DOCSLIB.ORG

Karimi Vahid.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Karimi Vahid.Pdf A Uniform Formal Approach to Business and Access Control Models, Policies and their Combinations by Vahid Reza Karimi A thesis presented to the University of Waterloo in fulfillment of the thesis requirement for the degree of Doctor of Philosophy in Computer Science Waterloo, Ontario, Canada, 2012 © Vahid Reza Karimi 2012 I hereby declare that I am the sole author of this thesis. This is a true copy of the thesis, including any required final revisions, as accepted by my examiners. I understand that my thesis may be made electronically available to the public. iii Abstract Access control represents an important part of security in software systems, since access control policies determine which users of a software system have access to what objects and operations and under what constraints. One can view access control models as providing the basis for access control rules. Further, an access control policy can be seen as a combination of one or more rules, and one or more policies can be combined into a set of access control policies that control access to an entire system. The rules and resulting policies can be combined in many different ways, and the combination of rules and policies are included in policy languages. Approaches to access control (AC) policy languages, such as XACML, do not provide a formal representation for specifying rule- and policy-combining algorithms or for classifying and verifying properties of AC policies. In addition, there is no connection between the rules that form a policy and the general access control and business models on which those rules are based. Some authors propose formal representations for rule- and policy-combining algorithms. However, the proposed models are not expressive enough to represent formally classes of algorithms related to history of policy outcomes including ordered-permit-overrides, ordered-deny-overrides, and only-one-applicable. In fact, they are not able to express formally any algorithm that involves history including the class related to consensus such as weak-consensus, weak-majority, strong-consensus, strong-majority, and super-majority- permit. In addition, some other authors propose a formal representation but do not present an approach and automated support for the formal verification of any classes of combining algorithms. The work presented in this thesis provides a uniform formal approach to business and access control models, policies and their combinations. The research involves a new formal representation for access control rules, policies, and their combination and supports formal verification. In addition, the approach explicitly connects the rules to the underlying access control model. Specifically, the approach • provides a common representation for systematically describing and integrating busi- ness processes, access control models, their rules and policies, • expresses access control rules using an underlying access control model based on an existing augmented business modeling notation, • can express and verify formally all known policy- and rule-combining algorithms, a result not seen in the literature, v • supports a classification of relevant access control properties that can be verified against policies and their combinations, and • supports automated formal verification of single policies and combined policy sets based on model checking. Finally, the approach is applied to an augmented version of the conference management system, a well-known example from the literature. Several properties, whose verification was not possible by prior approaches, such as ones involving history of policy outcomes, are verified in this thesis. vi Acknowledgements I would like to thank my supervisor Professor Donald Cowan for his guidance and fi- nancial support during my studies. I also acknowledge my Ph.D. committee members Pro- fessors Howard Armitage, Daniel Berry, Michael Godfrey, William McCarthy, and Grant Weddell for their time and efforts to be part of this committee. I would like to thank Research Professor Paulo Alencar for many discussions and his input at the later stage of this study. I am also thankful for financial support from the Ontario Graduate Scholarship in Science and Technology (OGSST) program. vii Table of Contents List of Tables xiii List of Figures xv 1 Introduction1 1.1 Contributions..................................2 1.2 Research Approach...............................2 1.3 Thesis Organization...............................6 2 Related Work9 2.1 Access Control.................................9 2.1.1 Access Control Models......................... 