2002. Three-dimensional visualization of hierarchical task network plans, Proceedings of the Third International NASA Workshop on Planning and Scheduling for Space, Houston, Texas. McBurney, P. and Parsons, S., 2003. Agent communications for chance discovery. In Ohsawa, Y. and McBurney, P., editors, Chance Discovery, pages 133–146. Springer-Verlag Berlin Heidelberg. Nau, D. Cao, Y., Lotem, A. and Muñoz-Avila, H. 1999. SHOP: Simple Hierarchical Ordered Planner. In Proceedings of the International Joint Conference on Artificial Intelligence (IJCAI-99), pp. 968-973.

Zhiwen Wu and Ahmed Y. Tawfik Ohsawa, Y., 2003a. Keygraph: Visualized structure among event clusters. In Ohsawa, Y. and McBurney, P., editors, Chance Discovery, pages 262–275. SpringerVerlag Berlin Heidelberg. Ohsawa, Y., 2003b. Modeling the process of chance discovery. In Ohsawa, Y. and McBurney, P., editors, Chance Discovery, pages 2–15. Springer-Verlag Berlin Heidelberg. Ohsawa, Y., Benson, N. E., and Yachida, M. ,1998. Keygraph: Automatic indexing by co-occurrence graph based on building construction metaphor. Proceedings of the Advances in Digital Libraries Conference, pages 12–18. IEEE Computer Society. Ohsawa, Y. and McBurney, P., 2003. Preface. In Ohsawa,Y. and McBurney, P., editors, Chance Discovery. Springer-Verlag Berlin Heidelberg. Ohsawa, Y. and Yachida, M., 1999. Discover risky active faults by indexing an earthquake sequence. Proceedings of the Second International Conference on Discovery Science, pages 208–219. SpringerVerlag. OpenCyc.org,2002. OpenCyc documentation. http://www.openCyc.org/doc/. Parsons, S. and McBurney, P., 2003. Logics of argumentation for chance discovery. In Ohsawa, Y. and McBurney, P., editors, Chance Discovery, pages 150–165. Springer-Verlag Berlin Heidelberg. Russell, S. and Norvig, P., 2002. Artificial Intelligence: A Modern Approach. Prentice Hall Series in Artificial Intelligence, 2nd edition. Tawfik, A. Y. 2004. Inductive reasoning and chance discovery. Minds and Machines, Volume 14 (Issue 4):441– 451. Tawfik, A. Y. and Khan, S., 2005. The Degeneration of Relevance in Dynamic Decision Networks with Sparse Evidence, Applied Intelligence, to appear.

PART 3

Information Systems Analysis and Specification

EARLY DETECTION OF COTS FUNCTIONAL SUITABILITY FOR AN E-PAYMENT CASE STUDY Alejandra Cechich Departamento de Ciencias de la Computación, Universidad del Comahue, Neuquén, Argentina Email: [email protected]

Mario Piattini Escuela Superior de Informática, Universidad de Castilla-La Mancha, Ciudad Real, España Email: [email protected]

Keywords:

Component-Based System Assessment, COTS components, Software Quality.

Abstract:

The adoption of COTS-based development brings with it many challenges about the identification and finding of candidate components for reuse. Particularly, the first stage in the identification of COTS candidates is currently carried out dealing with unstructured information on the Web, which makes the evaluation process highly costing when applying complex evaluation criteria. To facilitate the process, in this paper we introduce an early measurement procedure for functional suitability of COTS candidates, and we illustrate the proposal by evaluating components for an e-payment case study.

Acquisition Process (Ochs et al., 2000), data according to a measurement plan are collected on a set of COTS software alternatives. Data are used in the filtering activity to eliminate those COTS alternatives that are unacceptable for use. Identification of COTS candidates is a complex activity itself. It implies not only dealing with an impressive number of possible candidates but also with unstructured information that requires a careful analysis. In this context, some proposals use description logics to develop an ontology for matching requested and provided components (Braga et al., 1999; Pahl, 2003); others suggest extending the identification stage with a learning phase, which provides support to the COTS component discovery process (Jaccheri and Torchiano, 2002). Some other approaches try to measure the semantic distance between required and offered functionality (Alexander and Blackburn, 1999; Jilani and Desharnais, 2001) but these measures usually need detailed information as input to the calculations. In addition to learning and classification issues, a filtering process is concerned with the pre-selection of candidates. It actually takes place by matching several properties of COTS components, including some inexact matching. Moreover, there are some cases where goals cannot be entirely satisfied without considerable product adaptation and other

1 INTRODUCTION COTS-Based System Development is now recognised as the way forward in building software architectures that can operate in advanced distributed, intranet, and Internet environments. In essence, using components to build systems reduces complexity because composers do not need to know how a component works internally. They only need to know what the component is and the services it provides. Ideally, most of the application developer’s time is spent integrating components. Components become unwieldy when combined and re-combined in large-scale commercial applications. What are needed are ensembles of components that provide major chunks of application functionality that can be snapped together to create complete applications. COTS component filtering is to decide which components should be selected for more detailed evaluation. Decisions are driven by a variety of factors – foremost are several design constraints that help define the range of components. So a balance is struck, depending upon the level of abstraction, complexity of the component, goals and criteria, and so forth. Some methods include qualifying thresholds for filtering. For example, during the activity "Collect Measures" of the COTS 141

C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 141–148. © 2006 Springer.

142

cases where these goals must be resigned to match product features (Alves and Filnkestain, 2002); (Cooper and Chung, 2002). As a possible improvement, the Six Sigma approach has been suggested selecting packaged software (Tayntor, 2002); however the evaluation mainly relies on the information provided by demos and additional documentation of the software. Then, the lack of measures makes this process perfectible. Along these lines, our approach based on SixSigma precepts, focuses on fact-based decisions, teamwork, and measurement as a way of driving the identification and filtering process (Cechich and Piattini, 2004a; Cechich and Piattini 2004b). We refer to a component-based system as a system that uses at least one component in conjunction with other components, legacy systems, and other pieces of software – including COTS components – to satisfy user’s requirements. This concept is introduced to emphasize the fact that the output from the system satisfies the user’s requirements by using the functionality supplied by at least one COTS component. Particularly, we consider functional suitability as the main aspect to be measured; however, measures should be expressed in such a way that calculation is possible at early stages. Our proposal aims at improving the filtering process by performing three steps: (1) a “commitment” step, which produces a committed required specification of a component; (2) a “prefiltering” step, in which COTS candidates are preselected according to their functional suitability; and (3) a “filtering” step, in which architectural semantics adaptability produces an indicator of stability that serves as a basis for the final candidate filtering. In this paper, we particularly address the second step (“pre-filtering”), in which functional suitability measures are calculated and analysed. Metrics for COTS based systems are emerging from the academic and industrial field (Martín-Albo et al., 2003). However, many of these definitions do not provide any guideline or context of use, which makes metric’s usability dependable on subjective applications. Measures are not isolated calculations with different meanings; on the contrary, capability of measures is strongly related to the process of calculating and providing indicators based on the measures. Our approach intends to define a filtering process in which measures are included as a way of providing more specific values for comparison. At the same time, the process guides the calculation, so ambiguity is decreased. Among other relationships, resulting measures are related to the artefact to be measured. In our approach, the artefact is expressed as functionality required by a particular application, and

Alejandra Cechich and Mario Piattini

functionality offered by COTS candidates. Generally speaking, both cases are subject to analysing information that is modelled and weighted by people – composers or integrators on one side, and component’s suppliers on the other. Different interpretations, perceptions, and judgements are then affected by the expressiveness of information. Nevertheless, our comparisons are abstract-level definitions, which allow us to customize the filtering process by instantiating the calculation procedure according to different contexts of use. Since information needed to compute the measures depends on how COTS suppliers document COTS component’s functionality (Bertoa et al., 2003), and how requirements are specified, in this paper we illustrate how metrics might be calculated by measuring functional suitability on COTS candidates for an E-payment case study. In section 2 we briefly introduce our compact suite of measures (Cechich and Piattini, 2004c) that should be used during the pre-filtering process. Then, section 3 shows how measures might be applied to our case and provides some discussion. A final section addresses conclusions and topics for further research.

2 MEASURING FUNCTIONAL SUITABILITY In the previous section, we have emphasized the fact that a system should satisfy the user’s requirements by using the functionality supplied by at least one COTS component. Then, given a specification SC for an abstract component type C, a candidate component K to be a concrete instance of C must conform to the interface and behaviour specified by SC. Mappings in SC, which represent the different required functionalities, are established between input and output domains. We focus on incompatibilities derived from functional differences between the specification in terms of mappings of a component Ki (SKi) and the specification in terms of mappings of SC. Our measures have been defined to detect domain compatibility as well as functional suitability. Let us briefly clarify this point: domain compatibility measures show that there are some candidate components able to provide some functionality. However, we cannot be certain of the amount of functionality that is actually provided – matching input data does not certify that output data match too. Therefore, even a component might be full domain compatible, there is still another set of measures to be applied in order to determine the functional suitability.

Early Detection of Cots Functional Suitability for an E-payment Case Study

Let us illustrate the measurement procedure by using an credit card payment system as an example. We suppose the existence of some scenarios describing the two main stages of the system – authorization and capture. Authorization is the process of checking the customer’s credit card. If the request is accepted, the customer’s card limit is reduced temporarily by the amount of the transaction. Capture is when the card is actually debited. Scenarios will provide an abstract specification of the mappings of SC that might be composed of: - Input domain: (AID) Auth_IData{#Card, Cardholder_Name, ExpDate}; (CID) Capture_Idata{Bank_Account, Amount}. - Output domain: (AOD) Auth_Odata{ok-Auth}; (COD) Capture_Odata{ok_Capture, DB_Update}. - Mapping: {AID o AOD};{CID o COD} Suppose we pre-select two components to be evaluated, namely K1 and K2 respectively. A typical situation for inconsistency in the functional mappings between SK1, SK2 and SC is illustrated in Figure 1, where dashed lines indicate (required) mappings with respect to SC, and the solid lines are (offered) mappings with respect to SK1 (grey) and SK2 (black). Note that the input domain of the component K1 does not include all the values that the specification SC requires, i.e. the capture functionality is not provided. Besides, the input domain of the component K2 includes more values than the required by SC, although the mapping satisfies the required functionality. We should also note that there is another functionality provided by K2, i.e. {Taxes o Statistics}, which might inject harmful effects to the final composition. SC (i)

SKi (i)

SK2 (i) dom SK2 • Statistics • Taxes

dom SK1 • AID dom SC

• CID

ran SK2

ran SK1 • AOD • COD ran SC

Figure 1: Functional mappings of SC and SK1/SK2 .

143

Table 1: Description of Functional Suitability measures Measure Id. Description Component-Level The number of functional CFC Compatible mappings provided by SK and Functionality required by SC in the scenario S The number of functional MFC Missed Functionality mappings required by SC and NOT provided by SK in the scenario S. AFC The number of functional Added Functionality mappings NOT required by SC and provided by SK in the scenario S. CCF Percentage in which a component Component contributes to get the functionality Contribution required by SC in the scenario S. Solution-Level The number of components that SNCF Candidate Solution contribute with compatible functionality to get the requirements of SC in the scenario S. CFS The number of functional Compatible mappings provided by SN and Functionality required by SC in the scenario S. MFS The number of functional Missed Functionality mappings required by SC in the scenario S and NOT provided by SN. The number of functional AFS Added Functionality mappings NOT required by SC in the scenario S and provided by SN. Percentage in which a solution SCF Solution Contribution contributes to get the functionality required by SC in the scenario S.

Our measures on functional suitability have been classified into two different groups: component-level measures and solution-level measures. The first group of measures aims at detecting incompatibilities on a particular component K, which is a candidate to be analysed. However, it could be the case that we need to incorporate more than one component to satisfy the functionality required by the abstract specification SC. In this case, the second group of measures evaluates the functional suitability of all components that constitute the candidate solution. Table 1 lists our suite of functional suitability measures. We refer the reader to (Cechich and Piattini, 2004c) for their formal definition. Solutionlevel metrics are listed here for completeness reasons, since our case study only needs to apply component-level measures; i.e. combination of

Alejandra Cechich and Mario Piattini

144

components from the marketplace is not necessary to get the required functionality, therefore a solutionlevel analysis is not required.

3 MEASURING COTS CANDIDATES: A CASE STUDY Scenarios describing the two main stages of a credit card payment, as we introduced in the previous section, represent here a credit card (CCard) payment system, which provide an abstract specification of the input (AID, CID) and output domains (AOD, COD) of a component C, and their corresponding mappings. After a quick browse on the Web as a COTS repository, we chose COTS components catalogued by the ComponentSource organization (www.componentsource.org) as members of the “Credit Card Authorization” group. Following, we introduce some examples of our analysis. Firstly, we chose one component – AcceptOnline by Bahs Software – as a candidate to provide the required functionality. Properties of AcceptOnline are grouped into the following classes: merchant fields, transaction fields, and response fields. From those classes, we identify: x

x x x x x x x

transaction_type: This field identifies the type of transaction being submitted. Valid transaction types are: “CK” (System check), “AD” (Address Verification) “AS” (Authorization), “ES” (Authorization and Deposit), “EV” (Authorization and Deposit with Address Verification), “AV” (Authorization with Address Verification), “DS” (Deposit), and “CR” (Credit). cc_number: The credit card number to which this transaction will be charged. cc_exp_month and cc_exp_year: The numeric month (01-12) and the year (formatted as either YY or CCYY) in which this credit card expires. billing phone: The shopper’s telephone number. grand total: The total amount of the transaction. merchant email: This is the Email address of the merchant. order type: This field determines which fields are used to validate the merchant and/or hosting merchant. transactionStatus: Transaction Status. Valid values are: G - Approved, D -Declined, C Cancelled, T - Timeout waiting for host response, R – Received.

Table 2: Required Fields by Transaction Type CK AD AS ES EV AV DS CR Field authorization billing_address1; billing address2

Y

billing_zip billing_pone

Y Y

Y

cc_number; cc_exp_month; cc_exp_year

Y

counter debug grand_total merchant_email order_numer ….

Y

Y

Y

Y

Y

Y

Y Y

Y Y

Y

Y

Y

Y

Y

Y

Y Y Y Y

Y Y Y Y

Y Y Y Y

Y Y Y Y

Y Y Y Y Y

Y Y Y Y Y …

Methods of AcceptOnline are specified in terms of their main focus and required input. Particularly, the SendPacket method is used to send the transaction info to the ECHOOnline server, and required properties should be filled as shown in Table 2 (requirements for CR are partially listed). From the AcceptOnline (AOnline) description above, we might derive the following mappings related to our authorization (AS) and capture (DS) required functionality: – Input domain: (AOnline.ASI) {billing_phone, cc_number, cc_exp_month, cc_exp_year, counter, debug, grand total, merchant_email}; (AOnline.DSI) {authorization, cc_number, cc_exp_month, cc_exp_year, counter, debug, grand_total, merchant email}. – Output domain: (AOnline.ASO) {TransactionStatus}; (AOnline-DSO) {TransactionStatus}. – Mapping: {AOnline.ASI o AOnline.ASO; AOnline.DSI o AOnline.DSO} . There are also mappings as follows:

other

possible

functional

{AOnline.ADI o AOnline.ADO; AOnline.EVI o AOnline.EVO; AOnline.AVI o AOnline.AVO; AOnline.CRI o AOnline.CRO}, which represent address verification, authorization and deposit with address verification, and so forth.

