An Integrated Solution for Runtime Compliance Governance in SOA

A
Aliaksandr BirukouVice President em Springer Nature
An Integrated Solution for Runtime Compliance Governance in SOA Aliaksandr Birukou , Vincenzo D’Andrea,  Frank Leymann, Ja- cek Serafinski, Patricia Silveira, Steve Strauch, Marek Tluczek COMPAS Compliance-driven Models, Languages, and Architectures for Services "The COMPAS project will design and implement novel models, languages, and an architectural framework to ensure dynamic and on-going compliance of software services to business regulations and stated user service-requirements. COMPAS will use model-driven techniques, domain-specific languages, and service-oriented infrastructure software to enable organizations developing business compliance solutions easier and faster“ http://www.compas-ict.eu
Compliance ,[object Object],Compliant ? Sarbanes-Oxley Act Basel III Security policy
Do I care about compliance ? Image from http://www.blogfinanza.com/wp-content/uploads/2010/09/banca1.jpg ECB Image from  http://www.exponent.com/Nuclear-Plant-Services-Capabilities/ AEG GSE http://altocasertano.files.wordpress.com/2007/12/rifiuti1.jpg Ministry of Natural Resources http://www.seebiz.eu/hr/tvrtke/transport/pevec-transporti-u-stecaju,65063.html Ministry of transportation Legge n.6 06/02/2009 Legge n. 152 13/08/2010 Sarbanes-Oxley Act Basel III Direttiva 2010/40/UE Direttiva 2009/548/CE Decreto 10/09/2010 Direttiva 2008/763/CE
Not yet convinced?
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],GRC Spending forecast Source: AMR Research, 2009 Compliance market
2010 GRC software investments priorities Source: AMR Research, 2009 18% Compliance management 17% 16% Business process management 15% Continuous control monitoring Security (internal/external) Risk management Sustainability software Documents/record management Reporting 14% 12% 11% 10% Investments priorities
About COMPAS ,[object Object],[object Object],[object Object],[object Object],[object Object]
Case study: Advanced Telecom Services Internet Internet ... Audio providers Video providers MVNO company AudioSport License FootballGames License EU MVNO directives Austria Telecommunication Act 2003 Bob Alice Carol Customer contracts
Problem ,[object Object],[object Object],[object Object],AudioSport License FootballGames License EU MVNO directives Austria Telecommunication Act 2003 Customer contracts
Compliance governance in COMPAS Internalization Design Regulations, business contracts, standards Internal  policies Business  processes Events Execution  data Internal evaluation Business  execution Auditor Runtime compliance governance
Compliance Domains in COMPAS Regulations Licenses QoS
1. Selecting compliance sources and requirements Pay-per-view plan When  MVNO  company subscribes for the Pay-per-view plan it has to pay  29.90 euro first  and  then receive 300   streams from the media supplier Composition permission VideoSport  can only have audio streams from  AudioSport Availability The WatchMe service must deliver a valid URL at least in 90% of requests per customer subscription.  VideoSport License FootballGames License EU MVNO directives Austria Telecommunication Act 2003 Customer contracts
1. From high-level DSLs to code Code generation
2. Process (re-)design ,[object Object],[object Object],Apache ODE Process Deployed Event BPEL file XPath Trace Trace BPEL file Traceability
3. Monitoring. Complex Event Processing
3. Monitoring -  ETL and Data Warehouse
4.Informing on the current state of compliance Compliance indicators Different types of compliance Details on compliance
4.Informing on the current state of compliance
Current Practice vs. COMPAS Approach ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Pros ,[object Object],[object Object],[object Object],Cons ,[object Object],[object Object]
Future work ,[object Object],[object Object],[object Object],[object Object],[object Object],Learn more about our approach
More about COMPAS at ICSOC’2010 ,[object Object],[object Object],[object Object],[object Object],[object Object],Tomorrow
COMPAS Dissemination Workshop ,[object Object],[object Object]
Questions? Thanks for your attention! Contacts ,[object Object],[object Object],[object Object],[object Object]
1 de 24

