一种给定脆弱性环境下的安全措施效用评估模型

评估信息系统安全措施效用是改进系统信息安全绩效的一条重要途径.传统方法在评估安全措施效用时并没有考虑业务数据流、攻击流和安全措施要素之间的相互作用和影响,无法保证评估过程和结果的有效性.提出了一种给定脆弱性环境下的信息系统安全措施效用评估方法,应用颜色Petri网为系统业务数据流、攻击流和安全措施要素进行统一建模.通过设计节点间脆弱性利用图生成算法和改进的Dijkstra算法识别所有可能破坏信息系统安全属性的最短攻击路径,使用层次评价模型评估系统安全措施的效用.给出了一种基于多属性决策的系统最优信息安全效用提升方案选择算法.改善评估过程对人员主观经验的依赖问题,有助于保证评估结果的一致性和可追溯性.以一个具体的Web业务系统为例进行实验,验证了所提出的模型和方法的正确性和有效性.     

Efficiency Evaluation Model of System Security Measures in the Given Vulnerabilities Set

评估信息系统安全措施效用是改进系统信息安全绩效的一条重要途径.传统方法在评估安全措施效用时并没有考虑业务数据流、攻击流和安全措施要素之间的相互作用和影响,无法保证评估过程和结果的有效性.提出了一种给定脆弱性环境下的信息系统安全措施效用评估方法,应用颜色Petri网为系统业务数据流、攻击流和安全措施要素进行统一建模.通过设计节点间脆弱性利用图生成算法和改进的Dijkstra算法识别所有可能破坏信息系统安全属性的最短攻击路径,使用层次评价模型评估系统安全措施的效用.给出了一种基于多属性决策的系统最优信息安全效用提升方案选择算法.改善评估过程对人员主观经验的依赖问题,有助于保证评估结果的一致性和可追溯性.以一个具体的Web业务系统为例进行实验,验证了所提出的模型和方法的正确性和有效性.     

运用UML对基于J2EE的Web应用系统建模研究

构建基于J2EE的Web应用系统是当前的热点,UML是用于建立面向对象系统模型的标准建模语言,如何运用UML对Web应用系统建模是一个新的研究方向.阐述了结合使用J2EE和UML的原因以及如何运用UML实现对J2EE的建模表示,探讨了运用UML对基于J2EE的Web应用系统建模的一般过程和方法,并结合一个网上拍卖系统的建模实例,详细说明了其建模过程和建模方法.通过对Web应用系统建模,可以有效地保证Web应用系统开发的质量.     

基于UML面向对象的办公信息系统设计与实现

UML是一种面向对象的建模语言，广泛应用于基于面向对象的软件开发过程中。本文以办公信息系统为背景，讨论了采用UML进行办公信息系统设计与开发的优势，并根据UML建模原理，分别建立了系统的对象模型、动态模型和系统功能模型，并完成了系统的开发与应用。     

论信息系统的开发与建模

文章分析了系统建模在信息系统开发中的作用和重要性,指出了几种常用模型的不足,提出了一种集成的系统建模观点,即功能建模、行为建模和结构建模,并从系统开发角度增加了系统性能模型,汉期对信息系统开发的全过程进行全方位的抽象和支持．     

深圳市征收地拆迁自动评估信息系统的研制

研究目的:开发深圳市征收地和房屋拆迁补偿自动评估信息系统,提高拆迁补偿评估工作效率和成果质量。研究方法:以自动评估模型为基础,应用计算机技术,建立深圳市征收地拆迁自动评估信息系统总体架构。研究结果:明确深圳市征收地拆迁自动评估信息系统研究和开发的背景、目标、内容及系统的总体设计思路,基于统一的数据库和软件平台,实现不同类型评估业务的系统功能集成和评估工作的自动化。研究结论:系统实现对保障城市征收地拆迁补偿评估结果的客观、公正和合理性提供了有益探索。     

基于UML的电子商务在线销售系统分析与设计

随着面向对象技术的不断发展,利用面向对象思想进行系统建模,已成为当前软件项目开发的主流。本文针对运用UML进行信息系统建模的过程以及模型的选择进行研究,并结合UML系统建模的优势,以电子商务在线购物系统为例,给出基于UML的信息系统建模的完整实现过程。     

基于Petri网的安全免疫态势建模与预测

针对采用人工免疫机制的信息系统,为了简化其攻防博弈建模过程并对有限时间内的博弈结果进行预测,本文基于Petri网提出了信息系统安全态势评估网,对信息系统人工免疫过程的攻击态势和防御态势进行了建模,并针对所建立的模型讨论了系统攻防博弈结果的分析方法,能够支持对采用人工免疫机制的信息系统将在何时以何种概率防御成功或失败的结果进行预测,拓展了安全态势预测的思路和预测内容。经过仿真验证分析,证明所建模型在结构上无死锁、有界、竞争公平,在态势预测方面能够达到较好的预测效果。     

知识建模的清洗模型研究

数据清洗是保证数据质量的实用方法,但是如何实施灵活的和有效的数据清洗一直是研究的难点.基于此,提出了知识建模的数据清洗来保证数据质量的有效方法.依据清洗系统的现状分析,首先给出了静态库、动态库和静态清洗系统、动态清洗系统的相关概念;然后提出了知识建模的清洗模型,并给出了模型的具体设计和实现过程.最后通过使用知识建模的清洗模型,应用企业信用数据交换系统作为实验,验证了它的灵活性和有效性,保证了数据质量.     

