IDEAS home Printed from https://ideas.repec.org/a/spr/binfse/v3y2011i3p145-154.html
   My bibliography  Save this article

Automated Certification for Compliant Cloud-based Business Processes

Author

Listed:
  • Rafael Accorsi
  • Lutz Lowis
  • Yoshinori Sato

Abstract

A key problem in the deployment of large-scale, reliable cloud computing concerns the difficulty to certify the compliance of business processes operating in the cloud. Standard audit procedures such as SAS-70 and SAS-117 are hard to conduct for cloud-based processes. The paper proposes a novel approach to certify the compliance of business processes with regulatory requirements. The approach translates process models into their corresponding Petri net representations and checks them against requirements also expressed in this formalism. Being based on Petri nets, the approach provides well-founded evidence on adherence and, in case of noncompliance, indicates the possible vulnerabilities. Copyright Gabler Verlag 2011

Suggested Citation

  • Rafael Accorsi & Lutz Lowis & Yoshinori Sato, 2011. "Automated Certification for Compliant Cloud-based Business Processes," Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, Springer;Gesellschaft für Informatik e.V. (GI), vol. 3(3), pages 145-154, June.
    • Handle: RePEc:spr:binfse:v:3:y:2011:i:3:p:145-154
    DOI: 10.1007/s12599-011-0155-7
    as