Early Detection of Cots Functional Suitability for an E-payment Case Study

For brevity reasons, we assume here that input domain compatibility measures have indicated that the AcceptOnline component is a candidate for further evaluation – after comparing AID, CID (from specification SC) to AOnline.ASI and AOnline.DSI. We should note that values of the input domain do not exactly match: billing_phone is used instead of cardholder_name to identify cardholders; and merchant_email is used for Bank_id. Similarly, ok_Auth, ok_Capture, and BD_Update might correspond to the different values of TransactionStatus. However, in all cases matching is possible since purpose is similar. Then, similarity is basically determined by analysing semantics of concepts with respect to their use. Now, computing measures from Table 1 produces the following results: CFC = 2; MFC = 0; AFC = 4; and CCF = 1 These results indicate that the AcceptOnline component has proved being 100% (CCF = 1) functionally suitable, and thus a candidate for further evaluation during the filtering process – for example by analysing size and complexity of adaptation. Measures also indicate that there are four added functions (AFC = 4), which deserve more careful examination. Let us analyse a second component from the same group, i.e. catalogued as a member of “Credit Card Authorization”. This time, we have chosen the Energy Credit Card component by Energy Programming as the candidate to provide the required functionality. The Energy Credit Card component provides two functions described as follows: 1. Functionality “Extract_Card_Data”, which provides the ability to decode the magnetic data on the swipe card; and 2. Functionality “Validate_Card_Details”, which provides the ability to validate keyed entry data from other systems. To accomplish both functionalities, input data is required as follows: Input: {surname, initials, salutation, card_number, card_type, startDate, expiryDate, issue} Output: {error_number, error_text} As we easily can see, this second component does not provide the required functionality of our scenario. Although the component is classified as a member of the “Credit Card Authorization” group, functionalities show that only validation of credit

145

card data is provided. Therefore, calculating measures from Table 1 would produce the following results: CFC = 0; MFC = 2; AFC = 0; and CCF = 0 These results indicate that the Energy Credit Card component is 0% (CCF = 0) functionally suitable, and we should not invest more time and effort in more evaluation. However, note that functionalities provided by the Energy Credit Card component might be part of the required functionality associated to the “Authorization” scenario. To make this point explicit, if necessary, evaluators should expose the different functionalities through a more detailed description of the required scenario; hence calculation of partially satisfied functionality would be possible. In our example, “Authorization” could be expressed as “Credit Card Validation” and “Amount Authorization”. In this way, calculating measures for the Energy Credit Card component would result in: CFC = 1; MFC = 2; AFC = 0; and CCF = 0.33 These results would indicate that the Energy Credit Card component might be a candidate to be combined along with other components to provide the required functionality (and not necessarily discharged). Of course, decisions on how detailed an scenario should be depend on requirements on a particular domain; i.e. components that do not provide the whole authorization procedure might not be useful in a particular case. We suppose here that balanced requirements among all stakeholders have been considered to provide the appropriated scenarios (Cechich and Piattini, 2004b). Now, let us consider a third component for our evaluation procedure: the PaymentCardAssist component by Aldebaran, that supports e-mail verification, event logging, data encryption, file compression, and payment card detail validation. The PaymentCard object within the DeveloperAssist Object Library validates payment card (credit, debit and charge card) information. The PaymentCard object does not provide authorization or clearing functionality, but rather provides a means to validate payment information entered by a site visitor, before pursuing a full authorization. After considering detailed data to be validated, we can see that our measures will result as: CFC = 0; MFC = 2; AFC = 4; and CCF = 0; or after considering a more detailed scenario, in which card data validation is made explicit, measures will result as:

Alejandra Cechich and Mario Piattini

146

CFC = 1; MFC = 2; AFC = 4; and CCF = 0.33 Finally, let us consider another component from the same group – the CCProcessing component by Bahs Software. It supports the authorization, settlement (capture) , and credit/refund operations. “Authorization” is divided into “PerformAuthorization” and “AddToBatch” operations, meanwhile “Capture” corresponds to the “PerformSettlement” operation. Transaction descriptions are presented as follows: x x

x x x x

“PURCHASE”: Standard purchase transaction (In "card not present" mode); “PURCHASE_TRACK1”: Purchase transaction in "card present" mode. Track1 property should be set for such transaction type. “VALIDATE_CARD”: Card authentication to determine only if a card has been reported lost or stolen. “REVERSE_AUTHORIZATION”: On-line Authorization Reversal. “REVERSE_SETTLEMENT”: Store & Forward Authorization Reversal. “CREDIT”: Credit/refund operation.

By analysing input and output domains of CCProcessing, we have identified mappings that cover the functionalities described by our scenario. Considering “credit” and address validation (part of “validate card”) as additional functionality (reverse authorization and reverse settlement might be considered as part of a “Cancel” operation), measurement results might be expressed as: CFC = 2; MFC = 0; AFC = 2; and CCF = 1 A similar treatment was applied to evaluate the other components in the group. From 22 components, we consider 12 for analysis since the other 10 components differ only in terms of their implementations, preserving the same functionality. Results of our calculations are shown in Table 3. Note that only four components provide the functionality required by our scenario. This fact would indicate that those components are preselected for more evaluation, since they are 100% functionally suitable. A special remark should be made on values assigned to the ComponentOne Studio Enterprise: this component is a combination of four individual components that support reporting, charting, data manipulation, and user interface capabilities for .NET, ASP.NET, and ActiveX applications. As readers easily can see, this component essentially differs from the others in the group; however it is classified as a “Credit Card

Authorization” component. For this reason, additional functionality (AFC) has not been scored. Table 3: Measurement results for components in the “Credit Card Authorization” category

Component AcceptOnline CCProcessing CCValidate CreditCardPack EnergyCreditCard IBiz InaCardCheck IPWorks LuhnCheck PaymentCardAssist SafeCard ComponentOneStudio

CFC MFC 2 0 2 0 0 2 0 2 0 2 2 0 0 2 2 0 0 2 0 2 0 2 0 2

AFC 4 2 0 0 0 2 0 1 0 4 0 **

CCF 1 1 0 0 0 1 0 1 0 0 0 0

3.1 Discussion Scenarios have been widely used during design as a method to compare design alternatives and to express the particular instances of each quality attribute important to the customer of a system. Scenarios differ widely in breadth and scope, and its appropriate selection is not straightforward. Our use of scenarios is a brief description of some anticipated or desired use of a system. We emphasize the use of scenarios appropriated to all roles involving a system. The evaluator role is one widely considered but we also have roles for the system composer, the reuse architect, and others, depending on the domain. The process of choosing scenarios for analysis forces designers to consider the future uses of, and changes to, the system. It also forces to consider non-functional properties that should be properly measured during the COTS selection process. In some cases, this diversity of concerns produces finegrained functionality described by scenarios, but coarse-grained functionality might be described as well. As a consequence, our measures are affected by a particular scenario’s description since calculation refers to the number of functions – without further discussion about their particular specification. For example, in our CCard system, “validation with address” and “reverse authorization” could be considered as part of an ordinary credit card authorization process. Assuming that, scores for added functionality (AFC) would be decreased (only “credit” would be considered as added functionality). As another example, we could choose a more detailed description of the functionality and

Early Detection of Cots Functional Suitability for an E-payment Case Study

decompose “Authorization” into “Credit Card Validation” and “Credit Card Authorization”. In this case, calculation of provided and missed functionality would be different and contribution (CCF) would show which components partially contribute to reach credit card authorization. Table 4 shows our measures considering the last two assumptions: (1) including validation with/without address and reverse authorization as part of the procedure, and (2) splitting “Authorization” into two processes – validation and authorization itself. By comparing scores from Table 3 and Table 4 we illustrate the importance of standardizing the description of required functionality as well as providing a more formal definition of scenarios. Also, note that components providing all required functionality remain unchanged on both tables: only four components provide authorization and capture as required in our case (4 / 12 = 33%). It would indicate that searching a catalogue by category is not enough to find appropriated components. In our example, better categorizations would help distinguish credit card validation from authorization. Moreover, a better categorization would help avoid that a component that does not provide any functionality (accordingly to the category), like ComponentOneStudio, be catalogued as a member of any of those classes. Table 4: Measurement results after changing scenarios

CFC Component AcceptOnline 3 CCProcessing 3 CCValidate 1 CreditCardPack 1 EnergyCreditCard 1 IBiz 3 InaCardCheck 1 IPWorks 3 LuhnCheck 1 PaymentCardAssist 1 SafeCard 1 ComponentOneStudio 0

MFC 0 0 2 2 2 0 2 0 2 2 2 3

AFC 1 1 0 0 0 1 0 0 0 4 0 ***

CCF 1 1 0.33 0.33 0.33 1 0.33 1 0.33 0.33 0.33 0

Our measures indicate that four components are candidates to be accepted for more evaluation, i.e. the components are functionally suitable but there is some additional functionality that could inject harmful side effects into the final composition. Identifying and quantifying added functionality are subject to similar considerations – the number of functions essentially is a rough indicator that might be improved by weighting functionality; i.e. clearly the four functions added by the component PaymentCardAssist are different in scope and

147

meaning from the other added functions. However, just counting functions would help decide on which components the analysis should start. Table 4 also shows that there are some candidates which are able to provide some required functionality – “credit card validation”. But making this functionality more visible not necessarily indicate the type of validation that actually is taking place, for example whether or not a MOD10/Luhn check digit validation is carried out. Our measures are just indicators of candidates for further evaluation, on which additional effort might be invested. Nevertheless, our measures do not detect the best candidates at a first glance but a possible interesting set. A process guides calculations so ambiguity is decreased (Cechich and Piattini, 2004a), but committed scenarios still depend on particular system’s requirements. Besides, there are another types of analysis the component should be exposed before being eligible as a solution – such as analysis of non-functional properties, analysis of vendor viability, and so forth (Ballurio et al., 2002). Our set of measures are only providing a way of identifying suitable components from a functional point of view. We might provide a more precise indicator when calculating the maintenance equilibrium value as introduced in (Abts, 2002): “Maximise the amount of functionality in your system provided by COTS components but using as few COTS components as possible”. A final remark brings our attention into the necessity of balancing required and offered functionality during COTS-based developments. After analysing candidates, we might also change our expectations on finding appropriated components. In this case, we could potentially resign most of our expectations on a particular requirement letting offered services prevail. For example, we could keep some of the alternative services resigning others whether COTS candidates are hard to find or adapt. An additional measure on modifiability of goals (Cechich and Piattini, 2004b) would help detect the degree in which certain functionality can be changed when selecting COTS components. Of course, we could also decide not to select components at all, and build a solution from scratch.

4 CONCLUSION We have briefly presented some measures for determining functional suitability of COTS candidates by applying the calculations on a case study. It showed how COTS information may be mapped onto our measurement model leading to an early value for decision making.

148

However, differences in COTS component documentation make evaluation harder. Our application clearly remarks the importance of standardising COTS component documentation and analysing the diverse ways of structuring COTS component’s information to facilitate functional matching detection. However, successful matching also depends on how functional requirements are specified. Then, a formal procedure for identification of candidates should be defined to make the process cost-effectively. Constraints on the component’s use and constraints relative to a context might be also useful to be considered. These aspects would indicate that providing more complex classifications, such as taxonomies of components, would help catalogue them in a marketplace. Additionally, more complex descriptions might be provided by using ontologies and contexts. Along these lines, our future work aims at defining some guidelines and hints on the searching and learning process of COTS component candidates.

ACKNOWLEDGMENTS This work was partially supported by the CyTED project VII-J-RITOS2, by the UNComa project 04/E059, and by the MAS project supported by the Dirección General de Investigación of the Ministerio de Ciencia y Tecnología (TIC 2003-02737-C02-02).

REFERENCES Abts C. COTS-Based Systems (CBS) Functional density A Heuristic for Better CBS Design, 2002. In Proceedings of the First International Conference on COTS-Based Software Systems, Springer Verlag LNCS 2255, pages 1-9. Alexander R. and Blackburn M., 1999. Component Assessment Using Specification-Based Analysis and Testing. Technical Report SPC-98095-CMC, Software Productivity Consortium. Alves C. and Filkenstein A., 2002. Challenges in COTSDecision Making: A Goal-Driven Requirements Engineering Perspective. In Proceedings of the Fourteenth International Conference on Software Engineering and Knowledge Engineering, SEKE’02. Ballurio K., Scalzo B., and Rose L, 2002. Risk Reduction in COTS Software Selection with BASIS. In Proceedings of the First International Conference on COTS-Based Software Systems, ICCBSS 2002, Springer-Verlag LNCS 2255 , pp. 31-43. Bertoa M., Troya J., and Vallecillo A., 2003. A Survey on the Quality Information Provided by Software

Alejandra Cechich and Mario Piattini Component Vendors. In Proceedings of the ECOOP QAOOSE Workshop. Braga R., Mattoso M., and Werner C., 2001. The use of mediation and ontology for software component information retrieval. In Proceedings of the 2001 Symposium on Software Reusability: putting software reuse in context, ACM Press, pp. 19-28. Cechich A. and Piattini M., 2004a. Managing COTS Components using a Six Sigma-Based Process. In Proceedings of the 5th International Conference on Product Focused Software Process Improvement, PROFES 2004, volume 2009 of LNCS, SpringerVerlag, pp.556-567. Cechich A. and Piattini M., 2004b. Balancing Stakeholder’s Preferences on Measuring COTS Component Functional Suitability. In Proceedings of the 6th International Conference on Enterprise Information Systems, ICEIS 2004, pp. 115-122. Cechich A. and Piattini M., 2004c. On the Measurement of COTS Functional Suitability. In Proceedings of the 3rd International Conference on COTS-based Software Systems, ICCBSS 2004, volume 2959 of LNCS, Springer-Verlag, pp. 31-40. Cooper K. and Chung L., 2002. A COTS-Aware Requirements Engineering and Architecting Approach: Defining System Level Agents, Goals, Requirements and Architecture, Technical Report UTDCS-20-02, Department of Computer Science, The University of Texas at Dallas. Jaccheri L. and Torchiano M., 2002. A Software Process Model to Support Learning of COTS Products. Technical Report, IDI NTNU. Jilani L. and Desharnais J., 2001. Defining and Applying Measures of Distance Between Specifications. IEEE Transactions on Software Engineering, 27(8):673— 703 . Martín-Albo J., Bertoa M., Calero C., Vallecillo A., Cechich A., and Piattini M., 2003. CQM: A Software Component Metric Classification Model. In Proc. of the 7th ECOOP Workshop QAOOSE 2003, pages 5460, Darmstadt, Germany. Ochs, D. Pfahl, G. Chrobok-Diening, and NothhelferKolb, 2000. A Method for Efficient Measurementbased COTS Assessment and Selection - Method Description and Evaluation Results. Technical Report IESE-055.00/ E, Fraunhofer Institut Experimentelles Software Engineering. Pahl C., 2003. An Ontology for Software Component Matching. In Proceedings of the Sixth International Conference on Fundamental Approaches to Software Engineering, volume 2621 of LNCS, Springer-Verlag, pp. 6-21. Tayntor C., 2002. Six Sigma Software Development. Auerbach Publications.

PRESERVING THE CONTEXT OF INTERRUPTED BUSINESS PROCESS ACTIVITIES Sarita Bassil1 , Stefanie Rinderle2 , Rudolf Keller3 , Peter Kropf4 and Manfred Reichert5 1

DIRO, University of Montreal, C.P. 6128, succ. Centre-ville, Montreal, Quebec, H3C 3J7, Canada [email protected] 2 DBIS, Faculty of Computer Science, University of Ulm, Germany, [email protected] 3 Z¨uhlke Engineering AG, Schlieren, Switzerland, [email protected] 4 Institute of Computer Science, University of Neuchatel, Switzerland, [email protected] 5 Information Systems Group, University of Twente, The Netherlands, [email protected]

Keywords:

Information systems, business processes, flexibility, data analysis, B2B and B2C applications.

Abstract:

The capability to safely interrupt business process activities is an important requirement for advanced processaware information systems. Indeed, exceptions stemming from the application environment often appear while one or more application-related process activities are running. Safely interrupting an activity consists of preserving its context, i.e., saving the data associated with this activity. This is important since possible solutions for an exceptional situation are often based on the current data context of the interrupted activity. In this paper, a data classification scheme based on data relevance and on data update frequency is proposed and discussed with respect to two different real-world applications. Taking into account this classification, a correctness criterion for interrupting running activities while preserving their context is proposed and analyzed.