Recomendados

OSGi for In-Vehicle Systems por
OSGi for In-Vehicle Systems OSGi for In-Vehicle Systems
OSGi for In-Vehicle Systems OSGiUsers
3.5K visualizações27 slides
Connected cars - Internet of Things Mumbai (IoTMUM) por
Connected cars - Internet of Things Mumbai (IoTMUM)Connected cars - Internet of Things Mumbai (IoTMUM)
Connected cars - Internet of Things Mumbai (IoTMUM)Sachin Pukale
3K visualizações26 slides
Role of Cyber security in Automotive por
Role of Cyber security in AutomotiveRole of Cyber security in Automotive
Role of Cyber security in AutomotiveSophia Lorenn
27 visualizações1 slide
Industry's Best Automotive Cybersecurity Training Course por
Industry's Best Automotive Cybersecurity Training CourseIndustry's Best Automotive Cybersecurity Training Course
Industry's Best Automotive Cybersecurity Training CourseBryan Len
135 visualizações18 slides
Infographic: Critical communication at the crossroads por
Infographic: Critical communication at the crossroadsInfographic: Critical communication at the crossroads
Infographic: Critical communication at the crossroadsPetr Nemec
111 visualizações1 slide
CiCS March 2010 Teldev por
CiCS March 2010 TeldevCiCS March 2010 Teldev
CiCS March 2010 TeldevCSaC
195 visualizações6 slides

Mais conteúdo relacionado

Destaque

2011 Small Business Presentation for HAUL por
2011 Small Business Presentation for HAUL2011 Small Business Presentation for HAUL
2011 Small Business Presentation for HAULErin McClarty
2.8K visualizações23 slides
PCQuest CIO Tech Priorities Survey 2014 por
PCQuest CIO Tech Priorities Survey 2014PCQuest CIO Tech Priorities Survey 2014
PCQuest CIO Tech Priorities Survey 2014Anil Chopra
671 visualizações12 slides
Chapter 2 4 por
Chapter 2 4Chapter 2 4
Chapter 2 4gmaidekamido
654 visualizações97 slides
12 por
1212
12mujeebshair
541 visualizações54 slides
Escala F F por
Escala  F FEscala  F F
Escala F Falondra
286 visualizações4 slides
Measuring the potential of viral stuff por
Measuring the potential of viral stuffMeasuring the potential of viral stuff
Measuring the potential of viral stuffBruno Mendonça
420 visualizações17 slides

Destaque(20)

