Keywords:

Keywords:
Astract: Standardized business documents are a prerequisite for successful information exchange in electronic business transactions. The United Nations Centre for Trade Facilitation and eBusiness (UN/CEFACT) provides a conceptual modeling approach, called Core Components, used by Business Partners (BPs) for defining business document models (BDMs). These BDMs are essential for defining service interfaces in service-oriented systems. However, in such a highly dynamic environment with ever-changing market demands, BPs are confronted with the need to revise their BDMs resulting in new versions of BDMs. Furthermore, BPs may dictate the use of new versions of BDMs. However, small- and medium-sized enterprises (SMEs) may not always adopt new BDM versions due to the cost and effort involved, inhibiting electronic information exchange. In this paper, we present a framework for dealing with interoperability issues in service-oriented systems through providing BPs with Business Document Interoperability as a Service. Having such a framework at hand provides SMEs with a low-cost and light-weight approach for dealing with evolving market requirements and hence evolving business documents. Furthermore, we present a prototypical implementation as well as an evaluation of the framework proposed.

Keywords:
Astract: Electronic Data Interchange (EDI) is based on the standardization of business document types. Usually, a standard business document type is defined in an all-embracing manner covering all elements needed in any business context, such as geopolitical context, industry context, and others. Before exchanging business documents in a particular business context, business partners have to agree on an implementation guide resulting in a subset of the standard document type. Different subsets of a standard document type may also be considered as variants of the standard document type. Since no agreed methodology for building variants of standard documents types exists, the domain of EDI may learn from Software Engineering. In fact, we are facing the need for managing variants which is typically addressed in Software Configuration Management. In this position paper, we propose utilizing concepts from Product Line Engineering (PLE) for managing variability in business document models. Therefore, we present the challenges encountered in managing variability in business documents. Furthermore, we provide a profound discussion why concepts from PLE are promising for managing business document variants.

Keywords:
Astract: The United Nations Centre for Trace Facilitation and eBusiness (UN/CEFACT) provides a conceptual approach named Core Components for defining business document types based on generic, reusable building blocks. For facilitating interoperability in Electronic Data Interchange, these reusable building blocks are defined in an all-embracing manner. Accordingly, business partners customize the standard business document types for fitting their needs and requirements, resulting in different business document type variants. However, the approach is missing sufficient mechanisms for managing business document model variants. First, customizing standardized business document types is purely based on a textual specification. Second, the variability present within the Core Component approach lacks an explicit representation. In this paper, we aim at making variability explicit as well as adding a formal aspect to the business document type customization process by employing variability concepts from Product Line Engineering. Furthermore, based on having explicit variability models, business partners are provided with an approach for customizing business document types through configuring variability models.

Keywords:
Astract: Despite standardization efforts the seamless exchange of business documents often poses a problem, due to a large number of different formats. Also, there may be several standards initiatives in the same business domain, all equally important. Consequently, transformation between various document formats on the instance layer becomes necessary. To ease the implementation of transformers we propose an XSLT-based generation framework that allows for bidirectional transformations. Furthermore, we rely on Core Components as an intermediary format. As a proof of concept we developed a prototype based on the open source tool named VIENNA Add-In.

Keywords:
Astract: The United Nations Centre for Trade Facilitation and Electronic Commerce provides a conceptual approach named Core Components for defining business document models based on reusable building blocks. For the application in concrete business scenarios, these building blocks need customizing, resulting in different variants of business document models. In previous work we have proven the application of concepts from Model-Driven Product Line Engineering to manage the resulting business document model variants. However, due to the highly dynamic environment of electronic commerce with ever-changing market requirements, business document models evolve over time. This adds another dimension of variability to the problem domain leading to complex evolution scenarios. In this paper, we define evolution patterns for capturing the different types of evolution present in the context of business document model variants. Having such patterns at hand, makes the different types of evolution in business document models more tangible.

Keywords:
Astract: Crowdsourcing has emerged as an important paradigm in human-problem solving techniques on the Web. One application of crowdsourcing is to outsource certain tasks to the crowd that are difficult to implement as solutions based on software services only. Another benefit of crowdsourcing is the on-demand allocation of a flexible workforce. Businesses may outsource certain tasks to the crowd based on workload variations. The paper addresses the monitoring of crowd members´characteristics and the effective use of monitored data to improve the quality of work. Here we propose the extensions of standards such as Web Service Level Agreement (WSLA) to settle quality guarantees between crowd consumers and the crowdsourcing platform. Based on negotiated agreements, we provide a skill-based crowd scheduling algorithm. We evaluate our approach through simulations.

Keywords:
Astract: Since several years the number of VoIP (Voice over IP) infrastructures increases and, consequently, the number of VoIP users increases too. Under these circumstances VoIP systems get more and more attractive for attackers, since the probability of successful attacks increases and attackers gain benefits, e.g., money with fee-based telephone numbers. Therefore, this paper describes a solution to capture, monitor and report VoIP attacks to gain more knowledge on current and new VoIP attacks.

Keywords:
Astract: Security testing is an important and at the same time also expensive task for developing robust and secure systems. Test automation can reduce costs of security tests and increase test coverage and, therefore, increase the number of detected security issues during development. A common data format as the basis for specific test cases ensures that the implementation of the generation logic for security test data is only needed once and can be used for various data formats by transforming the data to the common data format, generating the test data and transforming back to the original data format. The introduced approach enables to generate test data for various formats using a single implementation of the generation algorithm and applying the results for specific test cases in different data formats.

Keywords:
Astract: VoIP (Voice over IP) systems more and more replacing PSTN (Public Switched Telephone Network) infrastructureswhat increases dependency of available and secure VoIP systems for successful business. Attacks against VoIP systems are becoming more imaginative and many attacks can cause damage, e.g., gain money for attackers or create costs for the victim. Therefore, in this paper the current security status of VoIP systems are described with observations of VoIP attacks in a honeynet. The achieved results can help to adapt existing prevention system to avoid the recognized and analyzed attacks in a productive environment.