10 2.1.2 Access Control Policies and Policy Languages............ 13 2.2 Business Patterns and Business Processes................... 16 2.3 Formal Verification............................... 21 2.3.1 Formal Verification of Access Control Policies............ 23 2.3.2 Formal Verification of Business Processes............... 28 3 Access Control Models, Rules and Policies and their Combinations 31 3.1 Overview of Representing Classes of AC Models............... 34 3.2 Representing Classes of Access Control Models................ 36 ix 3.2.1 Modeling Roles and User Assignments................ 38 3.2.2 Modeling Permissions.......................... 44 3.2.3 A Core Access Control Model Formed by Combining Patterns... 46 3.2.4 Advantages of the Core Access Control Model............ 48 3.2.5 Modeling Constraints, Role Hierarchies, and Mutually Exclusive Roles 52 3.2.6 Extending the Approach to Describe DAC and MAC........ 56 3.3 Defining Access Control Rules based on Models............... 58 3.3.1 Access Control Rule Syntax...................... 59 3.3.2 Description of Access Control Rule Syntax.............. 64 3.3.3 Access Control Rule Examples..................... 70 3.3.4 Translation from EBNF to Predicate Logic.............. 73 3.4 Creating Access Control (AC) Policies from AC Rules............ 75 3.4.1 The Use of Algorithmic Forms..................... 76 3.4.2 The Use of State Machines....................... 76 3.5 Policy-combining Algorithms.......................... 80 3.6 An Advantage of the Presented Approach.................. 81 4 Specification of Properties for Access Control and Categorization 87 4.1 Background................................... 87 4.2 AC Property Specification and Categories.................. 88 4.2.1 Any Primitives of Agents, Events, and Resources Individually, and in Connection with AC Results.................... 92 4.2.2 Any Primitives of Agents, Events, and Resources Individually, and their Attributes, and in Connection with AC Results........ 94 4.2.3 A Combination of Agents, Events, Resources, and their Relation- ships, and in Connection with AC Results.............. 96 4.2.4 A Combination of Agents, Events, Resources, their Attributes, and their Relationships, and in Connection with AC Results....... 98 4.3 General Form of AC Property Specification.................. 98 4.4 Related Work on Property Specifications................... 101 x 5 Evaluation: Conference Management Case Study 103 5.1 CONTINUE, Policies, and Properties..................... 105 5.2 Business and AC Models, Rules and Combination.............. 106 5.2.1 Business and AC Models........................ 106 5.2.2 Access Control Rule.......................... 106 5.2.3 AC Rule Combination by Algorithmic Form and State Machine.. 109 5.2.4 An Advantage of the Thesis's Approach............... 116 5.3 Formal Analysis................................. 117 5.3.1 Formal Specification of AC Policies in PROMELA.......... 117 5.3.2 Formal Specification of AC Properties in LTL............ 119 5.3.3 Verification Results and Expressive Advantage............ 120 5.4 A Note on the Use of SPIN.......................... 123 6 Conclusion 125 6.1 Summary of Contributions........................... 125 6.2 Limitations................................... 126 6.3 Future Work................................... 127 6.3.1 Other Access Control Models and their Extensions......... 127 6.3.2 Rights, Delegations, and Obligations................. 128 6.3.3 Analysis and Formal Methods..................... 128 6.3.4 Privacy................................. 129 6.3.5 Different Domains............................ 129 APPENDICES 131 A An Overview of REA 133 A.1 REA as an Ontology.............................. 135 A.2 REA Patterns for Policy-level Specification.................. 137 xi B BNF and EBNF Definitions 139 B.1 Access Control Rule in BNF.......................... 139 B.2 Other BNF and EBNF Definitions....................... 143 C A Brief Background on Logic 159 C.1 Propositional Logic............................... 159 C.2 Predicate Logic................................. 