1

INTRODUCTION

Moreover, the occurrence of unexpected problems during transportation cannot be avoided. Indeed, there is ample evidence that fleet management at the operational level (e.g., scheduling of transportation activities) is highly dynamic in the sense that ongoing transportation activity sequences require a high degree of adaptation to deal with unexpected problems (Bassil et al., 2003). As an example, technical problems of vehicles, traffic jams or forced rerouting may appear at any time while V is on the road between O and D. This usually leads to the interruption of the “move V from O to D” activity. In such a situation, a dynamic adaptation of an already planned flow of activities for the satisfaction of a customer request is needed. This adaptation should take into account the current context of the interrupted activity. The new transportation solution may propose to send a new vehicle V’ to the current position of V or to change the already planned route leading to D. In both cases, the current position of V should be available such that an appropriate new solution can be proposed.

To stay competitive in the market, companies must be able to rapidly react to changing situations and to align their business processes accordingly (Reichert et al., 2003). In particular, e–business needs a powerful infrastructure to isolate process logic from application code (Gartner Group, 1999), and to define, control, and monitor business processes. Process– Aware Information Systems (PAIS) offer a promising perspective in this context (v.d. Aalst and van Hee, 2002). They aim to connect activities, i.e., pieces of work to perform a task, in order to achieve a common goal (Workflow Management Coalition, 1999). However, today’s companies need to maintain a satisfying level of agility. It appears that agile PAIS are the ones that provide, among other things, an appropriate and a competent way to cope with changing situations and unexpected events. This, in turn, is of particular importance for adequately supporting longrunning, distributed business processes. From this perspective, transportation companies for instance must adopt solutions where a close follow-up of activities is possible such that a customer request is well satisfied. An example of a transportation activity is “move vehicle V from origin location O to destination location D”. A close follow-up of this activity can be achieved using GPS (Global Positioning System) which enables to continuously calculate and provide the position of a vehicle in movement.

In this paper, we focus on interrupted (business) process activities that require context preservation. In most cases, activity interruption is triggered by the appearance of unexpected events coming from the application environment (i.e., semantic failures). Preserving the context of an interrupted activity consists of saving data, which are produced by or associated with this activity. This must be done at the right time, e.g., as soon as the data become available or relevant.

149 C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 149–156. © 2006 Springer.

Sarita Bassil et al.

150 At this point, it is important to have a closer look at the granularity of work unit descriptions. Usually, a business process consists of a set of activities each of them dealing with a logical task (e.g., preparing a patient for a surgery). In addition, such a process activity can be further subdivided into atomic steps corresponding to basic working units (e.g., measuring weight/temperature of a patient as atomic steps of activity “prepare patient”) or to data provision services. Basic working units are either directly coded within application programs or worked on manually by people. Distinguishing between activities and atomic steps is useful for the following reasons: Atomic steps are not managed within worklists like activities are. This contributes to better system performance since the costs for managing and updating worklists decrease. Furthermore, this approach offers more flexibility to users (if desired) since they can choose the order in which they want to work on atomic steps. The distinction between activities and atomic steps finally leads to the following basic considerations. It is very important in this context to distinguish between a continuous and a discrete data update by activities. The “move V from O to D” activity introduced above is an example of an activity continuously updating the “V current position” data element by a GPS system. An example of an activity discretely updating data is even more obvious in process-oriented applications. We may think about the activity ”fill in a form” with many sections, each one asking for information (i.e., data) related to a specific topic. The information becomes relevant, and therefore may be kept in the system, only after the completion of a specific section. Filling in a section could be seen as working on a particular atomic step. We highlight the fact that a process activity may apply both updating kinds: it may discretely update a particular data element d1 and continuously update another data element d2 . Moreover, data elements may be discretely updated by a specific activity n1 and be continuously updated by another activity n2 . As an example, activity ”monitor patient” in a medical treatment process, may ask to measure twice a day the “patient temperature” and to continuously control the “patient heart electric signals”. On the other hand, the ”patient temperature” may be continuously controlled in case of high fever within activity “monitor patient” while it may be measured twice a day after operation within activity “aftercare”. Data continuously or discretely updated by activities may be only relevant for the specifically studied application (e.g., the vehicle “current position” in Fig. 3) or they may be relevant for process execution as well; in the latter case, these data are consumed by process activities and therefore have to be supplied by preceding activities. At the occurence of exceptional situations, it may appear that mandatory process rel-

evant data will not be available at the time an activity is invoked. Depending on the application context and the kind of data, it may be possible to provide the missing data by data provision services which are to be executed before the task associated with the respective activity is handled. We distinguish between exclusive application data and process relevant data. Note that exclusive application data may become process relevant when a failure occurs. In the transportation application, an example of process relevant data would be the “container temperature” (continuously) measured during a “move V from O to D” activity and relevant for a “Report to customer” activity within the same process. Reporting on the container temperature would inform the customer whether the transported goods (e.g., foods) were or were not continuously preserved under the appropriate temperature. The “V current position” is an example of exclusive application data since it is relevant for the application, in particular for the optimisation module of the application (Bassil et al., 2004), but not for the business process management system. If, however, a road traffic problem occurs, the “current position” of V may become relevant for the process as well; i.e., the origin location O’ of a newly proposed activity “move V from O’ to D” changing the already planned route leading to D, would correspond to “current position” of V. Figure 1 shows a data classification scheme in the context of business processes. This classification puts the frequency of updating activity data and the relevance of these data into relation. Within these two dimensions, we respectively differentiate between: • continuously and discretely updated data, and • exclusive application and process relevant data. Data Update Frequency Continuous

Application data continuously updated

Process data continuously updated

Discrete

Application data written by atomic steps

Process data written by atomic steps

Exclusive application

Process

Data Relevance

Figure 1: Data Classification Scheme.

Taking into account this classification, and knowing that exceptions stemming from the application environment cannot be avoided and generally appear during activity performance, it would be a challenge not to loose available data already produced by the activity that will be inevitably interrupted or deleted. In order to formally specify the correctness criterion for

Preserving the Context of Interrupted Business Process Activities interrupting running activities while preserving their context, formal definitions of requisite foundation for this specification are indispensable. The remainder of this paper is organized as follows: In Section 2 we define such foundation; we also discuss two application processes (a medical process and a transportation process) with respect to the provided definitions. Then, Section 3 introduces a general correctness criterion ensuring a safe interruption of a running activity. Section 4 discusses related work and Section 5 concludes the paper.

2

FORMAL FRAMEWORK

To be able to precisely define the different kinds of data and update frequencies we need a formal process meta model. In this paper, we use the established formalism of Well–Structured Marking Nets (WSM Nets) (Rinderle et al., 2004b) and extend it for our purposes. Informally, a WSM Net is a serial–parallel, attributed process graph describing control and data flow of a business process. More precisely, different node and edge types are provided for modeling control structures like sequences, branchings, and loops. A simple example is depicted in Fig. 2. Here, the upper two lanes show the control and data flow of a (simplified) medical treatment process. For example, activities “admit patient”, “inform patient”, and ”prepare patient” are arranged in sequence whereas activities ”monitor” and “operate” are executed in parallel. ”Weight” and “temperature” are examples of process relevant data elements involved in a data flow between the activities “prepare patient” and “operate”. As motivated in the introduction an activity can be subdivided into a set of atomic steps. Going back to Fig. 2, the lower two lanes show the atomic steps assigned to the process activities as well as the data flow between these steps. For example, the atomic steps “measure weight”, “measure temperature”, and “wash patient” are assigned to activity “prepare patient”. “Provide weight” is an example of a data provision service assigned to activity “operate” as atomic step. If an exceptional situation (e.g., failure at the “measure weight” atomic step level) occurs this data provision service will be invoked in order to supply input data element “weight” of the activity “operate” (and particularly of its atomic step “anesthetize”). We define a partial order relation on the set of atomic steps (incl. data provision services) assigned to a certain activity. The precedence relation depicts a micro control flow between elements of this set. Note that, by contrast, a macro control flow is defined between activities. We set up this relation by assigning numeric labels to atomic steps, e.g., an atomic step with numeric label “1” is considered as a predecessor of all atomic steps with numeric label “2” or greater. By

151

default, all atomic steps have number “1”, i.e., they can be worked on in parallel. In this case, the actor which works on the respective activity is considered as being the expert in choosing the best order. Data provision services have number “0” since they must be executed before other atomic steps assigned to the same activity, in order to properly supply these atomic steps with the required input data. So far WSM Nets have not considered splitting activities into atomic steps. Therefore we extend the formal definition from (Rinderle et al., 2004b) by including this additional level of granularity. In the following, S describes a process schema. Definition 1 (Extended WSM Net) A tuple S = (N, D, NT, CtrlE, DataE, ST, P, Asn, Aso, DataEextended ) is called an extended WSM Net if the following holds: • N is a set of activities and D is a set of process data elements • NT: N → {StartFlow, EndFlow, Activity, AndSplit, AndJoin, XorSplit, XorJoin, StartLoop, EndLoop} To each activity NT assigns a respective node type. • CtrlE ⊂ N × N is a precedence relation setting out the order between activities. • DataE ⊆ N × D × NAccessMode is a set of data links between activities and data elements (with NAccessMode = {read, write, continuousread, continuous-write}) • ST is the total set of atomic steps defined for all activities of the process (with P ⊆ ST describing the set of data provision services) • Asn: ST → N assigns to each atomic step a respective activity. • Aso: ST → N assigns to each atomic step a number indicating in which order the atomic steps of a certain activity are to be executed. By default: If s ∈ P , Aso(s) = 0 holds; otherwise, Aso(s) = 1. • DataEextended ⊆ ST × D × STAccessMode is a set of data links between atomic steps and data elements (with STAccessMode = {read, write}) As can be seen in the example from Fig. 2, there are atomic steps which produce data (e.g., “measure weight”) and others which do not write any data element (e.g., “wash patient”). In order to express this fact, we logically extend the set DataE to set DataEextended which comprises all read/write data links between atomic steps and data elements. In particular, an intra-activity data dependency may be defined such that intermediate results of an activity execution can be passed between subsequent atomic steps st1 and st2 with Asn(st1 ) = Asn(st2 ); i.e., ∃(st1 , d, write), (st2 , d, read) ∈ DataEextended . As an example (Fig. 2), consider the intra-activity data flow from “anesthetize” to “operate” via data element “sensory perception degree”. In fact, the atomic

weight

electro cardiogram

temperature

Process Schema S:

Inform

1

Sign

Monitor AndSplit

Admit patient

1

Measure 1 weight

consent

Inform patient

Measure 1 temp.

weight

Prepare patient

Wash 1 patient

Provide 0 weight

temperature

AndJoin

Operate

1 Anesthetize

Aftercare

Operate

sensory perception degree

Data on micro Atomic level steps

: Control flow : Data flow

sensory perception degree

Control flow

consent

Data on macro level

Sarita Bassil et al.

152

2

Figure 2: Medical Treatment Process.

Definition 2 (Process Instance on Extended WSM Net) A process instance I on an extended WSM Net S S is defined by a tuple (S, Mextended , ValS ) where: • S = (N, D, NT, CtrlE, . . .) denotes the extended WSM Net I was derived from S = (NSS , STSS ) describes activity and • Mextended atomic step markings of I: N S S : N → {NotActivated, Activated, Running, Completed, Skipped} ST S S : ST → {NotActivated, Activated, Running, Completed, Skipped} • V alS denotes a function on D. It reflects for each data element d ∈ D either its current value or the value Undefined (if d has not been written yet). Markings of activities and atomic steps are correlated. When an activity becomes activated, related atomic steps (with lowest number) become activated as well. The atomic steps will then be carried out according to the defined micro control flow. As soon as one of them is executed, both the state of this atomic step and of its corresponding activity change to Running. An activity is marked as Completed after completion of all corresponding atomic steps. Finally, if an activity is skipped during process execution, all related atomic steps will be skipped as well.

As motivated in the introduction, it is important to distinguish between data elements only relevant in context of application and data elements relevant for process progress as well. We can see whether a data element is relevant for the process if there is an activity reading this data element. Definition 3 (Data Relevance) Let S be an extended WSM Net, let w ∈ {write, continuous-write} and r ∈ {read, continuous-read}. Then we denote d ∈ D as • an exclusive application data element if ∃(n, d, w) ∈ DataE =⇒ ∃(m, d, r) ∈ DataE • a process relevant data element if ∃(n, d, w) ∈ DataE =⇒ ∃ m ∈ Succ∗ (S, n) ∪ {n}: (m, d, r) ∈ DataE Succ∗ (S, n) denotes all direct and indirect successors of activity n. The Data Relevance dimension captures both data elements that are produced by the process, but are only consumed by the application, and data elements that are produced and consumed by the process. In our medical treatment process (cf. Fig. 2), data elements “weight” and “temperature” taken during the “prepare patient” activity are examples of process relevant data elements. They are of utmost importance for carrying out the subsequent operate” activity (e.g., to calculate the quantity of anesthesia that has to be administered to the patient). By contrast, “consent” is an exclusively application relevant data element. As explained in Section 1, when a failure occurs, an exclusive application data element may become relevant for the process as well. A patient who already consented upon a surgery accepts the risks, and the “consent” data element may thus be used in subsequent activities dealing with respective problems. Turning now to the container transportation process, “current position” is an exclusive application data element whereas “container temperature” is a process relevant data element (cf. Fig. 3). ”

step “operate” needs this data element to decide when to begin surgery. Based on Def. 1, process instances can be created and executed. As discussed in (Rinderle et al., 2004b), during runtime a process instance references the WSM Net it was created from. Its current execution state is reflected by model–inherent activity markings. An activity which can be worked on is thus labeled Activated. As soon as activity execution is started the marking changes to Running. Finally, a finished activity is marked as Completed and an activity, which belongs to a non-selected, alternative execution branch, is marked as Skipped.

Preserving the Context of Interrupted Business Process Activities

container temperature

current position

Process Schema S:

Report to customer

: Control flow : Data flow Attach at P

Move to O

Move to D

Load at O

Unload at D

Move to P

…

Control flow

Data on macro level

153

Figure 3: Container Transportation Process.

We now define the notion of data update frequency. Based on this notion we will be able to define a criterion for safely interrupting running activities while preserving their context. Intuitively, for a discrete data update by atomic steps there are certain periods of time between the single updates, whereas for continuous data updates by activities the time slices between the single updates converge to 0. For defining the time slices between data updates, we need the function stp : ST → R ∪ {U ndef ined} which maps each atomic step of ST either to a specific point in time or to U ndef ined. In detail: stp(st) :=




tst if ∃(st, d, write) ∈ DataEextended U ndef ined otherwise

whereby tst :=




data elements are examples of data continuously updated respectively by a GPS system, a thermometer, and a cardiograph instrument. On the other hand, the set of atomic steps discretely writing a data element may be limited to only one atomic step. The “consent”, the “weight”, and the “temperature” are written once respectively by the “sign”, the “measure weight” and the “measure temperature” atomic steps (cf. Fig. 3). Fig. 4 summarizes the classification of the data involved in the medical treatment and in the container transportation process, taking into account the general data classification scheme presented in Fig. 1. Data Update Frequency - Container temp.

completion time of st ∞ by def ault

Continuous

Note that the infinite default value we assign to tst is updated as soon as st is completed. Hence, the real completion time of st is assigned to tst . Definition 4 (Data Update Frequency) Let S be an extended WSM Net, let w ∈ {write, continuouswrite} ⊂ NAccessMode, and let d ∈ D, n ∈ N with (n, d, w) ∈ DataE. Let further STnd be the set of atomic steps associated with activity n and writing data element d; i.e., STnd := {st |asn(st) = n, ∃(st, d, write) ∈ DataEextended }. Then we denote (d, n) as: • A discrete data update of d by n if ∃(n, d, write) ∈ DataE In terms of atomic steps: ∀st ∈ STnd : stp(st) = tst = Undefined • A continuous data update of d by n if ∃(n, d, continuous-write) ∈ DataE In terms of atomic steps: STnd = ∅ In case an activity n continuously updates a data element d no atomic steps writing d are dissociated, i.e., there are no atomic steps associated with n that write d; e.g., take the absence of atomic steps writing the “current position”, the “container temperature”, and the “electro cardiogram” in Figures 2 and 3. These

Discrete

- Container current position

- Patient consent

Exclusive application

- Patient electro cardiogram

- Patient weight - Patient temp. - Sensory perception degree

Process

Data Relevance

Figure 4: Data Classification for the Medical Treatment / Container Transportation Processes.

