IDEAS home Printed from https://ideas.repec.org/a/spr/binfse/v3y2011i3p145-154.html
   My bibliography  Save this article

Automated Certification for Compliant Cloud-based Business Processes

Author

Listed:
  • Rafael Accorsi
  • Lutz Lowis
  • Yoshinori Sato

Abstract

A key problem in the deployment of large-scale, reliable cloud computing concerns the difficulty to certify the compliance of business processes operating in the cloud. Standard audit procedures such as SAS-70 and SAS-117 are hard to conduct for cloud-based processes. The paper proposes a novel approach to certify the compliance of business processes with regulatory requirements. The approach translates process models into their corresponding Petri net representations and checks them against requirements also expressed in this formalism. Being based on Petri nets, the approach provides well-founded evidence on adherence and, in case of noncompliance, indicates the possible vulnerabilities. Copyright Gabler Verlag 2011

Suggested Citation

  • Rafael Accorsi & Lutz Lowis & Yoshinori Sato, 2011. "Automated Certification for Compliant Cloud-based Business Processes," Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, Springer;Gesellschaft für Informatik e.V. (GI), vol. 3(3), pages 145-154, June.
    • Handle: RePEc:spr:binfse:v:3:y:2011:i:3:p:145-154
    DOI: 10.1007/s12599-011-0155-7
    as