基于模糊UML的装备保障知识建模方法

装备保障业务需求建模是装备保障信息系统研发的重要环节,准确描述业务概念和关系是获取高质量需求分析产品的重要前提。然而,该业务领域中用户目标、业务效果等核心要素常包含模糊或不确定信息,容易引发系统研发各方的需求理解偏差,从而给系统后期的设计、开发带来巨大隐患。针对上述问题,首先从装备保障领域知识建模出发,挖掘本领域核心知识,构成装备保障领域知识本体,在此基础上借助UML建模语言MOF层扩展机制,引入模糊评估属性和建模元素,进而形成一种可用于该领域信息系统业务建模分析的领域特定建模语言。该建模语言对领域内存在的明确和模糊需求信息同样具有良好的表达能力,便于系统研发各方在信息系统需求分析阶段达成共识,进而为准确捕捉装备保障业务需求提供技术支持。     

A methodology for learning across application domains for databasedesign systems

Although database design tools have been developed that attempt to automate (or semiautomate) the design process, these tools do not have the capability to capture common sense knowledge about business applications and store it in a context-specific manner. As a result, they rely on the user to provide a great deal of "trivial" details and do not function as well as a human designer who usually has some general knowledge of how an application might work based on his or her common sense knowledge of the real world. Common sense knowledge could be used by a database design system to validate and improve the quality of an existing design or even generate new designs. This requires that context-specific information about different database design applications be stored and generalized into information about specific application domains (e.g., pharmacy, daycare, hospital, university, manufacturing). Such information should be stored at the appropriate level of generality in a hierarchically structured knowledge base so that it can be inherited by the subdomains below. For this to occur, two types of learning must take place. First, knowledge about a particular application domain that is acquired from specific applications within that domain are generalized into a domain node (e.g., entities, relationships, and attributes from various hospital applications are generalized to a hospital node). This is referred to as within domain learning. Second, the information common to two (or more) related application domain nodes is generalized to a higher-level node; for example, knowledge from the car rental and video rental domains may be generalized to a rental node. This is called across domain learning. This paper presents a methodology for learning across different application domains based on a distance measure. The parameters used in this methodology were refined by testing on a set of representative cases; empirical testing provided further validation     

Supporting small teams in cooperatively building application domain models

Building application domain models is a time-consuming activity in software engineering. In small teams, it is an activity that involves almost all participants, including developers and domain experts. In our approach, we support the knowledge engineering activity by reusing tagging done by team participants when they search information on the Web about the application’s domain. Team participants collaborate implicitly when they do tagging because their individually created tags are collected and form a folksonomy. This folksonomy reflects their knowledge about the domain and it is the base for eliciting domain model elements in the knowledge acquisition and conceptualization tasks in a consensual way. Experiments provide evidence that our approach helps team participants to build richer domain models than if they do not use our software tool. The tool allows the reuse of simple annotations as long as users learn about the application’s domain.     

User modelling for graphical design in complex dynamic environments: concepts and prototype implementations

In this paper, it is proposed that using knowledge-based technology to generate different types of models of a target domain can better assist designers of support systems. The main argument is that designers' decisions should be based on knowledge about a domain rather than on their "common sense" judgments. This approach is illustrated by describing a canonical user model capturing operators' information and knowledge acquisition behaviour. In the present work, this model is used to help designers identify what process variables need to be associated with flow diagrams representing the structure of the technical system. Concepts underlying the user modelling approach as well as the knowledge elicitation and knowledge representation process are described. Finally, functionality provided by the user model is discussed as well as how the approach can be evaluated.     

Participatory knowledge-management design: A semiotic approach

The aim of this paper is to present a design strategy for collaborative knowledge-management systems based on a semiotic approach. The contents and structure of experts' knowledge is highly dependent on professional or individual practice. Knowledge-management systems that support cooperation between experts from different (sub-)fields need to be situated and tailored to provide effective support even if the common aspects of the data need to be described by ontologies that are generic in respect to the sub-disciplines involved. To understand and approach this design problem, we apply a semiotic perspective to computer application and human–computer interaction. From a semiotic perspective, the computer application is both a message from the designer to the user about the structure of the problem domain, as well as about interaction with it, and a structured channel for the user's communication with herself, himself or other users of the software. Tailoring or “end-user development” – i.e. adapting the knowledge-management system to a specific (sub-)discipline, task or context – then refines both the message and adapts the structure of the interaction to the situated requirements.The essential idea of this paper is to define a new perspective for designing and developing interactive systems to support collaborative knowledge management. The key concept is to involve domain experts in participatory knowledge design for mapping and translating their professional models into the proper vocabularies, notations, and suitable visual structures for navigating among interface elements. To this end, the paper describes how our semiotic approach supports processes for representing, storing, accessing, and transferring knowledge through which the information architecture of an interactive system can be defined. Finally, the results of applying our approach to a real-world case in an archaeological context are presented.     