3

CORRECTNESS CRITERION

In order to correctly deal with exceptional situations, it is crucial to know those points in time when running activities can be safely interrupted. A running activity is safely interrupted means that the context of this activity is kept (1) such that all input data of subsequent activities are correctly supplied, or (2) in order to find possible solutions for exceptional situations. We denote these certain points in time as safe points of the respective activities. The challenging question is how to determine the safe point of an activity. In order to adequately answer

Sarita Bassil et al.

154 this question, our distinction between continuous and discrete data update is helpful. As the following definitions show, it is possible to precisely determine the particular safe interrupt points for discrete and continuous data updates, i.e., those points in time when the respective data are updated such that subsequent activities reading these data are correctly supplied. Definition 5 (Safe Interrupt Point for a Discrete Data Update) Let (d, n) (n ∈ N, d ∈ D) be a discrete data update of d by n, and let STnd be the set of atomic steps associated with n and writing d. Let further B := {stp(st), st ∈ STnd | ∃ p ∈ P: Asn(p) = n and (p, d, write) ∈ DataEextended }. Then the safe interrupt point tdsaf e of (d, n) corresponds to the maximum point in time any atomic step writes d (on condition that d cannot be provided by a data provision service). Formally:
max(B) : B = ∅ tdsaf e := U ndef ined : otherwise Informally, the safe interrupt point for a discrete data update by atomic steps is that maximum point in time when the last write access to the respective data element has taken place. Definition 6 (Safe Interrupt Point for a Continuous Data Update) Let (d, n) (n ∈ N, d ∈ D) be a continuous data update of d by n with a start updating time t1 and a finish updating time tk . The safe interrupt point tdsaf e of (d, n) (t1 < tdsaf e < tk ) corresponds to the time when d becomes relevant for subsequent activities. This time is fixed by the user. If no safe interrupt point is fixed by the user tdsaf e := Undefined holds. Intuitively, for continuous data updates there is no “natural” safe interrupt point. Therefore, we offer the possibility to define a safe interrupt point by the user. An example usage for such a user-defined safe interrupt point would be the “waiting time” in order to get the right container temperature after attaching it to the vehicle that shall power the refrigeration system within the container. In order to determine the safe point of an activity, we have to consider that there might be several safe interrupt points. One example is the activity “prepare patient” which has two safe interrupt points belonging to data elements “weight” and temperature” (Fig. 2). ”

Definition 7 (Activity Safe Point) Let {d1 , . . . , dk } be the set of data elements (continously) written by activity n ∈ N (i.e., ∃ (n, di , w) ∈ DataE, i = 1, . . . , k, w ∈ {write, continuous−write}). Let further dk 1 tdsaf e , . . . , tsaf e be the related safe interrupt points. dk 1 Then we denote tsaf e = max{tdsaf e , . . . , tsaf e } as the di safe point of n (if tsaf e = Undefined ∀ i = 1, . . . , k, tsaf e is set to Undefined as well). Thereby, tsaf e

corresponds to the time when n can be safely interrupted keeping its context. An activity n can be safely interrupted if all input data of subsequent activities of n are provided. Using the notion of activity safe point we can state a criterion based on which it is possible to decide whether a running activity can be safely interrupted or not. Criterion 1 (Interrupting a Running Activity by Keeping its Context) Let S be an extended WSM Net, let I be an instance on S, and let w ∈ {write, continuous-write} ⊂ NAccessMode. A node n ∈ N with N S S (n) = Running and safe point tsaf e can be safely interrupted at tinterrupt if one of the following conditions holds: • ∃(n, d, w) ∈ DataE • tsaf e 4 and a p value 0,700000) Factor 1 Factor 2 Factor 3 0,313813 0,226774 0,776441 0,069716 0,365983 0,676391 -0,06284 0,591424 -0,07712 -0,08924 -0,18102 -0,44036 -0,06792 0,097383 0,907184 0,26646 -0,09935 0,830615 0,420495 0,380441 0,401267 0,212596 0,240486 0,790361 0,169086 -0,05586 0,880694 0,118514 0,211158 -0,10157 0,587552 0,387134 0,208871 0,409986 0,031861 0,286064 0,027451 0,152493 0,797236 -0,13354 0,022294 0,808623 0,277521 0,082643 0,410776 -0,27323 0,614356 0,280418 3,09787 2,79531 2,6494 0,193617 0,174707 0,165587

4.5 Regression Analysis Analysing the GDP per 100 inhabitants, the investment in R&D per 100 inhabitants and the investment in software per 100 inhabitants in 1999, keeping each cluster together, conclusions of the cluster analysis are reinforced. The GDP per 100 inhabitants is higher among countries of cluster 1 then among countries of

Factor 4 0,217372 0,562182 0,283421 -0,63511 0,083256 0,016621 0,644132 -0,24583 0,315324 0,836123 0,46764 0,776305 0,277228 0,237529 0,779332 0,20938 3,733877 0,233367

cluster 2. The same conclusion follows the analysis of the investment in R&D and in Software per 100 inhabitants. The correlation between these three variables is high, as displayed in table 9 and shown in figure 6. The Investment in R&D, investment in Software, and the GDP are variables correlated.

Figures 3, 4 and 5 :GDP per 100 inhabitants, Investment in R&D per 100 inhabitants and investment in software per 100 inhabitants in US dollars, indexed to 1995. Data Source: OECD, Analysis by the authors.

Sustainable Development and Investment in Information Technologies R2 GDP

185

Table 9: R-squared values R&D investment Software investment 0,756 0,7742

Figure 6: GDP, Investment in software and in R&D per 100 inhabitants in US dollars, 1999, indexed to 1995 (GDP per 100 inhabitants presented in circles).

5 CONCLUSIONS AND FUTURE RESEARCH The conclusion about the hypothesis formulated is the following: A stronger effort of investment in IST creates a higher sustained development of a country – is confirmed. The temporal series analysis shows that there is a causal relationship between investment in R&D and productivity. The cluster analysis (figure2) shows that more developed countries have higher levels of investment in R&D and higher levels of productivity. The discriminant analysis shows that four variables are enough to classify countries according to their maturity of sustained development. From these four variables, one is an indicator of IST (investment in software) and the other a R&D indicator (number of patents). GDP is positively and strongly correlated with the level of investment in R&D and the level of investment in Software. More developed countries also show better figures of these three variably. Finally, the return, of the financial effort in R&D is not the same for all countries, showing the research the Japan is the country that profits faster its investments (7 years). However, several developments can improve their work. Future research should increase the time dimension of the analysis. The methodology should be applied to a different set of time periods of seven years, ten and twenty years. The type of variables can also be argued. An important difficulty, already mentioned by previous researchers (Byrd and

Marschall, 1997; Gurbaxani and Whang, 1991; Im et all 2001; Devaraj and Kohli, 2003; Pereira, 2004), was to select the significant socio-economic and technological variables. The use of variables describing in a even more robust way the sustainable development of a country, the productivity of a country and the state of the IST and R&D of a country, can complement future analysis. The contribution of this paper to the field is to confirm the importance of IST investments in the sustainable development of the countries. To summarise, this research concludes that IST and R&D variables should not be neglected by decision makers to achieve a sustainable development of a country.

REFERENCES Ackoff, R.L., (1967). “Management Misinformation Systems”, Management Science, 14, 4, B140-B156, December. Allen, D. (1997). “Where’s the Productivity Growth (from the information Technology Revolution)?”, Federal Reserve Bank of St. Louis Review, March/April, 79,2,15-25. Alpar, P. and Kim M. A. (1991). “Microeconomic Approach to the Measurement of Information Technology Value”, Journal of Management Information Systems, 7, 2, 55-69. Arrow (1962). “The Economic Implications of Learning by Doing”. Economic Studies, 29. Bauker, R. D. and Kauffman, R. J. (2004), “The Evolution of Research on Information Systems: a fiftieth- year

186 Survey of the Literature in Management Science”, Management Science, Vol. 50, nº 3. March 2004, pp. 281-298. Baily, M.N. and Gordon, R.J. (1998). “The Productivity Slowdown, Measurement Issues and the Explosion of Computer Power”. In Brainard, W.C. and Perry, G.L. (eds) Brookings Papers on Economic Activity, The Brookings Institution, Washington, DC, 347-431. Barua, A., Kriebel, C. H., Mukhopadhyay, T., (1991). “An Economic Analysis of Strategic Information Technology Investments”, MIS Quarterly, September, pp. 313-332. Barua, A., Kriebel, C. H., Mukhopadhyay, T., (1995). “Information Technologies and Business Value: An Analytic and Empirical Investigation”, Information Systems Research 6(1), pp. 3-23. Brynjolfsson, E. e Hitt, L. (1996). “Productivity, Business Profitability and Consumer Surplus: Three different measures of Information Technology Value”, MIS Quarterly, 20, 2, 121-142, June. Brynjolfsson, E. e Hitt, L., (1999). “Paradox Lost? Firm level evidence on the returns to Information Systems Spending”. In Willcocks, L. e Lester S. “Beyond the IT Productivity Paradox”, Wiley, pp. 39-68. Byrd, T. and Marshall, T. (1997). “Relating Information Technology Investment to Organizational Performance”. Omega, 25, 1, 43-56. Castells, M. (1997), “The End of the Millennium, The Information Age: Economy, Society and Culture”, Vol. III, Cambridge, MA, Backwell. Conlisk (1969). “A Neoclassical Growth Model with Endogenously Positioned Technical Change Frontiers”. Economic Journal, nº 79. David (1990). “The Dynamo and the Computer”. American Economic Review, nº 80. Devaraj, S. and Kohli (2003). “Performance Impacts of Information Technology: Is actual usage the missing link?”, Management Science, 49, 11-273-289. Grossman (1991). “Innovation and Growth in the Global Economy”. MIT Press. Gurbaxani, V. and Whang, S., (1991). “The impact of Information Systems on Organisations and Markets”, Communications of the ACM, 34, nº1, January. Im, K.S., Dow, K.E. e Grover V. (2001), “Research Report: A Reexamination of IT Investment and the Market Value of the Firm – an event study methodology”, Information Systems Research, Vol. 12, nº1, pp. 103-117. Jones (1995). “Time Series Tests of Endogenous Growth Models”. Quarterly Journal of Economics, 11; 27-32. Kraemer, K. and Dedrick, J. (1996). “IT and Economic Development: International Competitiveness”. In Dutton, W (ed.), Information and Communication Technologies. Oxford University Press, Oxford.

Manuel João Pereira et al. Kurdas (1994), “Theories of Technological Change and Investment”. John Wiley. Laudon, K., (1974). “Computers and Bureaucratic Reform”. New York: John Willey. Laudon, K., (1986). “The Dossier Society: value choices in the design of National Information Systems”. New York: Columbia University Press. Mckeen, J., Smith, H. and Parent, M. (1997). “Assessing the Value of Information Technology: the leverage effect”. Proceedings of the Fifth European Conference on Information Systems, Cork, June 9-12th , 11; 77-89. Nissen, H.E., Klein, H.K. and Hirscheim; R. (1998), “Information Systems Research: Contemporary Approaches and Emergent Traditions”. Amsterdam: North-Holland. OECD (2002), Technology and the Economy: Key Relationships. Orlikowski, W. J. (1996). “Improvising Organizational Transformation over time: A Situated Change Perspective”. Information Systems Research, Volume 7, Number 1, pp. 63-92. Pereira, M.J. (2004) “Impacts of information systems and technology on productivity and competitiveness of the Portuguese banking sector: an empirical study, International Transactions in Operational Research, Vol. 11, nº 9, January 2004, 11; 43-63. Phelps (1966). “Models of Technical Progress and the Golden Rule of Research”. Review of Economic Studies, 33. Porter, M. (1985). Competitive advantage of nations. New York: Free Press. Romer (1990), “Endogenous Technological Change”. Journal of Political Economy, 98. Shell (1967). “A Model of Innovative Activity and Capital Accumulation”, Essays on the Theory of Optimal Economic Growth, Conference Proceedings, 11; 1-29. Soete (1996). “Uncertainty and Technological Change”, Technology and Growth Conference Proceedings, 11; 27-39. Strassman, P. (1997). “The Squaudered Computer”. Information Economics Press, New Canaan. Tavares, L. (2003), “Engineering and Technology: 2000 – 2020; Foresight Challenges for Portugal”, Verbo. Uzawa (1965). “Optimum Technical Change in an Aggregate Model of Economic Growth”. International Economic Review ,6. Willcocks, L. and Lester S. (1999). “In Search of Information Technology Productivity: Assessment Issues”. In Willcocks, L. e Lester S. (eds.) “Beyond the IT Productivity Paradox”, Wiley, pp. 69-98. Young (1998). “Growth without Scale Effects”. Journal of Political Economy,106.

QUALITY OF SERVICE IN FLEXIBLE WORKFLOWS THROUGH PROCESS CONSTRAINTS Shazia Sadiq and Maria Orlowska School of Information Technology and Electrical Engineering The University of Queensland, St Lucia, Brisbane, Australia Email: {shazia, maria}@itee.uq.edu.au

Joe Lin and Wasim Sadiq SAP Research Centre, Brisbane, Australia Email: [email protected]; [email protected]

Keywords:

Flexible Workflows, Workflow Modelling, Process Constraints.

Abstract:

Workflow technology has delivered effectively for a large class of business processes, providing the requisite control and monitoring functions. At the same time, this technology has been the target of much criticism due to its limited ability to cope with dynamically changing business conditions which require business processes to be adapted frequently, and/or its limited ability to model business processes which cannot be entirely predefined. Requirements indicate the need for generic solutions where a balance between process control and flexibility may be achieved. In this paper we present a framework that allows the workflow to execute on the basis of a partially specified model where the full specification of the model is made at runtime, and may be unique to each instance. This framework is based on the notion of process constraints. Where as process constraints may be specified for any aspect of the workflow, such as structural, temporal, etc. our focus in this paper is on a constraint which allows dynamic selection of activities for inclusion in a given instance. We call these cardinality constraints, and this paper will discuss their specification and validation requirements.

Providing a workable balance between flexibility and control is indeed a challenge, especially if generic solutions are to be offered. Clearly there are parts of the process which need to be strictly controlled through fully predefined models. There can also be parts of the same process for which some level of flexibility must be offered, often because the process cannot be fully predefined due to lack of data at process design time. For example, in call centre responses, where customer inquiries and appropriate response cannot be completely predefined, or in higher education, where study paths resulting from individual student preferences cannot be entirely anticipated.

1 INTRODUCTION Process enforcement technologies have a dominant role in current enterprise systems development. It has been long established that automation of specific functions of enterprises will not provide the productivity gains for businesses unless support is provided for overall business process control and monitoring. Workflows have delivered effectively in this area for a class of business processes, but typical workflow systems have been under fire due to their lack of flexibility, i.e., their limited ability to adapt to changing business conditions. In the dynamic environment of e-business today, it is essential that technology supports the business to adapt to changing conditions. However, this flexibility cannot come at the price of process control, which remains an essential requirement of process enforcement technologies.