    Download full text from publisher

    File URL: http://hdl.handle.net/10.1007/s12599-011-0155-7
    Download Restriction: Access to full text is restricted to subscribers.
    File URL: https://libkey.io/10.1007/s12599-011-0155-7?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Isabelle Huault & V. Perret & S. Charreire-Petit, 2007. "Management," Post-Print halshs-00337676, HAL.
    2. Federico Etro, 2011. "The Economics of Cloud Computing," The IUP Journal of Managerial Economics, IUP Publications, vol. 0(2), pages 7-22, May.
    3. Edward A. Stohr & J. Leon Zhao, 2001. "Workflow Automation: Overview and Research Issues," Information Systems Frontiers, Springer, vol. 3(3), pages 281-296, September.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Severin Oesterle & Jan Jöhnk & Robert Keller & Nils Urbach & Xin Yu, 2020. "A contingency lens on cloud provider management processes," Business Research, Springer;German Academic Association for Business Research, vol. 13(3), pages 1451-1489, November.
    2. Jörg Becker & Patrick Delfmann & Hanns-Alexander Dietrich & Matthias Steinhorst & Mathias Eggert, 2016. "Business process compliance checking – applying and evaluating a generic pattern matching approach for conceptual models in the financial sector," Information Systems Frontiers, Springer, vol. 18(2), pages 359-405, April.
    3. Mustafa Hashmi & Guido Governatori & Moe Thandar Wynn, 2016. "Normative requirements for regulatory compliance: An abstract formal framework," Information Systems Frontiers, Springer, vol. 18(3), pages 429-455, June.
    4. A. M. Mustapha & O. T. Arogundade & Sanjay Misra & Robertas Damasevicius & Rytis Maskeliunas, 2020. "A systematic literature review on compliance requirements management of business processes," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 11(3), pages 561-576, June.
    5. A. M. Mustapha & O. T. Arogundade & Sanjay Misra & Robertas Damasevicius & Rytis Maskeliunas, 0. "A systematic literature review on compliance requirements management of business processes," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 0, pages 1-16.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. repec:fip:fedhep:y:2013:i:qii:p:30-46:n:vol.37no.2 is not listed on IDEAS
    2. Gedikoglu, Haluk & McCann, Laura M.J. & Artz, Georgeanne M., 2011. "Off-Farm Employment Effects on Adoption of Nutrient Management Practices," Agricultural and Resource Economics Review, Northeastern Agricultural and Resource Economics Association, vol. 40(2), pages 1-14, August.
    3. Scherrer-Rathje, Maike & Boyle, Todd A. & Deflorin, Patricia, 2009. "Lean, take two! Reflections from the second attempt at lean implementation," Business Horizons, Elsevier, vol. 52(1), pages 79-88.
    4. Farrell, Terence C., 2008. "An Economic Evaluation of Conservation Farming Practices for the Central West of NSW," 2008 Conference (52nd), February 5-8, 2008, Canberra, Australia 6177, Australian Agricultural and Resource Economics Society.
    5. Felipe Jiménez & Wilmar Cabrera-Montiel, 2014. "System for Road Vehicle Energy Optimization Using Real Time Road and Traffic Information," Energies, MDPI, vol. 7(6), pages 1-23, June.
    6. J�r�me Massiani, Giovanni Santoro, 2012. "The relevance of the concept of capacity for the management of a tourist destination: theory and application to tourism management in Venice," RIEDS - Rivista Italiana di Economia, Demografia e Statistica - The Italian Journal of Economic, Demographic and Statistical Studies, SIEDS Societa' Italiana di Economia Demografia e Statistica, vol. 66(2), pages 141-156.
    7. Vassili Joannides & N. Berland, 2008. "Grounded theory: quels usages dans les recherches en contrôle de gestion?," Grenoble Ecole de Management (Post-Print) hal-00676580, HAL.
    8. Gupta, Prashant & Seetharaman, A. & Raj, John Rudolph, 2013. "The usage and adoption of cloud computing by small and medium businesses," International Journal of Information Management, Elsevier, vol. 33(5), pages 861-874.
    9. Gauguier, Jean-Jacques, 2009. "L’industrialisation de l’Open Source," Economics Thesis from University Paris Dauphine, Paris Dauphine University, number 123456789/4388 edited by Toledano, Joëlle.
    10. Adrian K. James & Ronald W. Thring & Steve Helle & Harpuneet S. Ghuman, 2012. "Ash Management Review—Applications of Biomass Bottom Ash," Energies, MDPI, vol. 5(10), pages 1-18, October.
    11. Hoen, K.M.R. & Güllü, R. & van Houtum, G.J. & Vliegen, I.M.H., 2011. "A simple and accurate approximation for the order fill rates in lost-sales Assemble-to-Order systems," International Journal of Production Economics, Elsevier, vol. 133(1), pages 95-104, September.
    12. Porro, Roberto & Lopez-Feldman, Alejandro & Vela-Alvarado, Jorge W., 2015. "Forest use and agriculture in Ucayali, Peru: Livelihood strategies, poverty and wealth in an Amazon frontier," Forest Policy and Economics, Elsevier, vol. 51(C), pages 47-56.
    13. Thierry Burger-Helmchen & Patrick Llerena, 2008. "A case study of a creative start-up: governance, communities and knowledge management," Journal of Innovation Economics, De Boeck Université, vol. 0(2), pages 125-146.
    14. TANASE, George Cosmin, 2011. "The Retail Growth Strategies on the International Market and the Global Development Opportunities for Retailers," Romanian Distribution Committee Magazine, Romanian Distribution Committee, vol. 2(4), pages 28-33, December.
    15. Burns, Christopher, 2014. "Measurement Error in the Schaefer Production Model," 2014 Annual Meeting, July 27-29, 2014, Minneapolis, Minnesota 170569, Agricultural and Applied Economics Association.
    16. Hutchinson, Michael & Bennett, Gregg, 2012. "Core values brand building in sport: Stakeholder attitudes towards intercollegiate athletics and university brand congruency," Sport Management Review, Elsevier, vol. 15(4), pages 434-447.
    17. Du, Ding & Huang, Zhaodan & Blanchfield, Peter J., 2009. "Do fixed income mutual fund managers have managerial skills?," The Quarterly Review of Economics and Finance, Elsevier, vol. 49(2), pages 378-397, May.
    18. Peter Madsen, 2009. "Dynamic Transparency, Prudential Justice, and Corporate Transformation: Becoming Socially Responsible in the Internet Age," Journal of Business Ethics, Springer, vol. 90(4), pages 639-648, December.
    19. Alexander, Carol & Sheedy, Elizabeth, 2008. "Developing a stress testing framework based on market risk models," Journal of Banking & Finance, Elsevier, vol. 32(10), pages 2220-2236, October.
    20. Alan White & Howard Birnbaum & Dov Rothman & Nathaniel Katz, 2009. "Development of a budget-impact model to quantify potential cost savings from prescription opioids designed to deter abuse or ease of extraction," Applied Health Economics and Health Policy, Springer, vol. 7(1), pages 61-70, March.
    21. Parcu, Pier Luigi & Silvestri, Virginia, 2013. "Electronic communications regulation in Europe: An overview of past and future problems," 24th European Regional ITS Conference, Florence 2013 88509, International Telecommunications Society (ITS).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:binfse:v:3:y:2011:i:3:p:145-154. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.