Beyond Knowledge Engineering

Knowledge engineering stems from E. A. Figenbaum＇s proposal in 1977, but it will enter a new decade with the new challenges. This paper first summarizes three knowledge engineering experiments we have undertaken to show possibility of separating knowledge development from intelligent software development. We call it the ICAX mode of intelligent application software generation. The key of this mode is to generate knowledge base, which is the source of intelligence of ICAX software, independently and parallel to intelligent software development. That gives birth to a new and more general concept ＂knowware＂. Knowware is a commercialized knowledge module with documentation and intellectual property, which is computer operable, but free of any built-in control mechanism, meeting some industrial standards and embeddable in software/hardware. The process of development, application and management of knowware is called knowware engineering. Two different knowware life cycle models are discussed： the furnace model and the crystallization model. Knowledge middleware is a class of software functioning in all aspects of knowware life cycle models. Finally, this paper also presents some examples of building knowware in the domain of information system engineering.     

Applying ontology-based blog to detect information system post-development change requests conflicts

Post-development change requests are user requirements for information systems changes after development. Conflicts might occur as contradictive or inconsistent relationships between requests and existing system design. Detecting conflicts in post-developmenet change requests is an important task during requests management processes. To address this topic, this article proposes an ontology-based blog for automatically discovering conflicts in the extended use-case models of requests from users. This study proposed an information system maintenance process. The proposed approach applies ontologies to represent domain knowledge. A set of rules are used to detect conflicts. This study developed a prototype and invited two companies to evaluate it. Usage feedback opinions about ontology-based blog from two companies indicated the usefulness. The ontology-based blog is a relatively new approach which bridge requirements blogs with a formal and machine interpretable representational model. The automatic conflicts detection capability of the ontology-based blog can reduce the labor cost in requirements analysis phase.     

Organisational learning—a critical systems thinking discipline

This paper deals with the application of critical systems thinking in the domain of organisational learning and knowledge management. Its viewpoint is that deep organisational learning only takes place when the business systems' stakeholders reflect on their actions and thus inquire about their purpose(s) in relation to the business system and the other stakeholders they perceive to exist. This is done by reflecting both on the sources of motivation and/or deception that are contained in their purpose, and also on the sources of collective motivation and/or deception that are contained in the business system's purpose. The development of an organisational information system that captures, manages and institutionalises meaningful information—a knowledge management system—cannot be separated from organisational learning practices, since it should be the result of these very practices. Although Senge's five disciplines provide a useful starting-point in looking at organisational learning, we argue for a critical systems approach, instead of an uncritical Systems Dynamics one that concentrates only on the organisational learning practices.We proceed to outline a methodology called Business Systems Purpose Analysis (BSPA) that offers a participatory structure for team and organisational learning, upon which the stakeholders can take legitimate action that is based on the force of the better argument. In addition, the organisational learning process in BSPA leads to the development of an intrinsically motivated information organisational system that allows for the institutionalisation of the learning process itself in the form of an organisational knowledge management system. This could be a specific application, or something as wide-ranging as an Enterprise Resource Planning (ERP) implementation. Examples of the use of BSPA in two ERP implementations are presented.     

Toward formalizing domain modeling semantics in language syntax

Information systems are situated in and are representations of some business or organizational domain. Hence, understanding the application domain is critical to the success of information systems development. To support domain understanding, the application domain is represented in conceptual models. The correctness of conceptual models can affect the development outcome and prevent costly rework during later development stages. This paper proposes a method to restrict the syntax of a modeling language to ensure that only possible configurations of a domain can be modeled, thus increasing the likelihood of creating correct domain models. The proposed method, based on domain ontologies, captures relationships among domain elements via constraints on the language metamodel, thus restricting the set of statements about the domain that can be generated with the language. In effect, this method creates domain specific modeling languages from more generic ones. The method is demonstrated using the Unified Modeling Language (UML). Specifically, it is applied to the subset of UML dealing with object behavior and its applicability is demonstrated on a specific modeling example.     

Deriving and paraphrasing information grammars using object-oriented analysis models

In this paper the focus is on object-oriented analysis of information systems. We assume that the communication within an application domain can be described by a logbook of events. In our view, the purpose of the analysis phase is to model the structure of this logbook. The resulting conceptual model is referred to as the information architecture, and is an integration of three formal object-oriented analysis models with each a specific view on the application domain. Furthermore, the information architecture forms an abstraction of an underlying grammar, called the information grammar, for the communication within the application domain. This grammar can be used to validate the information architecture in a textual format by informed users. In addition, the information grammar can be used to obtain the relevant data and processes of the application domain, and serves as a basis for the query language of users with the information system. Received: 19 February 1997 / 21 August 2001