2011 Small Business Presentation for HAUL por Erin McClarty
2011 Small Business Presentation for HAUL2011 Small Business Presentation for HAUL
2011 Small Business Presentation for HAUL
Erin McClarty2.8K visualizações
PCQuest CIO Tech Priorities Survey 2014 por Anil Chopra
PCQuest CIO Tech Priorities Survey 2014PCQuest CIO Tech Priorities Survey 2014
PCQuest CIO Tech Priorities Survey 2014
Anil Chopra671 visualizações
Chapter 2 4 por gmaidekamido
Chapter 2 4Chapter 2 4
Chapter 2 4
gmaidekamido654 visualizações
12 por mujeebshair
1212
12
mujeebshair541 visualizações
Escala F F por alondra
Escala  F FEscala  F F
Escala F F
alondra286 visualizações
Measuring the potential of viral stuff por Bruno Mendonça
Measuring the potential of viral stuffMeasuring the potential of viral stuff
Measuring the potential of viral stuff
Bruno Mendonça420 visualizações
Choose Respect Final Assessment por guest78c6cc12
Choose Respect Final AssessmentChoose Respect Final Assessment
Choose Respect Final Assessment
guest78c6cc12201 visualizações
Tonteras de niño, relevancia creativa de adulto por Óscar Solano Brenes
Tonteras de niño, relevancia creativa de adultoTonteras de niño, relevancia creativa de adulto
Tonteras de niño, relevancia creativa de adulto
Óscar Solano Brenes174 visualizações
E Learning Benefits por Wilson Araromi
E Learning BenefitsE Learning Benefits
E Learning Benefits
Wilson Araromi182 visualizações
Russell Simmons Ppt por Dacia Driscoll
Russell Simmons PptRussell Simmons Ppt
Russell Simmons Ppt
Dacia Driscoll885 visualizações
Electrical characteristics por dijahapple
Electrical characteristicsElectrical characteristics
Electrical characteristics
dijahapple237 visualizações
1 6 Attempt 2 por gmaidekamido
1 6 Attempt 21 6 Attempt 2
1 6 Attempt 2
gmaidekamido509 visualizações
Chapter 2 3 por gmaidekamido
Chapter 2 3Chapter 2 3
Chapter 2 3
gmaidekamido537 visualizações
College 1 4 por gmaidekamido
College 1 4College 1 4
College 1 4
gmaidekamido609 visualizações
Overview por gmaidekamido
OverviewOverview
Overview
gmaidekamido380 visualizações
College chapter 1 2 por gmaidekamido
College chapter 1 2College chapter 1 2
College chapter 1 2
gmaidekamido1.3K visualizações
Assistive Technology Webquest por angtapper
Assistive Technology WebquestAssistive Technology Webquest
Assistive Technology Webquest
angtapper325 visualizações
Kotu2009 juha kreus kriisiviestintä 91009 por Juha Kreus
Kotu2009 juha kreus kriisiviestintä 91009Kotu2009 juha kreus kriisiviestintä 91009
Kotu2009 juha kreus kriisiviestintä 91009
Juha Kreus649 visualizações
10 Things A Non-profit Should Include In Its Contracts por Erin McClarty
10 Things A Non-profit Should Include In Its Contracts10 Things A Non-profit Should Include In Its Contracts
10 Things A Non-profit Should Include In Its Contracts
Erin McClarty436 visualizações
Global tax 50 2016 international tax review por Pallavi M
Global tax 50 2016   international tax reviewGlobal tax 50 2016   international tax review
Global tax 50 2016 international tax review
Pallavi M245 visualizações

Similar a An Integrated Solution for Runtime Compliance Governance in SOA

IMS Integration Challenges (2010) por
IMS Integration Challenges (2010)IMS Integration Challenges (2010)
IMS Integration Challenges (2010)Marc Jadoul
1.3K visualizações13 slides
SOA e IMS (NGN) por
SOA e IMS (NGN)SOA e IMS (NGN)
SOA e IMS (NGN)Davi Silva
659 visualizações26 slides
Infonova Telco1 0 2 0 Bss Rel 6 Introduction V10 Timpact por
Infonova Telco1 0  2 0 Bss Rel 6 Introduction V10 TimpactInfonova Telco1 0  2 0 Bss Rel 6 Introduction V10 Timpact
Infonova Telco1 0 2 0 Bss Rel 6 Introduction V10 Timpactfantastic1
2.6K visualizações80 slides
Cuae Business Values V 1.8.2 por
Cuae   Business Values V 1.8.2Cuae   Business Values V 1.8.2
Cuae Business Values V 1.8.2Chinmoy Misra
350 visualizações77 slides
IBM - Video Communications - An Enterprise Perspective por
IBM - Video Communications - An Enterprise PerspectiveIBM - Video Communications - An Enterprise Perspective
IBM - Video Communications - An Enterprise PerspectiveIMTC
454 visualizações23 slides
Ecosystem Building for Hong Kong's IT Industry por
Ecosystem Building for Hong Kong's IT IndustryEcosystem Building for Hong Kong's IT Industry
Ecosystem Building for Hong Kong's IT IndustryAsia Pacific Cloud Apps Alliance
987 visualizações37 slides