161 C.3 Linear Temporal Logic............................. 163 D An Overview of SPIN and Alloy 165 D.1 SPIN....................................... 165 D.2 Alloy and Example............................... 168 E The CONTINUE Policies and Properties 179 E.1 The CONTINUE Policies............................ 179 E.2 The CONTINUE Properties.......................... 183 F Other Combining Access Control Algorithms 185 References 197 xii List of Tables 3.1 Entities and attributes of the role modeling and user assignments pattern in a table format................................ 43 3.2 Entities and attributes of permission modeling pattern........... 46 3.3 A table representation of policies for the banking example......... 48 3.4 Additional elements added to access control models............. 53 3.5 A static separation of duties representation for the banking example.... 54 3.6 An example
Load more

Recommended publications
  • Infrastructure) IMS > J
    NE DO-IT-O 0 16 <i#^^0%'IW#^#^#(Hyper-Intellectual-IT Infrastructure) IMS > J TO 1 3 ¥ 3 M NEDD H»* r— • ^ ’V^^ m) 010018981-0 (Hyper-Intellectual-IT fr9, (Hyper IT) i-6Z 6 & g 1% ^ L/bo i2 NEDO-IT-0016 < (Hyper-Intel lectual-IT Infrastructure) 9H3E>J 1 3 # 3 ^ lT5fe (%) B^f-r^'a'W^ZPJf (Summary) -f — t 7-j'<7)7*0- K/O- % -y f-7-? ±K*EL/--:#<<7)->5a.v-j'^T*-j'^-7OTSmiLr1 Eft • Skit • tWs§ (Otis ti® o T S T V' £ „ Ltf' U - 7- L*{Hffi,»ftffiIBIS<7)'> 5 a. V- -> 3 >^x- ? ^-Xfijfflic-7V>TI±#<<7)*®»:C0E@»S»6L, -en<b»sili*5tL^itn(i\ *7h Ty — t’ 4-^hLfcE&tt>fc1SSSeF% • Eft • KS& k" f> $ $ & b ttv>, (1) 3>ti- (2) f -^ (3) $-y t-7-7 (4) ->i ( 5 ) 7 7 t 73H7ft#-9— fxwilttas Sti:, ±EP$t t k ic, KSUWSSiaBF^ ■ Elt ■ # ## k T-<7)FB1«6 4-$v>tti u iirn *iiM LrtlSS-S k a6* 0 (1) Hyper-IT 4 7 —-y OEE$l&teH k $l!$ (2 ) Hyper-IT -f7-y*k##<7)tbK (3) KS<7)i5tv^k (4) #@<7)SEE • IISE<7)#S (5) Hwif^silftftkn-KvyT ’tt Summary In recently years, we have broad band network and The Internet environment , using these infrastructure, we will develop knowledge co-operate manufacturing support system, which can be use various kinds of simulators and databases. But knowledge co-operate manufacturing support system has a lot of problems, such as data format, legal problems, software support system and so no.
    [Show full text]
  • Best Practices in Business Instruction. INSTITUTION Delta Pi Epsilon Society, Little Rock, AR
    DOCUMENT RESUME ED 477 251 CE 085 038 AUTHOR Briggs, Dianna, Ed. TITLE Best Practices in Business Instruction. INSTITUTION Delta Pi Epsilon Society, Little Rock, AR. PUB DATE 2001-00-00 NOTE 97p. AVAILABLE FROM Delta Pi Epsilon, P.O. Box 4340, Little Rock, AR 72214 ($15). Web site: http://www.dpe.org/ . PUB TYPE Collected Works General (020) Guides Classroom Teacher (052) EDRS PRICE EDRS Price MF01/PC04 Plus Postage. DESCRIPTORS Accounting; *Business Education; Career Education; *Classroom Techniques; Computer Literacy; Computer Uses in Education; *Educational Practices; *Educational Strategies; Group Instruction; Keyboarding (Data Entry); *Learning Activities; Postsecondary Education; Secondary Education; Skill Development; *Teaching Methods; Technology Education; Vocational Adjustment; Web Based Instruction IDENTIFIERS *Best Practices; Electronic Commerce; Intranets ABSTRACT This document is intended to give business teachers a few best practice ideas. Section 1 presents an overview of best practice and a chart detailing the instructional levels, curricular areas, and main competencies addressed in the 26 papers in Section 2. The titles and authors of the papers included in Section 2 are as follows: "A Software Tool to Generate Realistic Business Data for Teaching" (Catherine S. Chen); "Alternatives to Traditional Assessment of Student Learning" (Nancy Csapo); "Applying the Principles of Developmental Learning to Accounting Instruction" (Burt Kaliski); "Collaborative Teamwork in the Classroom" (Shelia Tucker); "Communicating Statistics Measures of Central Tendency" (Carol Blaszczynski); "Creating a Global Business Plan for Exporting" (Les Dlabay); "Creating a Supportive Learning Environment" (Rose Chinn); "Developing Job Survival Skills"(R. Neil Dortch); "Engaging Students in Personal Finance and Career Awareness Instruction: 'Welcome to the Real World!'" (Thomas Haynes); "Enticing Students to Prepare for and to Stay 'Engaged' during Class Presentations/Discussions" (Zane K.
