Standortplanung für Anbieter von IT-Services

Location Planning for IT Service Vendors On global markets location planning plays an important role in the strategies of IT-service vendors. On the one hand, low wage countries enable new opportunities to offer services at low costs. On the other hand, however, vendors can not neglect the importance of physical closeness to markets and potential customers. In this paper we present a model and prototype to support location planning for IT service vendors. The model is based on the warehouse location problem which is well known from the field of logistics.     

Eine verteilte Autorisierungsinfrastruktur unter Berücksichtigung von Datenschutzaspekten

Traditionelle Verfahren der Rechtezuweisung (Autorisierung) und Zugriffskontrolle sind nur eingeschr?nkt geeignet, die Anforderungen an das Management der Nutzerprivilegien und an die Durchsetzung einer Sicherheitsstrategie in skalierbaren und hoch flexiblen verteilten Systemen umzusetzen. Dafür besser geeignet sind Sicherheitsinfrastrukturen, genauer AAIs – authentication and authorization infrastructures – und PMIs – privilege management infrastructures – die in der Lage sind, umfassende Sicherheitsdienstleistungen in einer F?deration von Systemen aus unterschiedlichen Dom?nen anzubieten. Dieser Beitrag enth?lt die Darstellung einer datenschutzorientierten AAI im Umfeld von eGovernment, die attributbasierte Zugriffskontrolle, eine XACML-Sicherheitsarchitektur zur Umsetzung und eine besondere Berücksichtigung der Datenschutzaspekte bei der Weitergabe der Nutzerattribute beinhaltet.     

Vorschlag für Komponenten von Methodendesigntheorien

Gregor and Jones have proposed components for design theories, building on theory concepts from behavioural sciences and prior publications. Their design theory structure addresses IT artefacts in general, not specific to any type, such as constructs, models, methods or instantiations. Their work is an important contribution to the academic discussion of design theories. The authors are building on this and believe that specialised design theory structures for different types of artefacts further increases utility, usability and acceptance of the components for both academia and practice. They have analysed each of the components published by Gregor and Jones and proposed refinements specific to method design artefacts wherever applicable. For each component, they derive evaluation criteria and present examples of method publications fulfilling the criteria. They argue that by presenting method design theories according to this structure the contribution of method design artefacts to the body of knowledge will increase.     

Die Verarbeitung von Fluggastdaten für Strafverfolgungszwecke

Nachdem Diskussionen über eine Regelung auf EU-Ebene zur Fluggastdatenverarbeitung Mitte 2009 im Rat der Europ?ischen Union ausgesetzt wurden, kündigten die Justiz- und Innenminister Ende Januar eine Wiederaufnahme des Vorhabens an. Anhand einer Analyse der letzten Version des Entwurfs soll gezeigt werden, dass mehrere Aspekte des geplanten Systems aus datenschutzrechtlicher Sicht problematisch sind.     

Entwicklung von Reifegradmodellen für das IT-Management

Maturity models are valuable instruments for IT managers because they allow the assessment of the current situation of a company as well as the identification of reasonable improvement measures. Over the last few years, more than a hundred maturity models have been developed to support IT management. They address a broad range of different application areas, comprising holistic assessments of IT management as well as appraisals of specific subareas (e. g. Business Process Management, Business Intelligence). The evergrowing number of maturity models indicates a certain degree of arbitrariness concerning their development processes. Especially, this is highlighted by incomplete documentation of methodologies applied for maturity model development. In this paper, we will try to work against this trend by proposing requirements concerning the development of maturity models. A selection of the few well-documented maturity models is compared to these requirements. The results lead us to a generic and consolidated procedure model for maturity models. It provides a manual for the theoretically founded development and the design of evaluation of maturity models. Finally, we will apply this procedure model to the development of the IT Performance Measurement Maturity Model (ITPM³).     

Die Bedeutung von nationaler Kultur für die Gestaltung von Informationssystemen

In this contribution a literature review is conducted to illustrate how national culture influences phases of the design of information systems. For this purpose, we review the literature in order to identify reliable and commonly approved findings as well as still open remaining questions. Fundamentally, our literature review is a comprehensive framework that sets typical dimensions of system design as well as main types of cultural research in relation to each other. The existing research results in the area of national culture are classified along the levels of system design and attributed to typical phases of the design of information systems. It thus becomes apparent that in the domain of culture and information system design it is often only the design subject or the design object that is addressed. Contributions that connect both levels rarely exist. In our review, only a limited number of publications could be identified that covered concrete phases of the development providing system design, implementation, as well as verification and validation. From a theoretical perspective, there is an obvious dominance of Hofstede??s cultural dimensions that well address single topics of the design, such as user interface and inter cultural problems in development teams. Other domains, however (e.g., technology and architecture), are inadequately explained. Further, a predominantly phenomenological focus becomes obvious. The observed cultural phenomena and the connected interpretations are usable in a limited way for concrete development initiatives. The contribution ends with the vision of a theory for the culturally sensitive design of socio technical information systems that absorbs current scientific knowledge and unites it in a structured approach.     

Zertifikat für Datenschutz-Management

Neben der Versch?rfung der gesetzlichen Vorgaben und einer Erh?hung der Bu?gelder wird seit Jahren ein Gütesiegel für Datenschutz gefordert, um dem nach wie vor bestehenden Umsetzungsdefizit entgegenzuwirken. Der vorliegende Beitrag schl?gt ein Auditierungsverfahren vor, das auf die Zertifizierung eines „vorbildlichen“ Datenschutz- Managements zielt.