Similar a An Integrated Solution for Runtime Compliance Governance in SOA(20)

IMS Integration Challenges (2010) por Marc Jadoul
IMS Integration Challenges (2010)IMS Integration Challenges (2010)
IMS Integration Challenges (2010)
Marc Jadoul1.3K visualizações
SOA e IMS (NGN) por Davi Silva
SOA e IMS (NGN)SOA e IMS (NGN)
SOA e IMS (NGN)
Davi Silva659 visualizações
Infonova Telco1 0 2 0 Bss Rel 6 Introduction V10 Timpact por fantastic1
Infonova Telco1 0  2 0 Bss Rel 6 Introduction V10 TimpactInfonova Telco1 0  2 0 Bss Rel 6 Introduction V10 Timpact
Infonova Telco1 0 2 0 Bss Rel 6 Introduction V10 Timpact
fantastic12.6K visualizações
Cuae Business Values V 1.8.2 por Chinmoy Misra
Cuae   Business Values V 1.8.2Cuae   Business Values V 1.8.2
Cuae Business Values V 1.8.2
Chinmoy Misra350 visualizações
IBM - Video Communications - An Enterprise Perspective por IMTC
IBM - Video Communications - An Enterprise PerspectiveIBM - Video Communications - An Enterprise Perspective
IBM - Video Communications - An Enterprise Perspective
IMTC454 visualizações
Challenges opportunities 2017 onwards v5.0. por frankjoh
Challenges opportunities 2017   onwards v5.0.Challenges opportunities 2017   onwards v5.0.
Challenges opportunities 2017 onwards v5.0.
frankjoh161 visualizações
Craft2.ppt por webhostingguy
Craft2.pptCraft2.ppt
Craft2.ppt
webhostingguy206 visualizações
Craft2.ppt por webhostingguy
Craft2.pptCraft2.ppt
Craft2.ppt
webhostingguy363 visualizações
Advanced Advertising Standards in the Cable Space por Sigma Systems
Advanced Advertising Standards in the Cable SpaceAdvanced Advertising Standards in the Cable Space
Advanced Advertising Standards in the Cable Space
Sigma Systems1.7K visualizações
Advanced Advertising Standards in the Cable Space por Sigma Systems
Advanced Advertising Standards in the Cable SpaceAdvanced Advertising Standards in the Cable Space
Advanced Advertising Standards in the Cable Space
Sigma Systems10 visualizações
OEM - запчасти на проводе por Sergey Zhdanov
OEM - запчасти на проводеOEM - запчасти на проводе
OEM - запчасти на проводе
Sergey Zhdanov406 visualizações
Overview of Selected Current MPEG Activities por Alpen-Adria-Universität
Overview of Selected Current MPEG ActivitiesOverview of Selected Current MPEG Activities
Overview of Selected Current MPEG Activities
Alpen-Adria-Universität834 visualizações
Overview of Selected Current MPEG Activities por Alpen-Adria-Universität
Overview of Selected Current MPEG ActivitiesOverview of Selected Current MPEG Activities
Overview of Selected Current MPEG Activities
Alpen-Adria-Universität440 visualizações
Rep Presentation V4 13 por lyndonroberts
Rep Presentation V4 13Rep Presentation V4 13
Rep Presentation V4 13
lyndonroberts301 visualizações
The Architectural Models Of UC por Ronald Gruia
The Architectural Models Of UCThe Architectural Models Of UC
The Architectural Models Of UC
Ronald Gruia807 visualizações
AT_2006-07_IMS_Accenture.pdf por MahmudChowdhury15
AT_2006-07_IMS_Accenture.pdfAT_2006-07_IMS_Accenture.pdf
AT_2006-07_IMS_Accenture.pdf
MahmudChowdhury1512 visualizações
Ascom workshop qoe qos-newparadigm_4g por Adrian Hall
Ascom workshop qoe qos-newparadigm_4gAscom workshop qoe qos-newparadigm_4g
Ascom workshop qoe qos-newparadigm_4g
Adrian Hall753 visualizações
A Model Of An Integrated Unified Communication Network Using Public Switched ... por Becky Gilbert
A Model Of An Integrated Unified Communication Network Using Public Switched ...A Model Of An Integrated Unified Communication Network Using Public Switched ...
A Model Of An Integrated Unified Communication Network Using Public Switched ...
Becky Gilbert2 visualizações
Project Business Case and Capital Justification for Implementation of Applica... por Duane Bodle
Project Business Case and Capital Justification for Implementation of Applica...Project Business Case and Capital Justification for Implementation of Applica...
Project Business Case and Capital Justification for Implementation of Applica...
Duane Bodle1.1K visualizações