    [Show full text]
  • Integration Definition for Function Modeling (IDEF0)
    NIST U.S. DEPARTMENT OF COMMERCE PUBLICATIONS £ Technology Administration National Institute of Standards and Technology FIPS PUB 183 FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION INTEGRATION DEFINITION FOR FUNCTION MODELING (IDEFO) » Category: Software Standard SUBCATEGORY: MODELING TECHNIQUES 1993 December 21 183 PUB FIPS JK- 45C .AS A3 //I S3 IS 93 FIPS PUB 183 FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION INTEGRATION DEFINITION FOR FUNCTION MODELING (IDEFO) Category: Software Standard Subcategory: Modeling Techniques Computer Systems Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899 Issued December 21, 1993 U.S. Department of Commerce Ronald H. Brown, Secretary Technology Administration Mary L. Good, Under Secretary for Technology National Institute of Standards and Technology Arati Prabhakar, Director Foreword The Federal Information Processing Standards Publication Series of the National Institute of Standards and Technology (NIST) is the official publication relating to standards and guidelines adopted and promulgated under the provisions of Section 111 (d) of the Federal Property and Administrative Services Act of 1949 as amended by the Computer Security Act of 1987, Public Law 100-235. These mandates have given the Secretary of Commerce and NIST important responsibilities for improving the utilization and management of computer and related telecommunications systems in the Federal Government. The NIST, through its Computer Systems Laboratory, provides leadership, technical guidance,
    [Show full text]
  • MAKING DATA MODELS READABLE David C
    MAKING DATA MODELS READABLE David C. Hay Essential Strategies, Inc. “Confusion and clutter are failures of [drawing] design, not attributes of information. And so the point is to find design strategies that reveal detail and complexity ¾ rather than to fault the data for an excess of complication. Or, worse, to fault viewers for a lack of understanding.” ¾ Edward R. Tufte1 Entity/relationship models (or simply “data models”) are powerful tools for analyzing and representing the structure of an organization. Properly used, they can reveal subtle relationships between elements of a business. They can also form the basis for robust and reliable data base design. Data models have gotten a bad reputation in recent years, however, as many people have found them to be more trouble to produce and less beneficial than promised. Discouraged, people have gone on to other approaches to developing systems ¾ often abandoning modeling altogether, in favor of simply starting with system design. Requirements analysis remains important, however, if systems are ultimately to do something useful for the company. And modeling ¾ especially data modeling ¾ is an essential component of requirements analysis. It is important, therefore, to try to understand why data models have been getting such a “bad rap”. Your author believes, along with Tufte, that the fault lies in the way most people design the models, not in the underlying complexity of what is being represented. An entity/relationship model has two primary objectives: First it represents the analyst’s public understanding of an enterprise, so that the ultimate consumer of a prospective computer system can be sure that the analyst got it right.
    [Show full text]
  • Fielder Elected
    • ——— •—- •^ »!• m«g -mmiMMa&rr »• t-^ •iwiiiiiiiwum I*T The Leading and Most Widely Circulated Weekly Newspaper in Union County WESTFIELD, NEW JERSEY, WEDNESDAY, NOVEMBEB, 5, 1913, FOURTEEN PAGKS—2 CENTS NOVEMBER 5, 1913 Money deposited in our Savings Department on or before the above date, will draw interest at 4 per cent, from NOVEMBER FIRST. Check Accounts—largo or small- ? A FEW DID The Two Clark's ore Re-elected in Westfield with Many received on liberal terms. Votes to the Good—Casey Polls Big Vote in the COUNTY DEMOGRATiO ASSETS OVER $1,000,000.00 T l/OTE YESTERDAY Fourth and is Returned to the Council ASSEMBLYCANDIDATES The Early Returns Showed Traynor Running Strong for The Oldest Banking Institution in Westfield sgistsrcd Men Were Goif- Assessor, but Denman Receives Majority Elected by About Six Hundred inp or Motoring in ' of Over Two Hundred Votes Majority and Run Far Other Placos Behind Ticket MITCHELL AND ENTIRE FOSION TICKET WINS IN NEW YORE VOTES THE TOTAL CAST MAYOR EVANS WAS DEFEATED Fielder Elected "v ivory 1.308 volt's uasi in ilnyir Kvans proved his jni|m- !<i ui tiis vlcctinn nnii 17 litritv in Westiiold by luimiup •IN liii' noxt. Governor ul" New di'i-scy. 1 rejected. There were 'J2S iiliciid of l'.'.s uriiiTSl opjuMi- voters in Wcsl- cnt but imt'oHuiiiiU'ly went down Kledcd becmise of failhfu! and cfllcionl Rcrvice it tiiis t lection which prows with liis tiok«t fur tin1 Di'inncrntic in tile past. i did not avail Uiomselvcs AsKi'inlily in llio county won out right or sufTrap-d.