    Download full text from publisher

    File URL: http://hdl.handle.net/10.1007/s12599-011-0155-7
    Download Restriction: Access to full text is restricted to subscribers.
    File URL: https://libkey.io/10.1007/s12599-011-0155-7?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Isabelle Huault & V. Perret & S. Charreire-Petit, 2007. "Management," Post-Print halshs-00337676, HAL.
    2. Federico Etro, 2011. "The Economics of Cloud Computing," The IUP Journal of Managerial Economics, IUP Publications, vol. 0(2), pages 7-22, May.
    3. Edward A. Stohr & J. Leon Zhao, 2001. "Workflow Automation: Overview and Research Issues," Information Systems Frontiers, Springer, vol. 3(3), pages 281-296, September.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Mustafa Hashmi & Guido Governatori & Moe Thandar Wynn, 2016. "Normative requirements for regulatory compliance: An abstract formal framework," Information Systems Frontiers, Springer, vol. 18(3), pages 429-455, June.
    2. A. M. Mustapha & O. T. Arogundade & Sanjay Misra & Robertas Damasevicius & Rytis Maskeliunas, 2020. "A systematic literature review on compliance requirements management of business processes," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 11(3), pages 561-576, June.
    3. Severin Oesterle & Jan Jöhnk & Robert Keller & Nils Urbach & Xin Yu, 2020. "A contingency lens on cloud provider management processes," Business Research, Springer;German Academic Association for Business Research, vol. 13(3), pages 1451-1489, November.
    4. A. M. Mustapha & O. T. Arogundade & Sanjay Misra & Robertas Damasevicius & Rytis Maskeliunas, 0. "A systematic literature review on compliance requirements management of business processes," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 0, pages 1-16.
    5. Jörg Becker & Patrick Delfmann & Hanns-Alexander Dietrich & Matthias Steinhorst & Mathias Eggert, 2016. "Business process compliance checking – applying and evaluating a generic pattern matching approach for conceptual models in the financial sector," Information Systems Frontiers, Springer, vol. 18(2), pages 359-405, April.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. James Breen & Darragh Clancy & Mary Ryan & M. Wallace, 2010. "Can’t See the Wood for the Trees: The Returns to Farm Forestry in Ireland," Working Papers 1003, Rural Economy and Development Programme,Teagasc.
    2. Alan Gregory, 2011. "The Expected Cost of Equity and the Expected Risk Premium in the UK," Review of Behavioral Finance, Emerald Group Publishing Limited, vol. 3(1), pages 1-26, April.
    3. Ana-Maria BERCU, 2014. "Performance Appraisal Of Civil Servants. Sustainability And Development," Proceedings of Administration and Public Management International Conference, Research Centre in Public Administration and Public Services, Bucharest, Romania, vol. 10(1), pages 35-43, June.
    4. repec:fip:fedhep:y:2013:i:qii:p:30-46:n:vol.37no.2 is not listed on IDEAS
    5. Gedikoglu, Haluk & McCann, Laura M.J. & Artz, Georgeanne M., 2011. "Off-Farm Employment Effects on Adoption of Nutrient Management Practices," Agricultural and Resource Economics Review, Northeastern Agricultural and Resource Economics Association, vol. 40(2), pages 1-14, August.
    6. Scherrer-Rathje, Maike & Boyle, Todd A. & Deflorin, Patricia, 2009. "Lean, take two! Reflections from the second attempt at lean implementation," Business Horizons, Elsevier, vol. 52(1), pages 79-88.
    7. Shachmurove, Yochanan & Vulanovic, Milos, 2013. "SPACs in Shipping," EconStor Preprints 88633, ZBW - Leibniz Information Centre for Economics.
    8. Benmelech, Efraim & Dlugosz, Jennifer, 2009. "The alchemy of CDO credit ratings," Journal of Monetary Economics, Elsevier, vol. 56(5), pages 617-634, July.
    9. Farrell, Terence C., 2008. "An Economic Evaluation of Conservation Farming Practices for the Central West of NSW," 2008 Conference (52nd), February 5-8, 2008, Canberra, Australia 6177, Australian Agricultural and Resource Economics Society.
    10. Maja Ilic, 2010. "Economic Value Added As A Modern Performance Indicator," Perspectives of Innovation in Economics and Business (PIEB), Prague Development Center, vol. 6(3), pages 94-97, October.
    11. Ergin Bayrak & John P. Conley & Simon Wilkie, 2011. "The Economics of Cloud Computing," Korean Economic Review, Korean Economic Association, vol. 27, pages 203-230.
    12. Carrington, Michal J. & Neville, Benjamin A. & Whitwell, Gregory J., 2014. "Lost in translation: Exploring the ethical consumer intention–behavior gap," Journal of Business Research, Elsevier, vol. 67(1), pages 2759-2767.
    13. Chun-Pin Hsu & Chin-Wen Huang & Wan-Jiun Chiou, 2012. "Effectiveness of copula-extreme value theory in estimating value-at-risk: empirical evidence from Asian emerging markets," Review of Quantitative Finance and Accounting, Springer, vol. 39(4), pages 447-468, November.
    14. Chaim FERSHTMAN & Neil GANDAL, 2012. "Migration to the Cloud Ecosystem: Ushering in a New Generation of Platform Competition," Communications & Strategies, IDATE, Com&Strat dept., vol. 1(85), pages 109-123, 1st quart.
    15. Kouroche Vafaï, 2012. "Information in Hierarchies," Université Paris1 Panthéon-Sorbonne (Post-Print and Working Papers) halshs-00768904, HAL.
    16. Felipe Jiménez & Wilmar Cabrera-Montiel, 2014. "System for Road Vehicle Energy Optimization Using Real Time Road and Traffic Information," Energies, MDPI, vol. 7(6), pages 1-23, June.
    17. Agata Mesjasz-Lech, 2009. "Selected Problems Of Reverse Logistics In Poland," Advanced Logistic systems, University of Miskolc, Department of Material Handling and Logistics, vol. 3(1), pages 181-190, December.
    18. J�r�me Massiani, Giovanni Santoro, 2012. "The relevance of the concept of capacity for the management of a tourist destination: theory and application to tourism management in Venice," RIEDS - Rivista Italiana di Economia, Demografia e Statistica - The Italian Journal of Economic, Demographic and Statistical Studies, SIEDS Societa' Italiana di Economia Demografia e Statistica, vol. 66(2), pages 141-156.
    19. Anuta Porutiu, 2010. "Decision and decision makers," Studies and Scientific Researches. Economics Edition, "Vasile Alecsandri" University of Bacau, Faculty of Economic Sciences, issue 15.
    20. Zablocka, Adrianna, 2008. "Antitrust and Copyright Collectives – an Economic Analysis," MPRA Paper 23987, University Library of Munich, Germany.
    21. Vassili Joannides & N. Berland, 2008. "Grounded theory: quels usages dans les recherches en contrôle de gestion?," Grenoble Ecole de Management (Post-Print) hal-00676580, HAL.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:binfse:v:3:y:2011:i:3:p:145-154. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.