In general, a process model needs to be capable of capturing multiple perspectives (Jablonki & Bussler, 1996), in order to fully capture the business process. There are a number of proposals both from research and academia, as well as from industry on the modelling environment (language) that allows these perspectives to be adequately described. 187

C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 187–195. © 2006 Springer.

188

Different proposals offer different level of expressiveness in terms of these perspectives, see e.g. (Sadiq & Orlowska, 1999), (Casati et al 1995), (van der Aalst, 2003), although most focus on the control flow (what activities are performed and in what order). Basically these perspectives are intended to express the constraints under which the business process can be executed such that the targeted business goals can be effectively met. We see two fundamental classes of these constraints: Process level constraints: This constitutes the specification of what activities must be included within the process, and the flow dependencies within these activities including the control dependencies (such as sequence, alternative, parallel etc.) and temporal dependencies (such as relative deadlines). Activity level constraints: This constitutes the specification of various properties of the individual activities within the process, including activity resources (applications, roles and performers), data (produced and/or consumed), and time (duration and deadline constraints). In this paper, we focus on the flexible definition of process level constraints. We see the level of definition of these constraints along a continuum of specification There is the completely predefined model on one end, and the model with no predefinition on the other. Thus the former only has strong constraints (e.g. A and B are activities of a given process, and B must follow A), and the latter no constraints at all. The former extreme is too prescriptive and not conducive to dynamic business environments; and the latter extreme defeats the purpose of process enforcement, i.e. with insufficient constraints, the process goals may be compromised and quality of service for the process cannot be guaranteed. Finding the exact level of specificity along this continuum will mostly be domain dependent. However, technology support must be offered at a generic level. There is a need to provide a modelling environment wherein the level of specification can be chosen by the process designer such that the right balance between flexibility and control can be achieved. The work presented in this paper basically discusses flexible process definition for a particular class of constraints. In essence, a small number of constraints are specified at design time, but the process instances are allowed to follow a very large number of execution paths. As long as the given constraints are met, any execution path dynamically

Shazia Sadiq et al.

constructed at runtime is considered legal. This ensures flexible execution while maintaining a desired level of control through the specified constraints. In the following sections, we first present the modelling framework which allows flexible process definition. We will then present the details of the constraint specification and validation. In the remaining sections, we will present some background related work to appropriately position this work, and finally a summary of this work and its potential extensions.

2 MODELING FRAMEWORK The modelling framework required for the specification of process constraints is simple and has minimal impact on the underlying workflow management system. We assume that the underlying WFMS supports a typical graph-based process model and a state-based execution model. Such process models support typical constructs like sequence, fork, choice etc (Figure 1(a)), and activity execution is based on a finite state machine with typical states such as available, commenced, suspended, completed (Figure 1(b)).

Figure 1: (a) Process Model.

The workflow model (W) is defined through a directed graph consisting of nodes (N) and Flows (F). Flows show the control flow of the workflow. Thus W = is a Directed Graph where N: Finite Set of Nodes, F: Flow Relation F Ž N & N. Nodes are classified into tasks (T) and coordinators (C), where C ‰ T, C ˆ T = I. Task nodes represent atomic manual / automated activities or sub processes that must be performed to satisfy the underlying business process objectives. Coordinator nodes allow us to build control flow structures to manage the coordination requirements. Basic modelling structures supported through these coordinators include Sequence, Exclusive Or-Split (Choice), Exclusive Or-Join (Merge), And-Split (Fork), And-Join (Synchronizer), and explicit begin and end coordinators.

Quality of Service in Flexible Workflows Through Process Constraints

A process model will have several activities. An activity t  T is not a mere mode in the workflow graph, but has rich semantics which are defined through its properties, such as input and output data, temporal constraints, resources requirements etc. Initial

Available

Commenced

Completed

Suspended

Figure 1: (b) Activity Execution Model.

An instance within the workflow graph represents a particular case of the process. An instance type represents a set of instances that follow the same execution path within the workflow. Let i be an instance for W.  t  N, we define ActivityState(t, i) Æ {Initial, Available, Commenced, Completed, Suspened} We propose to extend the above environment with the following two functions: A design time function of constraint specification. To provide a facility to specify a pool of activities (including sub-processes) and associated constraints in addition to the core process model. These activities are allowed to be incorporated in the process at any time during execution, but under the given constraints. The core process defines the unnegotiable part of the process, and the pool of activities and associate constraints define the flexible part – thus attempting to strike a balance between flexibility and control. We associate with every process W, these two additional elements of specification, namely the pool of activities given by P, and a set of constraints given by C. The definition of the flexible workflow Wf is thus given by . A run time function of dynamic instance building. To allow the execution path of given instance(s) to be adapted in accordance with the particular requirements for that instance which become known only at runtime. Thus the process for a given instance can be dynamically built based on runtime knowledge, but within the specified constraint set C. In order to provide explicit terminology, we call the instance specification prior to building, an open

189

instance. The instance specification after building we call an instance template. Thus the instance template is a particular composition of the given activities within the flexible workflow Wf. The instance templates in turn have a schema-instance relationship with the underlying execution. In traditional terms, the instance template acts as the process model for the particular instance. Execution takes place with full enforcement of all coordination constraints as in a typical production workflow. However, template building is progressive. The process may be changed several times through the available pool of activities and associated constraints. As such the template remains open until the process has reached completion. The main feature of this approach is the utilization of the constraint set C. In previous work, we proposed the use of so called structural and containment constraints for flexible workflows (Sadiq et al, 2001), (Sadiq et al, 2004). The constraints belonging to the structural class impose restrictions on how activities can be composed in the templates. The constraints belonging to the containment class identify conditions under which combinations of activities can(not) be contained in the templates. For example serial is a type of structural constraint, where given activities must be executed serially, i.e. not concurrently. However the choice of order remains flexible and is determined by the user during the build. A practical example of a serial constraint can be found in healthcare. Pathologies and medical imaging labs need to schedule a large number of tests in different departments. A number of tests can be prescribed for a given patient e.g. blood test, X-Ray, ECG. These tests can be done in any order but only one at a time. A serial constraint on these activities will ensure this for a given patient or instance. In this paper, we introduce a new class of constraints for flexible workflows. We call these cardinality constraints. This new class is especially interesting, because it provides a new means of dealing with two well known challenges in workflow specification, namely n-out-of-m joins and implicit termination. In the sections below, we introduce the framework for the specification of cardinality constraints in flexible workflows. We will also present a means of validating the dynamically built instance (templates) against the specified constraints.

Shazia Sadiq et al.

190

3 CARDINALITY CONSTRAINTS Cardinality constraints basically define the set of tasks that must be executed within the process, to guarantee that intended process goals will be met. In other words, which tasks must essentially be executed for a process to be considered complete. The completion of W is explicit due to the presence of an end coordinator and also since the tasks within an instance type are pre-determined. However, completion of Wf is not explicit, since the user may make different selections at run time from the available pool of activities. To further explain this, we define the function Complete (W, i) Æ {True, False}, where Complete (W, i) = True iff  t  T, ActivityState(t, i) = Completed | Initial AND  t  T, ActivityState(t, i) = Completed Complete (Wf, i) = True iff Complete (W, i) = True AND  Pk Ž P, such that  t  Pk, ActivityState(t, i) = Completed The interesting question is, how to define the set of tasks that constitute Pk. This requires consideration at both the conceptual and implementation level. As an example, consider the tertiary education domain. Today’s student communities are constantly changing, with more and more part time, mature age and international students with a wide variety of educational, professional and cultural backgrounds. These students have diverse learning needs and styles. Where as degree programs are generally well defined in terms of overall process constraints, it is difficult to judge the quality of specific choices made by students. Tertiary programs often offer a diverse collection of courses that allow specialisation on various aspects of a program. The wide variety of valid combinations of courses that satisfy a particular program’s requirement indicates a high degree of flexibility. The study of a simple program structure was conducted. The program consisted of nine courses of compulsory material and a further three courses of elective material which are selected from a schedule of 14 available electives. This was found to yield a total of some 364 instance types, when considering also the sequence in which the courses can be taken. A further illustration considers a less structured program, such as Arts or Science, where some 20 to 30 courses are required from a schedule that can contain thousands of courses. A number of factors impact on the choices made by the students

including changing areas of interest, changing workload requirements and changing program rules. The multiplicity of valid combinations of courses that can be undertaken, and ensuring that these satisfy the requirements of programs, particularly where these requirements have changed during the duration of the student’s enrolment constitute a complex problem. Although academic courses are not currently deployed as workflow tasks in the typical sense, the appropriateness of workflow modelling concepts has been demonstrated (Sadiq & Orlowska, 2002). Academic courses equate to process tasks, these courses are interdependent and the academic program represents a long duration business process. At the same time, there is an inherent flexibility in these processes, required for diverse student requirements, which makes their modelling in traditional prescriptive process definition languages very difficult. In the sections below, we will demonstrate how the use of cardinality constraints within a flexible workflow modelling framework provides an elegant means of capturing the requirements of such processes. Furthermore, the presented framework also provides a simple means of ensuring that the specified constraints are met for a given instance, thus providing the essential validation support.

3.1 Specification The specification of the task set Pk that satisfies the completion condition for Wf can be done in three ways: 1. Providing a static set of mandatory tasks which must all be performed in a given instance. In this case, the flexibility is found only in when these tasks will be executed, not which ones. We call this constraint include. Specification on include is rather straightforward and can be made as include: Pk 2. Providing a set of tasks, together with a minimal cardinality for selection, that is at least n out of m tasks must be performed in a given instance. We call this constraint select. Specifying select is also simple and can be made by providing the set of tasks, together with an integer n, i.e. select: (P, n), where P is the available pool of activities for the flexible workflow. In this case Pk, is any subset of P where |Pk| = n 3. Providing a set of tasks, a minimal cardinality for selection, as well as prescribing some tasks as mandatory. Thus, at least n tasks must be preformed for a given instance, but this selection of n tasks must include the prescribed

Quality of Service in Flexible Workflows Through Process Constraints

mandatory tasks. We call this constraint minselect. Specifying minselect requires further consideration, which we present below. We first introduce the notion of a family of set A, as a collection of subsets of A. A notation to represent a family of set A is given by (A`, k; A) and is defined as follows: |A| = n A`ŽA such that |A`| = m, Let k be such that m+k d n, (A`, k; A) = { A`‰ B | B  2A\A` and |B| = k} (A`, k; A) represent a collection of subsets of set A, such that each member of the collection is composed from A` and B. To illustrate further, we present the following simple example: Let A = {a, b, c, d} and family F = (A`, k; A) where A` = {a, b} and k = 1, then F = {{a, b, c}, {a, b, d}} There are

§k · ¨¨ ¸¸ number of elemental ©n  m¹

subsets in the (A`, k; A) family. i.e. the cardinality of the family can be computed by |(A’, k; A)| = (n – m)!/k!(n – m – k)!. The notation of (A`, k; A) has the expressive power to represent a collection of subsets without listing every single one. Basically all members of (A`, k; A) family shares the common subset A` in the set, and the remaining subset is selected from the power set of the set difference A\A` where cardinality equals to k. Thus A’ represents the mandatory selection. Since the list of all elements within the (A`, k; A) family may become very large, modelling the minselect constraint as (A`, k; A), provides an effective means of capturing a large number of choices effectively. Thus specification of this constraint can be given as minselect: (P`, k; P), where P is the available pool of activities for the flexible workflow. For example, the higher education degree program referred to earlier has 14 courses to select from (n = 14, i.e. |A| = n), 9 of which are compulsory courses (m = 9, i.e. |A’| = 9), and with a requirement to take at least 12 courses, students can choose any three, or at least three from the remaining courses, which indicates k = 3.

191

3.2 Validation Once the flexible workflow has been defined, including the core process, pool of activities, and process constraints (which may include a number of structural, cardinality or other constraints), instances of the workflow may be created. Instance execution will take place as in typical workflow engines, until the time when a special purpose build function is invoked. This function basically allows the instance template to be modified. The next section will elaborate further on how the flexible workflow is managed by the WFMS. In this section we are interested in what happens, once the build function is invoked, and the instance template has been modified. Clearly the ability to modify the instance template on the fly provides the much desired flexibility. However, the question is, does the modification conform to the prescribed process constraints? Thus validating an instance template against a given set of constraints needs to be provided. In the context of cardinality constraints, this can be achieved as follows. In order to validate a dynamically built instance template, we have to ensure that all tasks in Pk are part of the node set of the newly defined instance template. This is required since the condition for completeness of an instance of Wf is dependent on the task set Pk. It can be observed that determining Pk in case of include and select constraints is a relatively straight forward procedure. In the case of minselect, Pk is defined as an element in the family of set P. That is, an instance i of Wf , for which a constraint of type minselect has been defined, can be guaranteed to complete satisfactorily under the following conditions: Complete (Wf, i) = True iff Complete (W, i) = True AND  Pk Ž P, such that Pk  (P`, k; P) AND  t  Pk, ActivityState(t, i) = Completed A very important question to ask is: what happens if we want to specify several cardinality constraints for the same workflow? Could potential conflicts or redundancy arise within the constraint set itself. If so, it must be resolved at design time, that is before any instance templates are built under that constraint set. A number of relationships may exist between constraints. For example two minselect constraints may be specified: minselect1: (P1’, k; P1) minselect2: (P2’, k; P2)

Shazia Sadiq et al.

192

where P1 and P2 are subsets of P, the given pool of activities for Wf. How do we reason with the constraint set when P1ˆ P2 I. The full scope of this reasoning is beyond the scope of this paper, however, (Lin & Orlowska, 2004), presents an investigation into dependencies between an arbitrary pair of (A’, k; A) families. Three relationships have been identified and analysed, namely Equivalent, Subsume and Imply. This reasoning provides the first step towards a complete analysis of the set of cardinality constraints, in particular minselect. Another important question to be asked is, when is the instance template validated against prescribed process constraints? Clearly, this must be done prior to the instance resuming execution. In the next section, we will provide a detailed view of the procedure to manage the flexible workflow Wf.

3.3 Managing Wf Below we explain the functions of the flexible workflow management system based on the concepts presented in this paper. The discussion is presented as a series of steps in the specification and deployment of an example process. Figure 2 provides an overview diagram of these steps and associated functions of the flexible workflow engine.

Process Verification Engine

Process Designer

A pplications / Users Creating Process Instances

1

4

2,7 6

Process Modeling Tool Constraints Validation Engine

Process Enactment Engine

3

7 8

6

6

Dynamic Instacne Builder

5,6

Step 1: The definition of the (flexible) workflow model takes place. The core process, pool of activities and associated constraints are defined. Step 2: The process is verified for structural errors. The validation of the given constraint set may also takes place at this time. Step 3: The process definition created above is uploaded to the workflow engine. This process model is now ready for deployment. Step 4: For each case of the process model, the user or application would create an instance of the process model. On instantiation, the engine creates a copy of the process definition and stores it as an instance template. This process instance is now ready for execution. Step 5: The available process activities of the newly created instance are assigned to performers (workflow users) through work lists and activity execution takes place as usual, until the instance needs to be dynamically adapted to particular requirements arising at runtime. Step 6: The knowledge worker or expert user, shown as the dynamic instance builder, will invoke a special build function, and undertake the task of dynamically adapting the instance template with available pool of activities, while guided by the specified constraint set. This revises the instance template. The build function is thus the key feature of this approach which requires extension of the typical WFMS functionality to include this additional feature. Essentially the build function is the capability to load and revise instance templates for active instances. Step 7: The next step is to verify the new template, to ensure that it conforms to the correctness properties of the language as well as the given constraints. Step 8: On satisfactory verification results the newly defined (or revised) instance template resumes execution. Execution will now continue as normal, until completion or until re-invocation of the build function, in which case steps 6-8 will be performed again.

Worklist Manager

5

Workitem Performers

Figure 2: Deployment of a Flexible Workflow.