Mais de Aliaksandr Birukou

Publishing conference proceedings internationally: how does it work por
Publishing conference proceedings internationally: how does it workPublishing conference proceedings internationally: how does it work
Publishing conference proceedings internationally: how does it workAliaksandr Birukou
38 visualizações44 slides
Технические аспекты публикации на нескольких языках – как правильно связать DOI por
Технические аспекты публикации на нескольких языках – как правильно связать DOIТехнические аспекты публикации на нескольких языках – как правильно связать DOI
Технические аспекты публикации на нескольких языках – как правильно связать DOIAliaksandr Birukou
96 visualizações15 slides
Conference Identity: persistent identifiers for conferences por
Conference Identity: persistent identifiers for conferencesConference Identity: persistent identifiers for conferences
Conference Identity: persistent identifiers for conferencesAliaksandr Birukou
128 visualizações34 slides
Springer LOD conference portal. Demo paper - screenshots por
Springer LOD conference portal. Demo paper - screenshotsSpringer LOD conference portal. Demo paper - screenshots
Springer LOD conference portal. Demo paper - screenshotsAliaksandr Birukou
281 visualizações24 slides
PersistentIDs and CrossMark for Conference Proceedings por
PersistentIDs and CrossMark for Conference ProceedingsPersistentIDs and CrossMark for Conference Proceedings
PersistentIDs and CrossMark for Conference ProceedingsAliaksandr Birukou
369 visualizações15 slides
Publishing conference proceedings internationally: Tips and tricks por
Publishing conference proceedings internationally: Tips and tricksPublishing conference proceedings internationally: Tips and tricks
Publishing conference proceedings internationally: Tips and tricksAliaksandr Birukou
223 visualizações42 slides

Mais de Aliaksandr Birukou(20)

