Title: Achieving Traceable Compliance using the Ampersand Method
1Achieving Traceable Compliance using the
Ampersand Method
- Open University of the Netherlands
- TouW gathering March 6th 2010
- Henriëtte Sangers
2Different aspects research
IT systems development
Compliance
Business Ontologies
Ampersand Method
GAP
3Mind the Gap
Obedience
Follow rules
Compliance
Respect others
Do the right thing
The limits of our language mean the limits of our
world Wittgenstein (1922)
4Two Gaps in IT Systems Development
- Different use of concepts misunderstandings
about - desired functionality
- Wrong implementation of correctly understood
- desired functionality
- Contribute to the bad track record of IT projects
5The importance of beingan OU student
- Usually you are olderwhats so great about that?
- Lets try more mature? More experienced?
- gt If you work in IT you saw the gap
- If you really want to know the gap cross it!
- gt Use the opportunities to experience the other
side
- Chance to get better understanding of mutual
dependency - Business - IT
6Compliance
Organisations operating according to rules and
regulations set for this type of organisation.
Barings
ING
ABN AMRO
Financial World
IceSave
Lehman Brothers
New regulations to restore public trust in the
financial system
gt Focus now on getting it right
People, procedures and IT-systems all need to be
compliant!
7Compliance Challenge
- Adapt to rapidly changing ruling in a
competitive market - stay flexible
- change at low costs
- Specific difficulties compliance
- translating compliance ruling into measures for
organisation - many rules and regulations from different
sources - traceability - proving compliance
8Compliance Challenge - surveys
Mercury US and European businesses expect a
large part of IT budgets will go to compliance
projects in the coming years
Deloitte and Touche Complexity of IT environments
is seen as a major impediment in compliance
projects
Gartner Organisations can experience a
competitive advantage by handling compliance
issues more efficiently than others
9The Ampersand Method I
Stef Joosten
- Rule based Business Process Management
- Formal approach to IT systems development
- Succeeds / incorporates
- Calculating with Concepts finding and verifying
business rules - ADL (A Description Language) capturing business
rules
- building blocks
- Concepts entities which are important to users
- Relations associations between concepts
- Rules invariants, represent business logic
10The Ampersand Method II
- Based on relation algebra, can be used to
- Get clarity about specifications (cycle chasing)
- Specifying and even generating IT systems which
can be proven - to implement business logic (as in business
rules) correctly.
- Business processes are derived from business
rules, - not built with them.
11Bridging the Gap Ontologies
- How to represent the real world ontologies, the
silver bullet?
- Everybody his own ontology solving problems or
raising - misunderstandings to a higher level?
- Long history in IT Systems Analysis and Design
(ISAD), - a.o. Bunge-Wand-Weber representation model
- Why use ontologies in IT
- Enabling common understanding sofa/couch,
property/attribute - Reuse domain knowledge
- Make domain knowledge explicit, support analysis
12Use of Ontologies in IT
- Applications information integration, P2P
information sharing, - web service composition, ambient
intelligence, web navigating - and querying (Marktplaats)
- Recent developments in the area of automated
concept matching - and ontology integration
13Ampersand, Business Ontologies and Compliance
- Business (compliance) rules can be used
directly, no need to - program business processes
- All business (compliance) logic in one place,
easy to check by - users and auditors
- Mathematical prove that functionality matches
business - (compliance) rules can be provided
- Business ontologies easy to use with Ampersand,
help bridge - the gap between compliance ruling and business
concepts
14Research at Purdue University
- CERIAS program Center for Education and
Research in - Information Assurance and Security
- Computer Science Research group dedicated to
Digital - Identity Management and Protection
- Articles on
- traceable and flexible compliance with privacy
ruling - use of ontologies to support common
understanding of concepts
15Articles Purdue University
Examples
- Achieving Privacy in Trust Negotiations with an
Ontology-Based Approach. - IEEE Transactions on Dependable and Secure
Computing, January-March 2006
- Traceable and Automatic Compliance of Privacy
Policies in Federated Digital - Identity Management. 6th Workshop on Privacy
Enhancing Technologies. - Cambridge University UK, 2006.
