Towards automating the security compliance value chain.

In this paper, we present a generic approach towards automating different activities of the Security Compliance Value Chain (SCVC) in organizations. ... of appropriate security controls, and finally, (4) verification and reporting of compliance. ... We derive a Security Compliance Value Chain (SCVC) from the activities in regulatory compliance lifecycle. ...

doi:10.1145/2786805.2804435 dblp:conf/sigsoft/GhaisasMBGKV15 fatcat:bdzztytyhvdd3au5vrmobi2yaq

The review of literature shows that RA approaches leveraging CSA (Cloud Security Alliance) STAR Registry that have into account organizations security requirements present higher degree of compliance, ... This work shows a ranking of Cloud RA models and their degree of compliance with the theoretical reference Cloud Risk Assessment model. ... Cloud Cyber Security Risk Assessment Model (ACCSRAM). ...

arXiv:2107.01007v1 fatcat:fvib6ovbkrbklmp3qhtohgsh5q

This new level of maturity leverages distributed blockchain networks to enhance collaboration, processes automation with smart contracts, and data sharing within a decentralized data value chain. ... Blockchain can improve data integrity and enhance trust in the data value chain throughout the entire lifecycle of projects. ... Digital twin Q24 automation Decentralized data value chain Table 8 8 Security Security Table 8 Refer to interview, Privacy Infrastructure Data value resilience chain BMS Table 8 Table 14 . 814 Cont ...

doi:10.3390/buildings11120626 fatcat:7ozrgh5xyvcdfcoqpz3o3ng25e

DOAJ Szczepanski

Nevertheless, the collection at all participating providers is required to assess policy compliance in the whole chain. ... Cloud auditing becomes increasingly challenging for the auditor the more complex the cloud service provision chain becomes. ... ACKNOWLEDGEMENTS This work has been partly funded from the European Commission's Seventh Framework Programme (FP7/2007(FP7/ -2013, grant agreement 317550, Cloud Accountability Project -http://www.a4cloud.eu ...

doi:10.5220/0005788700590070 dblp:conf/closer/RubsamenRCK16 fatcat:vbuomutygrhrxdrovomzuccola

value chain. ... It is a pre-requisite to identify the core elements of the value chain that are essential for the individual companys business and the root cause for any company success. ... The additional step towards the building of a value chain that goes beyond the classical concept of Porter is to segment the value chain in regards to a value-based value chain driven by process value ...

arXiv:1310.2832v1 fatcat:spcseoestbcvhf24gmz3sixwhu

The truth is, that neither all processes have the same usability for cloud services not do they have the same importance for a specific company. ... The need for process improvement is an important target that does affect as well the government processes. ... The additional step towards the building of a value chain that goes beyond the classical concept of Porter is to segment the value chain in regards to a value-based value chain driven by process value ...

doi:10.5281/zenodo.3246234 fatcat:2kqzfgfvdrh4hjymfbqs6nyjxy

Open Access

The degree of information security threats evolving on a daily basis has increasingly raised concerns for enterprise organizations. ... Today, the ability to investigate internal matters such as policy violations, regulatory compliance, and employee separation has become important in order for corporations to manage risk. ... ACKNOWLEDGEMENT The authors are thankful to the Faculty of Graduate Studies at Concordia University College of Alberta for providing resources used in the accomplishment of this research. ...

doi:10.1109/socialcom-passat.2012.109 dblp:conf/socialcom/NnoliLZAR12 fatcat:2iwi2svjvve3jfjelphthxitoi

One important use case for DLT, however, is that the front-, middle-and back-office processes and the entire intra-and interfirm value chain can be automated using AI and data provenance guaranteed using ... Here, data created in each step in the financial value chain can be captured on the DLT in a trustworthy and transparent manner. ...

doi:10.1109/mitp.2019.2963490 fatcat:ahoiaainezalhafskknkk565ve

Therefore, the proposed system introduces an analytical model where predictive optimization is carried out towards bridging the gap between supply and demands in supply chain 4.0. ... meet the standard demands of supply chain planning. ... BIOGRAPHIES OF AUTHORS His research interests are in the field of manufacturing engineering, automation and technology management. ...