Publishing conference proceedings internationally: how does it work por Aliaksandr Birukou
Publishing conference proceedings internationally: how does it workPublishing conference proceedings internationally: how does it work
Publishing conference proceedings internationally: how does it work
Aliaksandr Birukou38 visualizações
Технические аспекты публикации на нескольких языках – как правильно связать DOI por Aliaksandr Birukou
Технические аспекты публикации на нескольких языках – как правильно связать DOIТехнические аспекты публикации на нескольких языках – как правильно связать DOI
Технические аспекты публикации на нескольких языках – как правильно связать DOI
Aliaksandr Birukou96 visualizações
Conference Identity: persistent identifiers for conferences por Aliaksandr Birukou
Conference Identity: persistent identifiers for conferencesConference Identity: persistent identifiers for conferences
Conference Identity: persistent identifiers for conferences
Aliaksandr Birukou128 visualizações
Springer LOD conference portal. Demo paper - screenshots por Aliaksandr Birukou
Springer LOD conference portal. Demo paper - screenshotsSpringer LOD conference portal. Demo paper - screenshots
Springer LOD conference portal. Demo paper - screenshots
Aliaksandr Birukou281 visualizações
PersistentIDs and CrossMark for Conference Proceedings por Aliaksandr Birukou
PersistentIDs and CrossMark for Conference ProceedingsPersistentIDs and CrossMark for Conference Proceedings
PersistentIDs and CrossMark for Conference Proceedings
Aliaksandr Birukou369 visualizações
Publishing conference proceedings internationally: Tips and tricks por Aliaksandr Birukou
Publishing conference proceedings internationally: Tips and tricksPublishing conference proceedings internationally: Tips and tricks
Publishing conference proceedings internationally: Tips and tricks
Aliaksandr Birukou223 visualizações
Linked Open Data about Springer Nature conferences. The story so far por Aliaksandr Birukou
Linked Open Data about Springer Nature conferences. The story so farLinked Open Data about Springer Nature conferences. The story so far
Linked Open Data about Springer Nature conferences. The story so far
Aliaksandr Birukou312 visualizações
Creating a dataset of peer review in computer science conferences published b... por Aliaksandr Birukou
Creating a dataset of peer review in computer science conferences published b...Creating a dataset of peer review in computer science conferences published b...
Creating a dataset of peer review in computer science conferences published b...
Aliaksandr Birukou1.7K visualizações
Linked Data Initiatives at Springer Verlag por Aliaksandr Birukou
Linked Data Initiatives at Springer Verlag Linked Data Initiatives at Springer Verlag
Linked Data Initiatives at Springer Verlag
Aliaksandr Birukou611 visualizações
Diversity-aware search for people, content, events AND Diversity-aware hiring... por Aliaksandr Birukou
Diversity-aware search for people, content, events AND Diversity-aware hiring...Diversity-aware search for people, content, events AND Diversity-aware hiring...
Diversity-aware search for people, content, events AND Diversity-aware hiring...
Aliaksandr Birukou349 visualizações
Diversity-aware search for people, content, events AND Diversity-aware hiring... por Aliaksandr Birukou
Diversity-aware search for people, content, events AND Diversity-aware hiring...Diversity-aware search for people, content, events AND Diversity-aware hiring...
Diversity-aware search for people, content, events AND Diversity-aware hiring...
Aliaksandr Birukou594 visualizações
20101112 librinnovando liquidpub por Aliaksandr Birukou
20101112 librinnovando liquidpub20101112 librinnovando liquidpub
20101112 librinnovando liquidpub
Aliaksandr Birukou629 visualizações
Is peer review any good? A quantitative analysis of peer review por Aliaksandr Birukou
Is peer review any good? A quantitative analysis of peer reviewIs peer review any good? A quantitative analysis of peer review
Is peer review any good? A quantitative analysis of peer review
Aliaksandr Birukou890 visualizações
Liquid Journals - Intro and RoadMap por Aliaksandr Birukou
Liquid Journals - Intro and RoadMapLiquid Journals - Intro and RoadMap
Liquid Journals - Intro and RoadMap
Aliaksandr Birukou570 visualizações
Liquid Journals. Overview. How social computing and liquid knowledge will sha... por Aliaksandr Birukou
Liquid Journals. Overview. How social computing and liquid knowledge will sha...Liquid Journals. Overview. How social computing and liquid knowledge will sha...
Liquid Journals. Overview. How social computing and liquid knowledge will sha...
Aliaksandr Birukou475 visualizações
Automated Experimentation in Social Informatics por Aliaksandr Birukou
Automated Experimentation in Social InformaticsAutomated Experimentation in Social Informatics
Automated Experimentation in Social Informatics
Aliaksandr Birukou871 visualizações
General presentation of the LiquidPub project por Aliaksandr Birukou
General presentation of the LiquidPub projectGeneral presentation of the LiquidPub project
General presentation of the LiquidPub project
Aliaksandr Birukou1.1K visualizações
General presentation of the LiquidPub project por Aliaksandr Birukou
General presentation of the LiquidPub projectGeneral presentation of the LiquidPub project
General presentation of the LiquidPub project
Aliaksandr Birukou246 visualizações
Peer Review in the LiquidPub project por Aliaksandr Birukou
Peer Review in the LiquidPub projectPeer Review in the LiquidPub project
Peer Review in the LiquidPub project
Aliaksandr Birukou365 visualizações
LiquidPub: Services at Service of Science por Aliaksandr Birukou
LiquidPub: Services at Service of ScienceLiquidPub: Services at Service of Science
LiquidPub: Services at Service of Science
Aliaksandr Birukou414 visualizações