16The Case
- Federated environment of medical service
providers and patients - Automated exchange of patients information
among service providers - Compliance with patients privacy preferences
- Breaches of trust need to be traceable
- Other requirements
- common understanding of concepts (medical,
privacy preferences) - automated matching of concepts
- flexibility and traceability
17Purdue Solution I
- Check isMoreStrict
- A. Privacy preference templates
- PPx stricter than Ppy if x lt y
18Purdue Solution II
- B. Customized privacy preferences More complex
checks / ordening.
3. Check logging - trace back
19Ampersand SolutionConcepts, Relations and Rules
- Concepts entities which are important to users
- CONCEPT "Participant" "party in federated service
network, person or service provider." - CONCEPT "PrivacyPreference" "a policy statement
about how to deal with information" - CONCEPT "Data" "the type of data that can be
stored of a person."
- Relations associations between concepts
- belongsTo PrivacyPreference gt Participant
- subsumes PrivacyPreference PrivacyPreference
TRN,ASY - PRAGMA "" " subsumes, is less strict than
- requestsInformationFrom Participant
Participant
- Rules invariants, represent business logic
- requestsInformationFrom - (hasPrivacyPreference
hasPrivacyPreference) - \/
(hasPrivacyPreference subsumes
hasPrivacyPreference) - EXPLANATION "Information can only be requested
from a party with an equally - or less strict
privacy policy."
20Ampersand Solution - base
possible occurrences allowed occurrences actual
occurrences
x x x x x x x x
x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x xx x x x x x x x x x
x x x x x x xx x x x x x x x x x x x x
x x x x x x x x xxx x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x
x x x
requestsInformationFrom - (hasPrivacyPreference
hasPrivacyPreference)
\/ (hasPrivacyPreference
subsumes hasPrivacyPreference)
21Ampersand Solution - flexibility
possible occurrences allowed occurrences special
permission actual occurrences
x x x x x x x x
x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x xx x x x x x x x x x
x x x x x x xx x x x x x x x x x x x x
x x x x x x x x xxx x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x
x x x
requestsInformation - ((belongsTo hasPurpose
subsPurpose hasPurpose)
/\ (belongsTo refersToData
subsData refersToData))
\/ (permissionTo
permissionConcerns)
22Ampersand - ontologies
subsPurpose Purpose Purpose TRN,ASY
PRAGMA "" " subsumes, is less strict than"
("General-purpose", "Treatment")
("General-purpose", "Insurance")
("General-purpose", "Research") ("Research",
"Teaching") ("Research", "Development")
("Research", "Marketing") .
23Ampersand - ontology integration
possible occurrences allowed occurrences out of
bound occurrences
x x x x x x x x
x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x xx x x x x x x x x x
x x x x x x xx x x x x x x x x x x x x
x x x x x x x x xxx x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x x
x x x x x x x x x x x x x x x x x x
x x x
requestsInformationFrom - hasPrivacyPreference
hasPurpose subsPurpose
hasPurpose
hasPrivacyPreference EXPLANATION
"Information can only be requested from a party
with an equally
or less strict purpose policy."
24Ampersand - screen
25Solutions Compared
Ampersand
Purdue
- programming business processes
- deriving business processes from rules
- business logic in systems coding
- business logic in rule base
- mathematical prove provided
- mathematical prove not provided
- more familiar to most IT staff
26Conclusions I
- Ampersand method offers advantages in achieving
compliance in IT
- business rules used directly to generate IT
system - all business logic in one place, easy to check
- correct implementation can be proven
- Business ontologies enhance usability Ampersand
- easy to integrate with Ampersand / ADL
- help bridge gap between compliance- and business
concepts - allow combination of rule patterns / compliance
patterns
27Conclusions II
- Advantages Ampersand method combined with
business ontologies - reach beyond compliance
- help get clarity about desired functionality
- less discussion about implementation issues
- increase IT developers productivity
- enhance flexibility
28Further Research
- Automated matching of business logic and
(compliance) ruling, - supported by business ontologies
- Integrating Ampersand compliance- and business
rule patterns - to offer extended functionality in IT systems
development
- Generating a compliance certificate based on
correct matching - of compliance ruling and business concepts
29Master Thesis
- Choose a subject you like, after all you are
stuck with it!
- Choose a subject which is doable in the time you
want to spend
- Watch out for dependencies
- Combine with job or join existing research, take
into account - Level of freedom
- Academic level
- Time efficiency
- Say good bye to your friends and go for IT!
QUESTIONS?