    [Show full text]
  • A Study on Process Description Method for DFM Using Ontology
    Invited Paper A Study on Process Description Method for DFM Using Ontology K. Hiekata1 and H. Yamato2 1Department of Systems Innovation, Graduate School of Engineering, The University of Tokyo, 5-1-5, Kashiwanoha, Kashiwa-city, Chiba 277-8563, Japan 2Department of Human and Engineered Environmental Studies, Graduate School of Frontier Sciences, The University of Tokyo, 5-1-5, Kashiwanoha, Kashiwa-city, Chiba 277-8563, Japan [email protected], [email protected] Abstract A method to describe process and knowledge based on RDF which is an ontology description language and IDEF0 which is a formal process description format is proposed. Once knowledge of experienced engineers is embedded into the system the knowledge will be lost in the future. A production process is described in a proposed format similar to BOM and the process can be retrieved as a flow diagram to make the engineers to understand the product and process. Proposed method is applied to a simple production process of common sub-assembly of ships for evaluation. Keywords: Production process, DFM, Ontology, Computer system 1 INTRODUCTION (Unified Resource Identifier) is assigned to all the objects, There are many research and computer program for and metadata is defined for all objects using the URI. supporting optimization of production process in Metadata is defined as a statement with subject, shipyards. And knowledge of experienced engineers is predicate and object. The statement is called triple in embedded into the system. Once the knowledge is RDF. Two kinds of elements, Literal or Resource, can be embedded into computer system, the knowledge is not a component of a statement.
    [Show full text]
  • Value Mapping – Critical Business Architecture Viewpoint
    Download this and other resources @ http://www.aprocessgroup.com/myapg Value Mapping – Critical Business Architecture Viewpoint AEA Webinar Series “Enterprise Business Intelligence” Armstrong Process Group, Inc. www.aprocessgroup.com Copyright © 1998-2017, Armstrong Process Group, Inc., All rights reserved 2 About APG APG’s mission is to “Align information technology and systems engineering capabilities with business strategy using proven, practical processes delivering world-class results.” Industry thought leader in enterprise architecture, business modeling, process improvement, systems and software engineering, requirements management, and agile methods Member and contributor to UML ®, SysML ®, SPEM, UPDM ™ at the Object Management Group ® (OMG ®) TOGAF ®, ArchiMate ®, and IT4IT ™ at The Open Group BIZBOK ® Guide and UML Profile at the Business Architecture Guild Business partners with Sparx, HPE, and IBM Guild Accredited Training Partner ™ (GATP ™) and IIBA ® Endorsed Education Provider (EEP ™) AEA Webinar Series – “Enterprise Business Intelligence” – Value Mapping Copyright © 1998-2017, Armstrong Process Group, Inc., All rights reserved 3 Business Architecture Framework Business Architecture Knowledgebase Blueprints provide views into knowledgebase, based on stakeholder concerns Scenarios contextualize expected outcomes of business architecture work Also inform initial selections of key stakeholders and likely concerns AEA Webinar Series – “Enterprise Business Intelligence” – Value Mapping BIZBOK Guide Copyright © 1998-2017,
    [Show full text]
  • Using Telelogic DOORS and Microsoft Visio to Model and Visualize
    Using DOORS & Visio to Model and Visualize Complex Business Processes Bob Sherman - [email protected] [email protected] Using Telelogic DOORS and Microsoft Visio to Model and Visualize Complex Business Processes - v1.0 © 2005 Galactic Solutions Group LLC – Authors: Bob Sherman ([email protected]), [email protected] 1 © Telelogic AB Agenda • The Unmet Need • The Solution – Strategy: Business Driven Application Lifecycle – Tactics: Business Modeling via DOORS & VISIO – Tactics: DOORS/VISIO Integration • Case Study Results Using Telelogic DOORS and Microsoft Visio to Model and Visualize Complex Business Processes - v1.0 © 2005 Galactic Solutions Group LLC – Authors: Bob Sherman ([email protected]), [email protected] 2 © Telelogic AB Chronic IT Project Problems Top IT Project Problems • User/Stakeholder Engagement Outages • Unclear Objectives • Incomplete or Changing Requirements *Standish Group Chaos Studies Using Telelogic DOORS and Microsoft Visio to Model and Visualize Complex Business Processes - v1.0 © 2005 Galactic Solutions Group LLC – Authors: Bob Sherman ([email protected]), [email protected] 3 © Telelogic AB Chronic IT Project Problems Rework • 35-65% of project budget *Standish Group spent on rework. • ~50% of rework is due to requirements errors * IEEE & University of Southern California Using Telelogic DOORS and Microsoft Visio to Model and Visualize Complex Business Processes - v1.0 © 2005 Galactic Solutions Group LLC – Authors:
    [Show full text]
  • Modelling, Analysis and Design of Computer Integrated Manueactur1ng Systems
    MODELLING, ANALYSIS AND DESIGN OF COMPUTER INTEGRATED MANUEACTUR1NG SYSTEMS Volume I of II ABDULRAHMAN MUSLLABAB ABDULLAH AL-AILMARJ October-1998 A thesis submitted for the DEGREE OP DOCTOR OF.PHILOSOPHY MECHANICAL ENGINEERING DEPARTMENT, THE UNIVERSITY OF SHEFFIELD 3n ti]S 5íamc of Allai]. ¿Hoot (gractouo. iHHoßt ¿Merciful. ACKNOWLEDGEMENTS I would like to express my appreciation and thanks to my supervisor Professor Keith Ridgway for devoting freely of his time to read, discuss, and guide this research, and for his assistance in selecting the research topic, obtaining special reference materials, and contacting industrial collaborations. His advice has been much appreciated and I am very grateful. I would like to thank Mr Bruce Lake at Brook Hansen Motors who has patiently answered my questions during the case study. Finally, I would like to thank my family for their constant understanding, support and patience. l To my parents, my wife and my son. ABSTRACT In the present climate of global competition, manufacturing organisations consider and seek strategies, means and tools to assist them to stay competitive. Computer Integrated Manufacturing (CIM) offers a number of potential opportunities for improving manufacturing systems. However, a number of researchers have reported the difficulties which arise during the analysis, design and implementation of CIM due to a lack of effective modelling methodologies and techniques and the complexity of the systems. The work reported in this thesis is related to the development of an integrated modelling method to support the analysis and design of advanced manufacturing systems. A survey of various modelling methods and techniques is carried out. The methods SSADM, IDEFO, IDEF1X, IDEF3, IDEF4, OOM, SADT, GRAI, PN, 10A MERISE, GIM and SIMULATION are reviewed.
    [Show full text]
  • Using IDEF and QFD to Develop an Organizational Decision Support Methodology for the Strategic Justification of Computer-Integrated Technologies
    UTTERWORTH lnternational JournalofProjectManagement Vol. 13, No. 3, pp. 177-185, 1995 E I N E M A N N Elsevier Science Ltd S Printed in Great Britain 0263-7863/95 210.00+ 0.00 0263-7863 (94) 00008-5 Using IDEF and QFD to develop an organizational decision support methodology for the strategic justification of computer-integrated technologies Joseph Sarkis Department of Information Systems and Management Sciences, Box 19437, University of Texas at Arlington, Arlington, TX 76019, USA Donald H Liles Automation and Robotics Research Institute, 7300 Jack Newell Boulevard, Fort Worth, TX 76118, USA The paper presents some issues relevant to the strategic justification of computer-integrated enterprise technologies for small and medium-sized manufacturing enterprises. To address the issue of making a strategic justification or 'business case' for these technologies, an organizational decision-making methodology that incorporates the strategies of the firm is needed, among other requirements. A research and development approach that integrates Quality Function Deployment and IDEF0 functional modeling to determine the requirements and processes for the justification methodology is presented. This approach has implications for future research and development for similar organizational decision-support processes and business-process reengineering. Keywords: quality-function deployment, IDEFO, strategic justification Current and future directions in the US domestic industrial CIE technologies are necessary to help enterprises become economy point to further global competitive pressures on agile enough to form interorganizational ad hoc partner- manufacturing enterprises of all sizes. For organizations to ships that emphasize each enterprise's core competencies ~. be able to compete on this global level, there need to be Examples of some of these technologies are computer- national and industrial visions, as well as enterprise-level integrated manufacturing systems, flexible manufacturing visions.