Último

VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue por
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueShapeBlue
134 visualizações54 slides
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit... por
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...ShapeBlue
86 visualizações25 slides
State of the Union - Rohit Yadav - Apache CloudStack por
State of the Union - Rohit Yadav - Apache CloudStackState of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStackShapeBlue
218 visualizações53 slides
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... por
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...ShapeBlue
128 visualizações20 slides
NTGapps NTG LowCode Platform por
NTGapps NTG LowCode Platform NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform Mustafa Kuğu
287 visualizações30 slides
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... por
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...ShapeBlue
69 visualizações29 slides

Último(20)

VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue por ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
ShapeBlue134 visualizações
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit... por ShapeBlue
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
ShapeBlue86 visualizações
State of the Union - Rohit Yadav - Apache CloudStack por ShapeBlue
State of the Union - Rohit Yadav - Apache CloudStackState of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStack
ShapeBlue218 visualizações
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... por ShapeBlue
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
ShapeBlue128 visualizações
NTGapps NTG LowCode Platform por Mustafa Kuğu
NTGapps NTG LowCode Platform NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform
Mustafa Kuğu287 visualizações
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... por ShapeBlue
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
ShapeBlue69 visualizações
Ransomware is Knocking your Door_Final.pdf por Security Bootcamp
Ransomware is Knocking your Door_Final.pdfRansomware is Knocking your Door_Final.pdf
Ransomware is Knocking your Door_Final.pdf
Security Bootcamp81 visualizações
Kyo - Functional Scala 2023.pdf por Flavio W. Brasil
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdf
Flavio W. Brasil443 visualizações
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f... por TrustArc
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc130 visualizações
DRBD Deep Dive - Philipp Reisner - LINBIT por ShapeBlue
DRBD Deep Dive - Philipp Reisner - LINBITDRBD Deep Dive - Philipp Reisner - LINBIT
DRBD Deep Dive - Philipp Reisner - LINBIT
ShapeBlue110 visualizações
Data Integrity for Banking and Financial Services por Precisely
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial Services
Precisely76 visualizações
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T por ShapeBlue
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&TCloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
ShapeBlue81 visualizações
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool por ShapeBlue
Extending KVM Host HA for Non-NFS Storage -  Alex Ivanov - StorPoolExtending KVM Host HA for Non-NFS Storage -  Alex Ivanov - StorPool
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool
ShapeBlue56 visualizações
Digital Personal Data Protection (DPDP) Practical Approach For CISOs por Priyanka Aash
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash103 visualizações
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue por ShapeBlue
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlueMigrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue
ShapeBlue147 visualizações
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... por ShapeBlue
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
ShapeBlue121 visualizações
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P... por ShapeBlue
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
ShapeBlue120 visualizações
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue por ShapeBlue
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlueCloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue
ShapeBlue68 visualizações
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue por ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
ShapeBlue75 visualizações
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava... por ShapeBlue
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
ShapeBlue74 visualizações