4 RELATED WORK There have been several works reported in research literature that aim towards providing the necessary support for flexible workflows. So much so, that the term flexible workflows has become rather overloaded. It can range from process evolution, to dealing with workflow exceptions, to flexible modelling frameworks. We position this work in the area of flexible modelling frameworks.

Quality of Service in Flexible Workflows Through Process Constraints

Where as there has been substantial work on the first two aspects, namely process evolution, see e.g. (Ellis, Keddara and Rozenberg, 1995), (Joeris and Herzog, 1998), (Kradolfer and Geppert, 1999), (Sadiq, Marjanovic and Orlowska, 2000). and exception handling, see e.g. (Reichert and Dadam, 1998), (Casati and Pozzi, 1999). In the area of flexible workflow definition, the closest to our approach is the approach followed by rule-based workflows. (Knolmayer, Endl and Pfahrer, 2000), for example provides a rule based description of a business process and transforms it, by applying several refinement steps, to a set of structured rules which represent the business process at different levels of abstraction.. The underlying concept of developing a workflow specification from a set of rules describing the business processes is similar in principle to the work presented here. However the approach is primarily directed towards the development of coordinated processes that span enterprise boundaries by providing a layered approach that separates the transformation of business (sub-) processes and the derivation of workflow specifications and does not address the issue of catering for processes that cannot be completly predefined. Moving to the other end of our continuum for organisational processes that spans from highly specified and routine processes to highly unspecified and dynamic processes we acknowledge the significant work that has been performed in the coordination of collaboration intensive processes in the field of CSCW, see e.g. (Bogia and Kaplan, 1995). The complete relaxation of coordination, to support ad-hoc processes is not conducive to the processes targeted by our work. However, structured ad-hoc workflows, where patterns can be derived form the activities in the process as a result of underlying rules to achieve certain goals, have also been proposed (Han and Shim, 2000). This allows the workflow system to derive the workflow incrementally from workflow fragments and avoids the need to predefine the process prior to enactment. The completion of a structured ad-hoc workflow instance allows flows to be derived for other instances of workflows that share the same process rules. Although defining parts of a process incrementally rather than enacting on a predefining process is similar to the underlying assumption in our work. However the development of this concept to address the modeling of processes that cannot be eloquently predefined contains significant differences as a result of the rules being more explicit and consistent across instances. Rule based approaches that make use of inference mechanisms have also been proposed for

193

flexible workflows, (Abrahams, Eyers, and Bacon, 2002), (Kappel, Rausch-Schott, and Retschitzegger 2000), (Zeng et al, 2002). For example (Zeng et al, 2002) proposes PLM Flow, which provides a set of business inference rules designed to dynamically generate and execute workflow. The process definition in PLMflow is specified as business rule templates, which include backward-chain rules and forward-chain rules. PLM Flow is a task centric process model. The workflow schema is determined by inferring backward-chain and forward-chain tasks at runtime. Some researchers have also made use of agent technologies for flexible workflow definition e.g. ADEPT (Jennings et al, 2000), AgFlow (Zeng et al, 2001), and RSA (Debenham, 1998). We present brief summaries below. ADEPT provides a method for designing agentoriented business process management system. It demonstrates how a real-world application can be conceived of as a multi-agent system. AgFlow is an agent-based workflow system built upon a distributed system. The system contains a workflow specification model and the agent-based workflow architecture. The process definition is specify by defining the set of tasks and the workflow process tuple. The control flow aspects can be reflected in the task specific ECA rule. RSA is an experimental distributed agent-based system based on a 3-layer Believe-Desire-Intension (BDI) architecture, hence the process definition is reflected by the conceptual architecture of the system as a whole. Inspite of substantial interest from research communities, our study shows that industry acceptance of rule based approaches has been low. Most commercial products continue to provide much more visual languages for workflow specification. Often some variant of Petri-nets, these languages have the dual advantage of intuitive representation as well as verifiability. A key distinguishing feature of our approach from typical rule based approaches is that the the core process as well as the instance template can still be visualized in a graphical language, as well as be supported by essential verification.

5 CONCLUSIONS Difficulties in dealing with change in workflow systems has been one of the major factors limiting the deployment of workflow technology. At the same time, it is apparent that change is an inherent characteristic of today’s business processes. In this paper we present an approach that recognizes the

194

presence of change, and attempts to integrate the process of defining a change into the workflow process itself. Our basic idea is to provide a powerful means of capturing the logic of highly flexible processes without compromising the simplicity and genericity of the workflow specification language. This we accomplish through process constraints in workflow specifications, which allow workflow processes to be tailored to individual instances at runtime. Process constraints can be defined for a number of aspects of workflow specification, including selection of activities, as demonstrated in this paper. In addition to selection, they can be defined for structural, resource allocation, as well as temporal constraints for and between workflow activities. One can observe that the design of an appropriate means to facilitate the specification of process constraints is an interesting and challenging issue. Another interesting and beneficial outcome of the above approach is that ad-hoc modifications can also be provided through essentially the same functionality. Ad-hoc modification means that any unexecuted part of the instance template may be modified at runtime. This is possible since the workflow engine provides the facility to modify instance templates even in the absence of process constraints. However, it is important to point out that we advocate the approach using process constraints over ad-hoc modification because it provides greater control over allowable changes at runtime. The key feature of this approach is the ability to achieve a significantly large number of process models, from a relatively small number of constraints. Extensions to the constraint set may be envisaged, although it is arguable if such a complete and generic set can be found, and hence achieving flexibility still remains a matter of degree.

REFERENCES van Der Aalst, W. M. P., ter Hofstede, A. H. M., Kiepuszewski, B., Barros, A. P. Workflow Patterns, Distributed and Parallel Databases, vol.14 no.1, p.551, July 2003. Abrahams, A., Eyers, D., and Bacon, J. An asynchronous rule-based approach for business process automation using obligations. ACM SIGPLAN workshop on Rulebased programming, 2002. Casati, F., Ceri, S., Pernici, B., Pozzi, G. Conceptual Modeling of Workflows. Proceedings of the 14th International Conference on Object-Oriented and Entity-Relationship Modelling, vol. 1021 LNCS, pages: 341 – 354, Springer-Verlag, 1995.

Shazia Sadiq et al. Casati, F., Pozzi, G. Modeling Exception Behaviors in Commercial Workflow Management Systems. Proceedings of the Fourth IFCIS International Conference on Cooperative Information Systems (CoopIS99). Edinburgh, Scotland. Sep 2-4, 1999. Debenham, J. Constructing an Intelligent Multi-agent Workflow System. Lecturer Notes in Computer Science: vol. 1502, Springer Verlag, 1998, pp. 119 130. Ellis, S., Keddara, K., Rozenberg, G.. Dynamic Changes within Workflow Systems. Proceedings of ACM Conference on Organizational Computing Systems COOCS 95 (1995). Han, D. and Shim, J. Connector-oriented workflow system for the support of structured ad hoc workflow, Proceedings of the 33rd Hawaii International Conference on System Sciences. 2000 Herrmann, T. Evolving workflows by user-driven coordination, Proceedings of DCSCW, Munich, Germany, 102–114, September 2000 Jablonski, S., Bussler, C. Workflow ManagementModeling, Concepts, Architecture and Implementation, International Thomson Computer Press, 1996. Jennings, N. R., Faratin, P., T. Norman ,J., O'Brien, P., Odgers, B., and Alty, J. L. Implementing a Business Process Management System using ADEPT: a RealWorld Case Study. International Journal of Applied Artificial Intelligence, vol. 14, pp. 421--463, 2000 Joeris, G., Herzog, O.. Managing Evolving Workflow Specifications. Proceedings of the third IFCIS International Conference on Cooperative Information Systems (CoopIS 98). NewYork, USA. Aug (1998). Kappel, G., Rausch-Schott, S., and Retschitzegger, W. A Framework for Workflow Management Systems Based on Objects, Rules and Roles. ACM Computing Surveys, vol. 32, pp. 27 - 27, 2000. Knolmayer, G., Endl R. and Pfahrer, M. Modeling processes and workflows by business rules, van der Aalst W. et al. (Eds.) Business Process Management, LNCS 1806: 16–29. 2000 Kradolfer, M., Geppert, A.. Dynamic Workflow Schema Evolution based on Workflow Type Versioning and Workflow Migration. Proceedings of the Fourth IFCIS International Conference on Cooperative Information Systems (CoopIS99). Edinburgh, Scotland. Sep 2-4, 1999. Lin, J., Orlowska, M. A new class of constraints for business process modelling. School of Information Technology and Electrical Engineering, The University of Queensland. Technical Report No. 453. Nov 2004. Reichert, M., Dadam, P. ADEPTflex - Supporting Dynamic Changes of Workflow without loosing control. Journal of Intelligent Information Systems (JIIS), Special Issue on Workflow and Process Management 1998.

Quality of Service in Flexible Workflows Through Process Constraints Sadiq W., Orlowska, M. On capturing Process Requirements of Workflow Based Information Systems. Proceedings of the 3rd International Conference on Business Information Systems (BIS ’99), Poznan, Poland. April 14-16, 1999. Sadiq, S., Marjanovic, O., Orlowska, M. Managing Change and Time in Dynamic Workflow Processes. The International Journal of Cooperative Information Systems. Vol 9, Nos 1&2. March-June 2000. Sadiq, S., Sadiq, W., Orlowska, M. Pockets of Flexibility in Workflow Specifications. 20th International Conference on Conceptual Modeling, ER’2001, Yokohama Japan, 2001. Sadiq, S., Sadiq, W., Orlowska, M. Workflow Driven eLearning – Beyond Collaborative Environments.

195

Networked Learning in a Global Environment. Challenges and Solutions for Virtual Education. Berlin, Germany May 1 - 4, 2002. Sadiq, S., Sadiq, W., Orlowska, M. Specification and Validation of Process Constraints for Flexible Workflows. Information Systems (To appear). Zeng, L., Flaxer, D., Chang, H., and Jeng, J.. PLMflow: Dynamic Business Process Composition and Execution by Rule Inference. 3rd VLDB Workshop on Technologies for E-Services (TES'02), HongKong P.R.China, 24-25 Aug 2002. Zeng, L., Ngu, A., Bentallah, B., and O'Dell, M. "An agent-based approach for supporting cross-enterprise workflows," presented at 12th-Australasian-DatabaseConference.-ADC-2001, 2001.

REAL TIME DETECTION OF NOVEL ATTACKS BY MEANS OF DATA MINING TECHNIQUES ∗ Marcello Esposito, Claudio Mazzariello, Francesco Oliviero, Simon Pietro Romano and Carlo Sansone Dipartimento di Informatica e Sistemistica – Universit`a degli Studi di Napoli “Federico II” Via Claudio 21, 80125 Napoli (Italy) Email: {mesposit,cmazzari,folivier,spromano,carlosan}@unina.it

Keywords:

Intrusion Detection, Traffic Features.

Abstract:

Rule-based Intrusion Detection Systems (IDS) rely on a set of rules to discover attacks in network traffic. Such rules are usually hand-coded by a security administrator and statically detect one or few attack types: minor modifications of an attack may result in detection failures. For that reason, signature based classification is not the best technique to detect novel or slightly modified attacks. In this paper we approach this problem by extracting a set of features from network traffic and computing rules which are able to classify such traffic. Such techniques are usually employed in off line analysis, as they are very slow and resource-consuming. We want to assess the feasibility of a detection technique which combines the use of a common signature-based intrusion detection system and the deployment of a data mining technique. We will introduce the problem, describe the developed architecture and show some experimental results to demonstrate the usability of such a system.

1 INTRODUCTION

2

Security is one of the main concerns in the development of new technologies and services over the Internet. The most common and best known tools used to ensure security of companies, campuses and, more in general, of any network, are Firewalls and Antiviruses. Though famous and well known, such tools alone are not enough to protect a system from malicious activities. Basing one’s own site’s security on the deployment of these instruments relies on the idea that intrusion prevention will suffice in efficently assuring data availability, confidentiality and integrity. Indeed, an interesting idea about intrusions is that they will sooner or later happen, despite the security policy a network administrator deploys. Based on such assumption, the researchers started to develop instruments able to detect successful intrusions and, in some cases, trace back the path leading to the attack source. This is a more pessimistic, though much more realistic way to look at the problem of network security.

This work has many liaisons with both intrusion detection and data mining. As to the first research field, intrusion detection is the art of detecting inappropriate, incorrect or anomalous activity within a system, be it a single host or a whole network. An Intrusion Detection System (IDS) analyzes a data source and, after preprocessing the input, lets a detection engine decide, based on a set of classification criteria, whether the analyzed input instance is normal or anomalous, given a suitable behavior model. Intrusion Detection Systems can be grouped into three main categories: Networkbased Intrusion Detection Systems (N-IDS) (Vigna and Kemmerer, 1999), Host-based Intrusion Detection Systems (H-IDS) (Andersson, 1995) (Tyson, 2000) and Stack-based Intrusion Detection Systems (S-IDS) (Laing and Alderson, 2000). This classification depends on the information sources analyzed to detect an intrusive activity. An N-IDS analyzes packets captured directly from the network. By setting network cards in promiscuous mode, an IDS can monitor traffic in order to protect all of the hosts connected to a specified network segment. On the other hand, an H-IDS focuses on a single host’s activity: the system protects such a host by directly analyzing the audit trails or system logs produced by the host’s

∗ Research outlined in this paper is partially funded by the Ministero dell’Istruzione, dell’Universit`a e della Ricerca (MIUR) in the framework of the FIRB Project “Middleware for advanced services over large-scale, wiredwireless distributed systems (WEB-MINDS)”

RELATED WORK

197 C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 197–204. © 2006 Springer.

Marcello Esposito et al.