    [Show full text]
  • CROSS SECTIONAL STUDY of AGILE SOFTWARE DEVELOPMENT METHODS and PROJECT PERFORMANCE Tracy Lambert Nova Southeastern University, [email protected]
    Nova Southeastern University NSUWorks H. Wayne Huizenga College of Business and HCBE Theses and Dissertations Entrepreneurship 2011 CROSS SECTIONAL STUDY OF AGILE SOFTWARE DEVELOPMENT METHODS AND PROJECT PERFORMANCE Tracy Lambert Nova Southeastern University, [email protected] This document is a product of extensive research conducted at the Nova Southeastern University H. Wayne Huizenga College of Business and Entrepreneurship. For more information on research and degree programs at the NSU H. Wayne Huizenga College of Business and Entrepreneurship, please click here. Follow this and additional works at: https://nsuworks.nova.edu/hsbe_etd Part of the Business Commons Share Feedback About This Item NSUWorks Citation Tracy Lambert. 2011. CROSS SECTIONAL STUDY OF AGILE SOFTWARE DEVELOPMENT METHODS AND PROJECT PERFORMANCE. Doctoral dissertation. Nova Southeastern University. Retrieved from NSUWorks, H. Wayne Huizenga School of Business and Entrepreneurship. (56) https://nsuworks.nova.edu/hsbe_etd/56. This Dissertation is brought to you by the H. Wayne Huizenga College of Business and Entrepreneurship at NSUWorks. It has been accepted for inclusion in HCBE Theses and Dissertations by an authorized administrator of NSUWorks. For more information, please contact [email protected]. CROSS SECTIONAL STUDY OF AGILE SOFTWARE DEVELOPMENT METHODS AND PROJECT PERFORMANCE By Tracy Lambert A DISSERTATION Submitted to H. Wayne Huizenga School of Business and Entrepreneurship Nova Southeastern University in partial fulfillment of the requirements For the degree of DOCTOR OF BUSINESS ADMINISTRATION 2011 ABSTRACT CROSS SECTIONAL STUDY OF AGILE SOFTWARE DEVELOPMENT METHODS AND PROJECT PERFORMANCE by Tracy Lambert Agile software development methods, characterized by delivering customer value via incremental and iterative time-boxed development processes, have moved into the mainstream of the Information Technology (IT) industry.
    [Show full text]
  • Case No COMP/M.4747 Œ IBM / TELELOGIC REGULATION (EC)
    EN This text is made available for information purposes only. A summary of this decision is published in all Community languages in the Official Journal of the European Union. Case No COMP/M.4747 – IBM / TELELOGIC Only the English text is authentic. REGULATION (EC) No 139/2004 MERGER PROCEDURE Article 8(1) Date: 05/03/2008 Brussels, 05/03/2008 C(2008) 823 final PUBLIC VERSION COMMISSION DECISION of 05/03/2008 declaring a concentration to be compatible with the common market and the EEA Agreement (Case No COMP/M.4747 - IBM/ TELELOGIC) COMMISSION DECISION of 05/03/2008 declaring a concentration to be compatible with the common market and the EEA Agreement (Case No COMP/M.4747 - IBM/ TELELOGIC) (Only the English text is authentic) (Text with EEA relevance) THE COMMISSION OF THE EUROPEAN COMMUNITIES, Having regard to the Treaty establishing the European Community, Having regard to the Agreement on the European Economic Area, and in particular Article 57 thereof, Having regard to Council Regulation (EC) No 139/2004 of 20 January 2004 on the control of concentrations between undertakings1, and in particular Article 8(1) thereof, Having regard to the Commission's decision of 3 October 2007 to initiate proceedings in this case, After consulting the Advisory Committee on Concentrations2, Having regard to the final report of the Hearing Officer in this case3, Whereas: 1 OJ L 24, 29.1.2004, p. 1 2 OJ C ...,...200. , p.... 3 OJ C ...,...200. , p.... 2 I. INTRODUCTION 1. On 29 August 2007, the Commission received a notification of a proposed concentration pursuant to Article 4 and following a referral pursuant to Article 4(5) of Council Regulation (EC) No 139/2004 ("the Merger Regulation") by which the undertaking International Business Machines Corporation ("IBM", USA) acquires within the meaning of Article 3(1)(b) of the Council Regulation control of the whole of the undertaking Telelogic AB ("Telelogic", Sweden) by way of a public bid which was announced on 11 June 2007.
    [Show full text]