An Integrated Solution for Runtime Compliance Governance in SOA

  • 1. An Integrated Solution for Runtime Compliance Governance in SOA Aliaksandr Birukou , Vincenzo D’Andrea, Frank Leymann, Ja- cek Serafinski, Patricia Silveira, Steve Strauch, Marek Tluczek COMPAS Compliance-driven Models, Languages, and Architectures for Services "The COMPAS project will design and implement novel models, languages, and an architectural framework to ensure dynamic and on-going compliance of software services to business regulations and stated user service-requirements. COMPAS will use model-driven techniques, domain-specific languages, and service-oriented infrastructure software to enable organizations developing business compliance solutions easier and faster“ http://www.compas-ict.eu
  • 2.
  • 3. Do I care about compliance ? Image from http://www.blogfinanza.com/wp-content/uploads/2010/09/banca1.jpg ECB Image from http://www.exponent.com/Nuclear-Plant-Services-Capabilities/ AEG GSE http://altocasertano.files.wordpress.com/2007/12/rifiuti1.jpg Ministry of Natural Resources http://www.seebiz.eu/hr/tvrtke/transport/pevec-transporti-u-stecaju,65063.html Ministry of transportation Legge n.6 06/02/2009 Legge n. 152 13/08/2010 Sarbanes-Oxley Act Basel III Direttiva 2010/40/UE Direttiva 2009/548/CE Decreto 10/09/2010 Direttiva 2008/763/CE
  • 5.
  • 6. 2010 GRC software investments priorities Source: AMR Research, 2009 18% Compliance management 17% 16% Business process management 15% Continuous control monitoring Security (internal/external) Risk management Sustainability software Documents/record management Reporting 14% 12% 11% 10% Investments priorities
  • 7.
  • 8. Case study: Advanced Telecom Services Internet Internet ... Audio providers Video providers MVNO company AudioSport License FootballGames License EU MVNO directives Austria Telecommunication Act 2003 Bob Alice Carol Customer contracts
  • 9.
  • 10. Compliance governance in COMPAS Internalization Design Regulations, business contracts, standards Internal policies Business processes Events Execution data Internal evaluation Business execution Auditor Runtime compliance governance
  • 11. Compliance Domains in COMPAS Regulations Licenses QoS
  • 12. 1. Selecting compliance sources and requirements Pay-per-view plan When MVNO company subscribes for the Pay-per-view plan it has to pay 29.90 euro first and then receive 300 streams from the media supplier Composition permission VideoSport can only have audio streams from AudioSport Availability The WatchMe service must deliver a valid URL at least in 90% of requests per customer subscription. VideoSport License FootballGames License EU MVNO directives Austria Telecommunication Act 2003 Customer contracts
  • 13. 1. From high-level DSLs to code Code generation
  • 14.
  • 15. 3. Monitoring. Complex Event Processing
  • 16. 3. Monitoring - ETL and Data Warehouse
  • 17. 4.Informing on the current state of compliance Compliance indicators Different types of compliance Details on compliance
  • 18. 4.Informing on the current state of compliance
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.

Notas do Editor

  1. I’ll show later how we derive requirements, etc
  2. Waste management
  3. Solutions like COMPAS can help companies to save those money buy providing more automated controls
  4. COMPAS – Compliance-driven Models, Languages and Architectures for services
  5. The case study we consider deals with telecommunication domain[CLICK] There is a Virtual Mobile Network Operator which uses network of other operators to provide additional services[CLICK] It combines video and audio from different content providers and streams sport content to its customers over the internet This case study focuses on particularly challenging evnironment, since network infrastructure and many applications that provide service components are owned and managed by different interprises, including third party application providers, network carriers and the MVNO company. The business of the MVNO company must run in accordance with different regulations.[CLICK] And it also must adhere contracts with audio and video providers and contracts of their customers. So, it faces the problem of ensuring the compliance with all those regulations. If they do not comply they can be sued by the companies, loose customers, or loose a lot of money in fines because of not following legislation. Now we will show how our approach allows the company to deal with those concerns in a systematic manner.
  6. selecting the sources to be compliant with and designing corresponding compliance requirements; (2) (re-)designing business processes compliant with the selected requirements; (3) monitoring compliance of processes during their execution; (4) informing interested parties (managers, auditors) on the current state of compliance; (5) taking specific actions or chang- ing the processes in cases of (predicted or happened) non-compliance. DESIGN ASPECTS – in parallel session
  7. Benefits of our solution
  8. … and we presented runtime aspects of such system
  9. STARTUP on compas – contact US!