198 operating system. Finally, S-IDS are hybrid systems, which operate similarly to a N-IDS, but only analyze packets concerning a single host of the network. They monitor both inbound and outbound traffic, following each packet all the way up the TCP/IP protocol stack, thus allowing the IDS to pull the packet out of the stack even before any application or the operating systems process it. The load each IDS must afford is lower than the total traffic on the network, thus keeping the analysis overhead within reasonable bounds; hypothetically, each host on the network could run a S-IDS. Intrusion Detection Systems can be roughly classified (Figure 1) as belonging to two main groups as well, depending on the detection technique employed: anomaly detection and misuse detection (Bace, 2000). Both such techniques rely on the existence of a reliable characterization of what is normal and what is not, in a particular networking scenario. More precisely, anomaly detection techniques base their evaluations on a model of what is normal, and classify as anomalous all the events that fall outside such a model. Indeed, if an anomalous behavior is recognized, this does not necessarily imply that an attack activity has occurred: only few anomalies can be actually classified as attempts to compromise the security of the system. Thus, a relatively serious problem exists with anomaly detection techniques which generate a great amount of false alarms. On the other side, the primary advantage of anomaly detection is its intrinsic capability to discover novel attack types. Numerous approaches exist which determine the variation of an observed behavior from a normal one. A first approach is based on statistical techniques. The detector observes the activity of a subject (e.g. number of open files or TCP state transitions), and creates a profile representing its behavior. Every such profile is a set of “anomaly measures”. Statistical techniques can then be used to extract a scalar measure representing the overall anomaly level of the current behavior. The profile measure is thus compared with a threshold value to determine whether the examined behavior is anomalous or not. A second approach, named predictive pattern generation, is based on the assumption that an attack is characterized by a specific sequence, i.e. a pattern, of events. Hence, if a set of time-based rules describing the temporal evolution of the user’s normal activity exists, an anomalous behavior is detected in case the observed sequence of events significantly differs from a normal pattern. Misuse detection, also known as signature detection, is performed by classifying as attacks all the events conforming to a model of anomalous behavior. This technique is based on the assumption that an intrusive activity is characterized by a signature, i.e. a well-known pattern. Similarly to anomaly detection, misuse detection can use either statistical techniques

Figure 1: Approaches to Intrusion Detection.

or even a neural network approach to predict intrusions. Indeed, the rule-based approach is the most used to detect an attack (SNORT2 (Baker et al., 2004) and Bro3 (Paxson and Terney, 2004)). Intrusions are coded by means of a set of rules: as soon as the examined event matches one of the rules, an attack is detected. A drawback of this approach is that only wellknown intrusive activities can be detected, so that the system is vulnerable to novel aggressions; sometimes, few variations in an attack pattern may generate an intrusion that the IDS is not able to detect. The main problem related to both anomaly and misuse detection techniques resides in the encoded models, which define normal or malicious behaviors. Although some recent open source IDS, such as SNORT or Bro, provide mechanisms to write new rules that extend the detection ability of the system, such rules are usually hand-coded by a security administrator, representing a weakness in the definition of new normal or malicious behaviors. Recently, many research groups have focused their attention on the definition of systems able to automatically build a set of models. Data mining techniques are frequently applied to audit data in order to compute specific behavioral models (MADAM ID (Lee and Stolfo, 2000), ADAM (Barbara et al., 2001)). Coming to the second related research field, we recall that a data mining algorithm is referred to as the process of extracting specific models from a great amount of stored data (Fayyad et al., 1996). Machine learning or pattern recognition processes are usually exploited in order to realize this extraction (SLIPPER4 (Cohen and Singer, 1999)). These processes may be considered as off-line processes. In fact, all the techniques used to build intrusion detection models need a proper set of audit data. The information must be labelled as either “normal” or “attack” 2

http://www.snort.org http://www.bro-ids.org 4 http://www-2.cs.cmu.edu/∼wcohen/ slipper/ 3

Real Time Detection of Novel Attacks by Means of Data Mining Techniques in order to define the suitable behavioral models that represent these two different categories. Such audit data are quite complicated to obtain. The data set used for The Third International Knowledge Discovery and Data Mining Tools Competition, the 1999 KDD data5 (Lee and Stolfo, 2000)(Elkan, 2000), is probably the most well-known example of this kind of information, representing a processed version of the DARPA Intrusion Detection Evaluation Program database, collected and managed by the MIT Lincoln Laboratory. The DARPA database contains tcpdump data related to seven weeks of network traffic generated over a military emulated LAN. KDD is filled with five million connection records labelled as “normal” or “attack”.

3 RATIONALE AND MOTIVATION Strategies for non-punctual intrusion detection often do not take into account the concern of real-time processing of network traffic. Though, an effective IDS should be able to produce the analysis results in time to react and possibly activate countermeasures against malicious behaviors. The ability to detect an intrusion as soon as it occurs is mandatory for an IDS. The most common types of attacks, e.g. denial of service, can be very dangerous if they are not detected in time. Although some IDS store audit data for later analysis, most of them examine such data in real-time so that the system can perform the actions necessary in order to avoid serious problems. Commonly used N-IDS typically analyze packets captured from the network, finding in the current packet the signature of an attack in-progress. However, malicious activity cannot be detected by examining just a single packet: some types of attacks generate in a certain time interval a great amount of packets belonging to different sessions. Hence an efficient detection needs statistical parameters taking into account the temporal relation between sessions. As stated before, Stolfo et al. (Lee and Stolfo, 2000) have defined a set of connection features which summarize the temporal and statistical relations of the connections with reference to each other. These features have been used to create the connection records contained in the KDD database. Several data mining processes use these connection features to extract suitable behavioral models. Traffic model definition based on an off-line analysis does not consider the unavoidable problems of real-time computation of connection features. The data mining process operates on a database, in which 5

http://kdd.ics.uci.edu/

199

data can be organized in a suitable way in order to compute the features. In real-time intrusion detection, instead, the incoming packets do not contain all of the information needed to compute the connection features, but an appropriate system has to be implemented in order to compute relations among the existing connections. Moreover, off-line analysis does not consider the problem of potential packet losses in the IDS, which has to be taken into account in the case of real time analysis. Our research aims to develop a framework for realtime intrusion detection. The system we present should be capable to effectively detect intrusions and to operate under a variety of traffic conditions, thus providing an exploitable solution to the issue of realtime analysis. Anomaly detection proves to be the most suitable solution for our purpose, even though such technique has the well known drawback related to the relatively high number of false alarms raised. Our intrusion detection system can be classified as rule-based. Unfortunately the definition of a rule for every attack is not an efficient solution. On one hand, this approach is not able to detect novel attack patterns; on the other hand, the definition of new attacks has a negative impact both on the computation load and on the average time required to analyze every single packet (hence, the related packet loss problem). In order to overcome the above mentioned drawbacks, by using a set of parameters derived by Stolfo’s connection features — which cover a wide range of attack types — it is possible to adopt different data mining processes in order to characterize the attacks by means of different sets of rules. Summarizing the above considerations, with this work we are interested in the analysis of real-time intrusion detection. To this purpose, we will exploit data mining techniques to design a novel intrusion detection framework. We will present an implementation of the framework and evaluate i ts performance in a real network scenario, by focussing on two main performance figures: packets processing time and system resources needed to compute the connection features.

4

THE REFERENCE MODEL

In this section we present our framework for real-time intrusion detection. The overall model is composed of two parts: the former is the data mining process, which extracts behavioral models from pre-elaborated network traffic, and consists of a database of labelled connection features and a data mining algorithm; the latter is a real-time intrusion detection system which analyzes and classifies network traffic based on the models inferred (Figure 2). In particular, we execute

200

Marcello Esposito et al.

Figure 2: Reference Framework Model.

the off-line data mining process on a data set in order to extract a set of rules; such a set is then used in a real-time classification process deployed by the IDS that analyzes these pre-computed network data and compares it with informations evaluated by realtime network traffic. Data mining is part of a more complex KDD (Knowledge Discovery in Databases) process consisting of data analysis and discovery algorithms applied to a database in order to extract high level information — the patterns or the models — able to describe a subset of the data. The models can be applied to unknown data values in order to predict the right class to which they belong. As we emphasized in the previous section, such data mining processes operate on a set of data which has been organized in a suitable fashion (e.g. all the data are identified by a label which explicitly specifies the category they belong to). In order to implement an efficient classifier, it is important to define a suitable set of features to be extracted from the network traffic contained in the database. The greater the capability of the set of features to discriminate among different categories, the better the classifier. There are three levels at which feature sets may be defined: • The features may be referred to the single packet captured from the network: although this set is easy to compute, it is not able to detect all the potential attack types. • A set of features related to the entire session which the packet belongs to may be defined: this is due to the fact that some intrusions may be realized by means of a sequence of packets belonging to either the same connection or different connections.

• The computed set of features may perform a statistical analysis of the relation between the current session and the other ones: this is needed in order to capture intrusions which affect the interrelation among different sessions.

To cope with the aforementioned requirements, we have adopted a model descending from the one proposed by Stolfo. We are interested in TCP, UDP and ICMP traffic. Therefore, a clear definition of the term connection is necessary. For a TCP stream the connection can be defined, relying on the protocol specifications, as the collection of messages exchanged between a client process and a server process. For UDP and ICMP we considered each packet as a single, selfcontained connection. The features defined by Stolfo et al. can be classified in tree main groups: intrinsic features, content features, and traffic features. Intrinsic features specify general information on the current session, like the duration in seconds of the connection, the protocol type, the port number (i.e. the service), the number of bytes from the source to the destination, etc. (see Table 1). Table 1: Intrinsic Features connection duration (s) duration type of transport protocol protocol type port number on the server side service bytes from source to destination src bytes bytes from destination to source dst bytes flag status of the connection land land attack number of wrong fragments wrong fragment number of urgent packets urgent

The content features are related to the semantic content of connection payload: for example, they specify the number of failed login attempts, or the number of shell prompts (Table 2). Table 2: Content Features number of hot indicators hot number of failed login attempts failed logins logged in successfully logged in num compromised conditions compromised root shell is obtained root shell su root command attempted su file creations number of file creations shells number of shell prompts access files number of file accesses outbound commands in ftp outbound cmds the login belongs to the hot list hot login the login is a guest login guest login

The traffic features can be divided in two groups: the same host and the same service features. The same host features examine all the connections in the last two seconds to the same destination host as the one involved in the current connection. We also focus on the either the number of such connections, or the rate of connections that have a “SYN” error. Instead, the same service features examine all the connections in the last two seconds to the same destination service as the current one. These two feature sets are de-

Real Time Detection of Novel Attacks by Means of Data Mining Techniques fined time-based traffic features because they analyze all the events which have occurred in a time interval of two seconds (Table 3); some types of attacks, instead, as the slow probing, may occur every few minutes. Therefore these features might not be able to detect all the attack types. To this aim a new set of traffic features, called host-based, has been defined; same host and same service traffic features are also computed over a window of one hundred connections rather that over a time interval of two seconds. In our framework we will only adopt intrinsic and traffic features. Our purpose is to implement a network-based intrusion detection system, and we deem the content features more suitable for a host-based scenario. Thanks to the access to the operating system’s audit trails or system logs, an H-IDS is more efficient in the analysis of the execution of dangerous commands on a single host. The proposed real-time IDS architecture consists of three components: a sniffer, a processor, and a classifier. The sniffer is the lowest component of the architecture; connected directly to the network infrastucture, this module captures all the packets on the wire. Sniffing is made possible by setting the network card in promiscuous mode. Usually the sniffer also translates raw packets into a human-readable format. The processor component elaborates the packets captured from the sniffer in order to extract the needed set of features. The main issue of the features computation process is related to the need of keeping upto-date information about the current connection, as well as the other active sessions. We have to keep in memory a representation of the current network state in order to evaluate the statistical relations among the active connections. Data in memory have to be properly organized in order to reduce the features computation time. The classifier is the core of the architecture; this component analyzes the current connection features and classifies them. Based on the misuse detection approach, the process of classification uses a set of rules extracted by data mining algorithms. The features are compared against all the rules in the set; when the examined vector of features matches at least one rule, an intrusive action is detected. As to the connection data in the processor component, the rules may be organized in memory in a suitable way in order to reduce the time of analysis.

5

REAL-TIME IDS IMPLEMENTATION ISSUES

The implemented architecture addresses the main requirements of a real-time detection system: monitoring the network traffic in order to extract a set of features from it, as well as behavior classification based

201

on the extracted features. Monitoring, in particular, is the most challenging issue to face from the point of view of a real-time analysis. In our architecture, the monitoring system can be divided into two components: the sniffer that captures traffic from the network, and the processor that computes both the intrinsic and the traffic features. While in an off-line analysis features computation is simpler, since all the information about connections are stored in a database, in a real time analysis statistic measures have to be be computed every time a new packet is captured from the network (DFP, 2004). In order to extract features from the traffic, an effective processor must ensure two requirements: • it holds information about the state of the connection which the analyzed packet belongs to; • it holds comprehensive information about the traffic flows that have already been seen across the network. According to the definition proposed in the previous section, every packet can be considered as a single unit that is inserted in a more complex structure, namely the connection, and on which the features are computed. While neither UDP nor ICMP traffic requires a heavy load of computation, TCP traffic requires to emulate the TCP state diagram on both the client and the server sides and for every active connection. In particular, when a new packet is captured, the system retrieves information about the connection to which such a packet belongs and updates the connection state of both the client and the server based on the TCP protocol specifications. In order to compute the statistical relations, information on the past TCP, UDP and ICMP flows is required, including those connections which have been closed. Traffic features, in fact, are computed by analyzing all the connections (either active or expired) having similar characteristics — besides the destination IP address and/or the destination port — as the current one. Every connection has to be kept in memory until it is not needed anymore for other computations. Our architecture is implemented by means of the open-source N-IDS Snort; we have used this system as the base framework on top of which we have built our components. Snort is a lightweight network IDS created by Marty Roesch. Its architecture is made up of four main blocks: a sniffer, a preprocessor engine that pre-computes of captured packets, a rulebased detection engine, and a set of user output tools. Thanks to Snort’s modular design approach, it is possible to add new functionality to the system by means of program plugins. Moreover, Snort provides an efficient preprocessor plugin that reassembles TCP streams and can thus be used to recover the TCP connections status.

202

Marcello Esposito et al. Table 3: Time-Based Traffic Features Same Host number of connections to the same host count % of connections with SYN errors serror rate % of connections with REJ errors rerror rate % of connections to the same service same srv rate diff srv rate % of connections to different services Same Service number of connections to the same service srv count % of connections with SYN errors srv serror rate % of connections with REJ errors srv rerror rate srv diff host rate % of connections to different services

We have implemented a new preprocessor plugin which computes the connection features. The main issue we tackled has been the computation of the traffic features, which requires that a proper logical organization of the data is put into place in order to recover information about the past network traffic. Moreover, to assure that the real-time requirement of the system is met, a fast access to stored data is mandatory. As to the data structures, we have adopted a binary search tree. In the worse case this structure guarantees a performance comparable to that achievable with a linked list from the point of view of search time; performance further improves in case the tree is a static and well-balanced one. Unfortunately, our structure is not a static tree because the connections are not known in advance; though, a self-adjusting binary tree can be adopted in this case in order to balance a dynamic tree. We have used a Snort library of functions to manage the so-called Splay Trees. A Splay Tree is an elegant self-organizing data structure created by Sleator and Tarjan (Sleator and Tarjan, 1985): it actually is an ordered binary tree, in which an item is moved closer to the entry point — i. e. the tree root — whenever it is accessed, by means of a rotation of the item with the parent node. This makes it faster to access the most frequently used elements than the least frequently used ones, without sacrificing the efficiency of operations such as insert and search. With the above mentioned tree structure, we have implemented two trees, a Same Host Tree and a Same Service Tree to compute the same host and the same service traffic features, respectively. Every node in the tree is identified by the destination IP address in the first tree, or by the destination service in the second one. In this way, we want to store in the same node information about all the connections that share the same characteristics. In order to compute both the time-based and the host-based traffic features, for every node in the tree we have implemented two linked lists, one for each set. The linked lists contain information like source IP address and/or source port for all the connections that have been identified

and that have the same destination IP address and/or the same destination service (Figure 3). The elements of the list, one for every connection, are ordered in time: the first element is the oldest one, the last is the most recent.

Figure 3: Same-Host Tree Structure.

When a new packet is captured from the network, our preprocessor plugin first analyzes the protocol of the packet in order to identify the most appropriate procedure to compute intrinsic features. If the packet belongs to either a UDP or an ICMP traffic, the information required to compute intrinsic features is entirely contained in the packet. In case of TCP traffic, the procedure recovers the session which the packet belongs to in order to determine some crucial information, like the duration of the connection or the number of bytes sent along both directions of the stream, that cannot be directly inferred from the packet. Then, the procedure analyzes the destination IP address and the destination port to compute traffic features. Search operations are performed in both trees: if no preexisting node is found, a new one is created, and the traffic features relative to the current connection are initialized to zero. Otherwise, if a node is already in the tree, the procedure analyzes the two linked lists to compute the statistics for both time-based and host-based traffic features. Every element in the list is analyzed and the statistics are updated. During this process the elements that do not belong neither to a time interval of two seconds, nor

Real Time Detection of Novel Attacks by Means of Data Mining Techniques to a window of the latest one hundred connections are pruned off.

203

heavily loaded network, whose topology is drawn in Figure 6. Such a test is useful to assess the limits of applicability of our plugin, as well as to identify directions for future improvements.

6 TESTING THE APPROACH In this section we evaluate the performance overhead due to the operation of the IDS, pointing out the increase in CPU utilization and memory consumption with respect to the values observed while running Snort without our plugins. Our purpose is to show the affordability of real-time intrusion detection, by means of techniques which are usually employed in off-line analysis. We evaluate both CPU and memory overhead, as well as packet loss ratio. Such tests are deployed in two scenarios: in the former case, we build a testbed to emulate network traffic in a controlled environment; in the latter case, we analyze traffic flowing across the local network at Genova National Research Council (CNR). In this scenario, the most important results concern packet loss analysis. We show that the complexity increase due to the application of our detection techniques does not affect dramatically the percentage of lost packets. Thus we demonstrate the affordability of intrusion detection by means of such techniques. While working on the testbed, we consider the topology depicted in Figure 4.