doi:10.11591/ijece.v10i2.pp1533-1543 fatcat:4ulwcuvsuvhapi4bljy6xelzwq

Open Access

It increases compliances as it follows the rules and keeps audit trails. ... Robotic Process Automation (RPA) is an emerging technology widely used across multiple sectors such as human resources, healthcare, finance, accounting, manufacturing, higher education and supply chain ... It increases compliances as it follows the rules and keeps audit trails. ...

doi:10.31705/bprm.2021.2 fatcat:q7qulaqhszfixcjyzkhdsly2pi

Participants concluded that the approach is technically feasible but requires a different mindset towards regulation, and a clear business case. ... The regulator gets access to a validated copy of key data elements from the company"s internal information systems, which serve as indicator of compliance to specific control objectives. ... We would like to thank the Food and Consumer Product Safety Authority (VWA) for their cooperation in this project. ...

doi:10.1007/978-3-642-22056-2_26 fatcat:7l5agrent5hpfilucvlkws6z7a

subjective and objective compliance with the system, as well as trust in the system. ... The article concludes with open research questions regarding trust and compliance in Decision Support Systems as well as actionable knowledge on how Decision Support Systems can mitigate supply chain disruptions ... The German Research Foundation (DFG) founded this project within the Cluster of Excellence "Integrative Production Technology for High-Wage Countries" (EXC 128) and the integrated cluster domain ICD-D1 ...

doi:10.1007/978-3-319-58484-3_26 fatcat:csysid5wv5ht7oa7nhi4hv7fgm

Today, it is a challenging task to keep a service application running over the internet safe and secure. ... As such, such an event log can be regarded as the ground truth for the entire application: A security requirement is violated if and only if it shows in the event log. ... In this way, ProMSecCo allows to automate the compliance checking process, which is an essential next step towards continuous auditing. ...

doi:10.1007/978-3-319-15895-2_8 fatcat:cju26jzzsvesdh622exfuzperm

This heterogeneous ecosystem leads to challenges in systems scalability, interoperability, information security, and data quality domains. ... Therefore, the manufacturing industry is currently in a situation that the legacy and modern manufacturing systems share the same factory environment. ... Conflicts of Interest: The authors declare no conflict of interest. Sensors 2020, 20, 6456 ...

doi:10.3390/s20226456 pmid:33198154 pmcid:PMC7696017 fatcat:ez2f5ldkcre6xjp2lr2q6tgo3m

DOAJ

Also, the launch order of elements in the chain may vary, leading to different measurement values in PCRs. Keeping track of the expected values for integrity measurements becomes a nettlesome task. ... If this measurement chain continues through the entire boot sequence, the resultant PCR values will reflect the measurement of all files used. ...

doi:10.1007/978-1-4302-6146-9_3 fatcat:z5lukpm6szf23jlnujjnmqhv4i

Towards automating the security compliance value chain

Preserved Fulltext

Cyber Security in Cloud: Risk Assessment Models [article]

Preserved Fulltext

Project Data Categorization, Adoption Factors, and Non-Functional Requirements for Blockchain Based Digital Twins in the Construction Industry 4.0

Preserved Fulltext

Evidence Collection in Cloud Provider Chains

Preserved Fulltext

An approach for a business-driven cloudcompliance analysis covering public sector process improvement requirements [article]

Preserved Fulltext

AN APPROACH FOR A BUSINESS-DRIVEN CLOUDCOMPLIANCE ANALYSIS COVERING PUBLIC SECTOR PROCESS IMPROVEMENT REQUIREMENTS

Preserved Fulltext

The Governance of Corporate Forensics Using COBIT, NIST and Increased Automated Forensic Approaches

Preserved Fulltext

What's Next in the Digital Transformation of Financial Industry?

Preserved Fulltext

Multi-objective optimization for preemptive & predictive supply chain operation

Preserved Fulltext

Enterprise Robotic Process Automation

Preserved Fulltext

Continuous Control Monitoring-Based Regulation: A Case in the Meat Processing Industry [chapter]

Preserved Fulltext

How Correct and Defect Decision Support Systems Influence Trust, Compliance, and Performance in Supply Chain and Quality Management [chapter]

Preserved Fulltext

Online Compliance Monitoring of Service Landscapes [chapter]

Preserved Fulltext

Blockchain Reference System Architecture Description for the ISA95 Compliant Traditional and Smart Manufacturing Systems

Preserved Fulltext

Platform Boot Integrity: Foundation for Trusted Compute Pools [chapter]

Preserved Fulltext