Figure 4: Reference testbed.

In order to work in a totally controlled environment, we have to emulate the depicted scenario rather than working in a real network environment; for that purpose, we use another topology which just emulates the one depicted above, as drawn in Figure 5.

Figure 6: CNR Network Topology.

In table Table 4 we see the values of CPU overhead due to the use of Snort alone, versus Snort plus our plugins. The machine operating as IDS in the emulated traffic scenario is equipped with a 1GHz Pentium III CPU and an amount of 256MB RAM, running Mandrake Linux 9.1 as operating system, kernel version 2.4.19. In this case we can point out an almost unperceptible increase in memory consumption (Table 5). The doubling in CPU usage percentage, when using the modified version of Snort with respect to the case of Snort alone, is not such a negative result, since overall CPU usage is still low and under reasonable thresholds, also considering that we are using general purpose, not dedicated, hardware. Table 4: Average CPU Overhead Snort-2.1.0 Snort + Plugins 0.22% Emulated Traffic 0.12% 2.42% 1.16% CNR Traffic

The extensive test on CNR network also shows a slightly higher CPU usage for the modified version of Snort, still within the limit of 8% overhead. The machine acting as IDS is equipped with a 2GHz Pentium IV, 512MB RAM and RedHat Linux 8.0, using kernel 2.4.18.

Figure 5: A traffic emulation scenario.

Furthermore, we test the IDS using it on a real and

Table 5: Memory Overhead Snort-2.1.0 Snort + Plugins Emulated Traffic 1.69% 1.70% 9.46% 4.99% CNR Traffic

Marcello Esposito et al.

204

Forge6 , to hopefully receive feedback from users and to communicate and cooperate with the Snort community.

ACKNOWLEDGEMENTS We would like to thank Maurizio Aiello and the staff at CNR laboratory in Genova, Italy, for their cooperation and for providing us with part of the data as well as the equipment used for the tests. Figure 7: CPU Usage - CNR Network.

Once again it is worth pointing out that the results of our measures must be looked at under the perspective of the employment of non-dedicated hardware. Of course, the most interesting indication regards the packet loss ratio. To attain the best results in intrusion detection, the main requirement is not to lose any packets — no matter how much of the system resources we use — if affordable with the available hardware. Such result is sketched in Table 6. In the test deployed using emulated traffic, we notice an increase of less than 10% in packet loss with respect to the plain version of Snort, though the values are lower than the ones obtained by testing the system on a real network. This may be ascribed to the hardware used in the two cases: the setup used in the latter scenario is much more suitable than the one used in the former case. In both cases, anyway, we observe a very low increase in packet loss ratio, showing the feasibility of such a technique. Table 6: Packet Loss Snort-2.1.0 Snort + Plugins 0.42% Emulated Traffic 0.39% 0.16% 0.14% CNR Traffic

7 CONCLUSIONS AND FUTURE WORKS This paper shows how it is possible to combine realtime intrusion detection with data mining techniques, while at the same time keeping the system overhead under reasonable thresholds and containing the packet loss ratio within certain boundaries. Future development of this project will involve building rule sets and evaluating their detection capabilities. We may test rulesets computed with different algorithms which make use of various techniques. The work has also been published on Source-

REFERENCES (2004). Operation Experience with High-Volume Network Intrusion Detection. ACM. Andersson, D. (1995). Detecting usual program behavior using the statistical component of the next-generation intrusion detection expert system (nides). Technical report, Computer Science Laboratory. Bace, R. G. (2000). Intrusion Detection. Macmillan Technical Publishing. Baker, A. R., Caswell, B., and Poor, M. (2004). Snort 2.1 Intrusion Detection - Second Edition. Syngress. Barbara, D., Couto, J., Jajodia, S., Popyack, L., and Wu, N. (2001). Adam: Detecting intrusion by data mining. pages 11–16. IEEE. Workshop on Information Assurance and Security. Cohen, W. W. and Singer, Y. (1999). A simple, fast, and effective rule learner. Elkan, C. (2000). Results of the kdd99 classifier learning. In SIGKDD Explorations, volume 1, pages 63–64. ACM. Fayyad, U., Piatetsky-Shapiro, G., and Smyth, P. (1996). From data mining to knowledge discovery in databases. AI Magazine, pages 37–52. Laing, B. and Alderson, J. (2000). How to guide - implementing a network based intrusion detection system. Technical report, Internet Security Systems, Sovereign House, 57/59 Vaster Road, Reading. Lee, W. and Stolfo, S. J. (2000). A framework for constructing features and models for intrusion detection systems. ACM Transactions on Information and System Security (TISSEC), 3(4):227–261. Paxson, V. and Terney, B. (2004). Bro reference manual. Sleator, D. and Tarjan, R. (1985). Self Adjusting Binary Search Trees. Journal of the ACM, 32(3). Tyson, M. (2000). Derbi: Diagnosys explanation and recovery from computer break-ins. Technical report. Vigna, G. and Kemmerer, R. (1999). Netstat: a network based intrusion detection system. Journal of Computer Security, 7(1). 6 http://sourceforge.net/projects/ s-predator

PART 4

Software Agents and Internet Computing

GENERIC FAULT-TOLERANT LAYER SUPPORTING PUBLISH/SUBSCRIBE MESSAGING IN MOBILE AGENT SYSTEMS

Milovan Tosic and Arkady Zaslavsky School of Computer Science and Software Engineering, Monash University, 900 Dandenong Road Caulfield East, Victoria 3145, Australia Email: [email protected], [email protected]

Keywords:

Reliability, Fault-tolerance, Agents, Multi-agent Systems, Publish/Subscribe Messaging, Web-services.

Abstract:

With the introduction of clustered messaging brokers and the fault-tolerant Mobile Connector, we can guarantee the exactly-once consumption of messages by agents. The context-aware messaging allowed us to decrease the messaging overhead which has to be present in any fault-tolerant solution. This paper proposes a complete fault-tolerant layer for multi-agent systems (EFTL) that does not restrict agent autonomy and mobility in any way. An application can choose if it wants EFTL support and that decision is based on support costs. A persistent publish/subscribe messaging model allows the creation of an external platformindependent fault-tolerant layer. In order to support the multi-agent platforms of different vendors, a large part of the application logic is moved from those platforms to an application server. We present the EFTL system architecture, the algorithm of exactly-once message consumption and the system’s performance analysis.

performance of its agents and hosts. On the other hand, not all the entities within a system have the same level of importance, so the failure of some entities might not cause the failure of the whole system. That is why fault-tolerant approaches can ignore some failures in order to lower the cost of a fault-tolerant solution. Another category that can cause a failure of the system is communication. Knowing that the achievement of a goal usually depends on cooperation between the agents, we can conclude that any fault of a communication subsystem can produce the difference between the real and expected outcomes of a system. Agent migration between the hosts can be viewed as a special type of communication because many agent platforms use the same mechanisms for message and agent transfer. If an agent is lost during transmission from one host to another, then it is not an agent failure but a migration failure. The persistent publish/subscribe messaging model allows the creation of an external platformindependent fault-tolerant support system. The most important part of any distributed fault-tolerant support system is its messaging subsystem. With the

1 INTRODUCTION The use of web-services in many domains of distributed computing has proven its effectiveness. However, the research community has not paid a lot of attention to the application of web-services in domain-independent fault-tolerant support systems. Our External Fault-Tolerant Layer (EFTL) introduces a new dimension in this research area – moving the components of the fault-tolerant system out of the multi-agent platforms using standard tools, web-services and messaging brokers. Moreover, an application or an agent can choose if it wants EFTL support and that decision is based on support costs. The most important factors which can affect reliability of multi-agent systems are related to the reliability levels of their components. Multi-agent systems are comprised of different entities where the most important ones are the agents and agent hosts. In regard to the basic systems theory, the performance of the whole system and its outputs depends on the actions and performance of its entities. That means that the performance of the complete multi-agent system depends on the 207

C.-S. Chen et al. (Eds.), Enterprise Information Systems VII, 207–214. © 2006 Springer.

208

introduction of clustered messaging brokers and the fault-tolerant Mobile Connector, we can guarantee the exactly-once consumption of messages by agents. The Mobile Connector is a lightweight platform-independent component which does not restrict agent autonomy and mobility. This paper is organized as follows: firstly, we shall present related work from the area of multiagent system reliability. Then, we shall explain the reliability model which has been used in our research and describe the architecture of the External Fault-Tolerant Layer (EFTL) with focus on the Mobile Connector component. After that, we shall present a few scenarios in EFTL functioning and explain what needs to be done to develop an application that will be supported by EFTL. The last sections of this paper will present performance analysis of EFTL, the conclusions and motivations for future work.

2 RELATED WORK A group of authors proposed checkpointing as a good procedure which saves agent states to a persistent storage medium at certain time intervals. Later, if an agent fails, its state can be reconstructed from the latest checkpoint (Dalmeijer et al, 1998). This approach depends on the reliability of the host because we have the so-called blocking problem when the host fails. The agents which have been saved at a particular host can be recovered only after the recovery of that host (Mohindra et al, 2000). The second approach that tries to ensure an agent’s reliability is replication. In this approach, there are groups of agents which exist as replicas of one agent, and can be chosen to act as the main agent in case of its failure. The number of agents is increased and they have to cooperate so the complexity of the system is also increased. In order to preserve the same view to the environment from all the members of the replica group, (Fedoruk, Deters, 2002) have proposed the concept of a group proxy, which is an agent acting as proxy through which all the interactions between the group and the environment have to pass. When the proxy agent approach is broadened with the primary agent concept, in (Taesoon et al, 2002) and (Zhigang, Binxing, 2000), then the primary agent is the only one which does all the computations until its failure. Then all the slaves vote in another primary agent from their group. Therefore, any slave agent can become a primary. In order to watch the execution of an agent from an external entity, (Eustace et al, 1994), (Patel, Garg, 2004) and (Lyu, Wong, 2004) have proposed the usage of supervisor and executor agents. The

Milovan Tosic and Arkady Zaslavsky

supervisor agents watch the execution of the problem-solving agents and detect all the conditions which can lead to, or are, the failures, and react upon detected conditions. Hosts can also be used as the components of a fault-tolerant system (Dake, 2002). Basic services which are provided by the hosts can be extended by certain services which help the agents achieve a desirable level of reliability. Depending on the implementation of the faulttolerant system, it cannot cope with all kinds of failures. That is why some systems do not even try to recover from certain types of failures. In order to determine the feasibility of the recovery, (Grantner et al, 1997) proposed the usage of fuzzy logic. Moving on to the recovery of an agent host, if the state of the host has not been saved to a persistent storage medium, we can simply restart the host. Then, if a host is very important for the functioning of the whole agent platform, we can replicate it (Bellifemine et al, 2003). If our agents used the transaction-based approach which relied on the services provided by the host and not by an underlying application server or a database, then the host is the one which has to undo all the uncommitted actions after its restart (Patel, Garg, 2004). In order to deliver a message to an agent, we have to track the agent’s location to determine where to forward the message. The authors have proposed different solutions, such as the registration of the agent locations at some central entity (Moreau, 2002) or the usage of the forwarding pointers principle (Zhou et al, 2003). Then, when we know the exact location of the agent, we have to deliver the message. Two main delivery principles have been specified in (Cao et al, 2002). In the “push” principle, we have to interfere with an agent’s autonomy and to constrain its mobility until we deliver the messages to it. In the “pull” principle, the agent is the one which decides when it wants to receive messages, and which messages it wants to receive. (Cao et al, 2004) have proposed the mailbox as a separate entity that is also mobile and moves to be at the same host as its agent or somewhere close to that host. The benefits of the publish/subscribe messaging model in mobile computing have been presented in (Padovitz et al, 2003). Their approach specifically concentrates on context-aware messaging, where an agent can subscribe to receive only the messages which satisfy its subscription filter. This solution leads us to a highly effective notification mechanism for the mobile agents. Another communication problem, the inaccessibility in the case of, for example, network fragmentation can be solved using the doubler agents, presented in (Pechoucek et al., 2003).

Generic Fault-tolerant Layer Supporting Publish/subscribe Messaging in Mobile Agent Systems

Multicasting is the delivery of the same message to multiple receivers, and is often described by the “all or none” principle. Researchers usually used the two-phase commit protocol to solve this problem, as in (Macedo, Silva, 2002).

3 RELIABILITY MODEL The reliability of multi-agent systems has to be measured differently from the reliability of other conventional distributed systems. Since almost all multi-agent systems share characteristics such as network fragmentation, component autonomy and mobility, then standard factors of reliability, like system availability, cannot be applied to them. Therefore, we have to find another reliability model able to describe the events which can cause multiagent system failures and allow us to evaluate our research achievements. As described in (Luy, Wong, 2004), reliability in multi-agent systems can be evaluated by measuring the reliability of each individual agent on a more general level. From the viewpoint of the whole system, each agent can either successfully complete its tasks or fail to do so. Therefore, the reliability of the whole system depends on the percentage of agents which managed to achieve their goals. The same authors proposed that the agent tasks should be defined as scheduled round-trips in a network of agent hosts. In order to evaluate reliability, we can assume that the agents and agent hosts are prone to different types of failures. The agents can die unexpectedly or become non-responsive. A host can die and cause the failures of all the agents which resided on it at the moment of its death. Only the agent which managed to arrive at the final host and which has a state consistent with the states of all the other successful agents can be considered a successful finisher.

209

operations which EFTL has to perform on an agent or agent platform. Those operations include the control of an agent’s life cycle and listening to the platform-wide events which are important from a reliability perspective. The Platform Listener is not deployed at any agent host prior to EFTL execution time. The usage of a web-server allowed us to decouple the agent platform and the Platform Listener. It is installed by the Reliable Agent Layer only when EFTL decides that the listener functionality is needed. The Reliable Agent Layer downloads a Platform Listener class from a web-server and deploys it at an agent host. The costs of EFTL support can be expressed in monetary terms or system resources that have to be used for the functioning of EFTL. An application or an agent can decide whether those costs are acceptable in line with the additional reliability that EFTL provides. Our fault-tolerant solution employs a persistent publish/subscribe messaging model. It was the premise that allowed us to develop an almost completely external and platform-independent system. With the introduction of clustered messaging brokers and the fault-tolerant Mobile Connector, we can guarantee the exactly-once consumption of messages by the agents.

4 DESIGN OF EFTL EFTL (External Fault-Tolerant Layer) is an application-independent fault-tolerant layer that provides multi-agent systems with extra reliability features. The system diagram is presented in Figure 1. In order to support multi-agent platforms from different vendors, a large part of application logic is moved from those platforms to the application, web and messaging servers. The only platform-dependent components are the Reliable Agent Layer and the Platform Listener. They support only the basic

Figure 1: EFTL Architecture.

4.1 The Mobile Connector After an agent registers with EFTL, it obtains the credentials needed to make subscriptions or to publish a message to a message topic. The Mobile Connector is a facility that allows agents to communicate independently to the changes in their

Milovan Tosic and Arkady Zaslavsky

210

life cycles. It defines message selectors which can be used to allow context-aware messaging within a multi-agent platform. The Mobile Connector is used to subscribe and/or publish to a message topic. If a messagereceiving acknowledgement does not reach the message broker, due to link problems, then the message is resent. The agent would receive another copy of the same message. To enforce the exactlyonce property, every message published in EFTL is uniquely numbered. This allows the Mobile Connector to discard messages which have already been consumed. This process can be represented by the following pseudo-code: while(subscribed to a topic) begin wait for next message; receive message; read unique MsgID; if(MsgID