CONTEXT THERE IS A GREAT VARIETY OF TECHNIQUES FOR PERFORMING AUTHENTICATION, LIKE THE USE OF TEXT PASSWORDS OR SMART CARDS. SOME TECHNIQUES COMBINE OTHERS INTO ONE, WHICH IS KNOWN AS MULTI-FACTOR AUTHENTICATION. THERE IS AN INTEREST IN KNOWING EXISTING AUTHENTICATION TECHNIQUES, INCLUDING THOSE AIMED AT MULTI-FACTOR AUTHENTICATION, AND THE FRAMEWORKS THAT CAN BE FOUND IN LITERATURE THAT ARE USED TO COMPARE AND SELECT THESE TECHNIQUES ACCORDING TO DIFFERENT CRITERIA. OBJECTIVE THIS ARTICLE AIMS TO GATHER THE EXISTING KNOWLEDGE ON AUTHENTICATION TECHNIQUES AND WAYS TO DISCERN THE MOST EFFECTIVE ONES FOR DIFFERENT CONTEXTS.

MUNICIPALITIES OR LOCAL GOVERNMENTS ARE THE CLOSEST GOVERNMENTAL ORGANIZATION TO THE CITIZENS. CONSEQUENTLY, THEY ARE PERMANENTLY SEARCHING NEW STRATEGIES FOR PROVIDING BETTER SERVICES TO THE COMMUNITY AND FOR MORE ADEQUATELY UNDERSTANDING ITS NEEDS. ACHIEVING THE LATTER CAN BE DONE IN AN IMPROVED MANNER THROUGH CITIZEN RELATIONSHIP MANAGEMENT (CIRM). BUT, ARE THERE EXISTING EXPERIENCES ON CIRM? AND WHAT IS REQUIRED FOR ITS IMPLEMENTATION? THIS ARTICLE PRESENTS THE RESULTS OF A SYSTEMATIC LITERATURE REVIEW THAT PRETENDS TO ANSWER THESE AND OTHER QUESTIONS REGARDING CIRM. LIKEWISE, THESE RESULTS ALLOWED TO IDENTIFY DIFFERENT TECHNOLOGIES THAT ARE USED IN THE IMPLEMENTATION OF CIRM, THEIR IMPACT ON MUNICIPALITIES AND HOW CAN THEY STRENGTHEN THE MUNICIPALITY-CITIZEN LINK. ALL OF THIS WILL CONSTITUTE THE FOUNDATION FOR GENERATING A CIRM IMPLEMENTATION MODEL APPLICABLE TO MUNICIPALITIES, PARTICULARLY THOSE WITH LESS RESOURCES THAT WANT TO FOCUS THEIR MANAGEMENT ON THE CITIZENS, IN THE FUTURE.

BUSINESS PROCESSES ARE VALUABLE RESOURCES FOR ENTERPRISES TO MAINTAIN THEIR COMPETITIVENESS. THEY ARE CHARACTERIZED BY DESCRIBING THE SET OF ACTIVITIES THAT ENTERPRISES PERFORM TO REACH THEIR OBJECTIVES. ON THE OTHER HAND, SECURITY IS ALSO AN ESSENTIAL ELEMENT IN CURRENT COMPETITIVENESS. ENTERPRISES INVEST RESOURCES IN KEEPING THEIR ASSETS PROTECTED AND WORRY ABOUT MAINTAINING THEIR CUSTOMERS TRUST. IN THIS WAY, ASPECTS SUCH AS CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY ARE IMPORTANT IN RELATION TO ENTERPRISE ACTIVITIES. IN THIS WORK, WE WILL DEFINE BUSINESS PROCESSES THAT INCORPORATE THE VIEWPOINT OF THE BUSINESS ANALYST REGARDING SECURITY. THE RESULT IS A SECURE BUSINESS PROCESS MODEL THAT IS USED FOR SOFTWARE CREATION UNDER A MODEL-DRIVEN APPROACH. IN THIS WORK, WE WILL SHOW THE MAIN ASPECTS OF THIS PROPOSAL, TAKING INTO CONSIDERATION A CASE STUDY THAT ALLOWS US TO SHOW ITS APPLICABILITY.

NOWADAYS, GOVERNMENTS OFTEN SHARE THEIR DATA WITH THE CITIZENS THROUGH DIVERSE DIGITAL PLATFORMS. THIS SHARING OF DATA, WHICH HAS NO RESTRICTIONS OR COSTS, HAS BEEN CALLED OPEN GOVERNMENT DATA. THE INCREASED USE OF THIS KIND OF DATA POSES SEVERAL CHALLENGES, SUCH AS THE QUALITY OF THE PROVIDED DATA. IT BECOMES NECESSARY TO EVALUATE FACTORS LIKE THE RELIABILITY, INTEGRITY, AND ACCURACY OF DATA AND APPLY GUIDELINES AND METRICS TO ENSURE ITS QUALITY FOR THE INTENDED USE. THIS WAY, IT IS NO LONGER SUFFICIENT TO MAKE DATA AVAILABLE, AS HAVING GUIDELINES TO EVALUATE ITS QUALITY FOR OTHER PUBLIC AGENCIES AND CITIZENS BECOMES A NECESSITY. THIS ARTICLE PRESENTS THE REALIZATION OF A SYSTEMATIC LITERATURE REVIEW TO RESEARCH EXISTING PROPOSALS FOCUSED ON EVALUATING OPEN GOVERNMENT DATA QUALITY AT A MUNICIPAL LEVEL. AS A RESULT OF THIS REVIEW, 56 ARTICLES HAVE BEEN IDENTIFIED. THESE ARE PRESENTED BASED ON 3 POSED RESEARCH QUESTIONS.

PROBLEMS ASSOCIATED WITH DATA QUALITY COST COMPANIES MILLIONS OF DOLLARS EVERY YEAR BECAUSE OF BAD DECISION-MAKING BASED ON INACCURATE INFORMATION, NONCOMPLIANCE WITH REGULATIONS, OR FAILURE TO TIMELY DEAL WITH CUSTOMER PROBLEMS. NOWADAYS, DATA HAVE BECOME ONE OF THE MOST VALUABLE ASSETS OF ORGANIZATIONS; DATA QUALITY IS NO LONGER A TASK INVOLVING ONLY INFORMATION TECHNOLOGY MANAGERS, BUSINESS MANAGERS ARE INCREASINGLY MORE IMPLICATED. IN THE CONTEXT OF BUSINESS MANAGEMENT PROCESSES, THE EARLY SPECIFICATION OF DATA QUALITY REQUIREMENTS CAN BE CRUCIAL. THIS ARTICLE REVEALS THE RESULTS OF A RESEARCH STUDY CONDUCTED IN SPECIALIZED SITES, BLOGS, FORUMS, AND LITERATURE RELATED TO HOW BUSINESS PEOPLE (NOT SPECIALIZED IN INFORMATION TECHNOLOGY) EXPRESS DATA QUALITY NEEDS. ADDITIONALLY, HOW THE RESULT WAS VALIDATED IS SHOWN THROUGH THE PARTICIPATION OF BUSINESS EXPERTS AND ANALYSTS. THE OUTCOME WERE LISTS WITH 18 TYPES OF PROBLEMS ASSOCIATED WITH DATA QUALITY AND 35 CHARACTERISTICS THAT DATA MUST COMPLY WITH IN RELATION TO QUALITY.

THE E-GOVERNMENT REPRESENTS THE GOVERNMENT-CITIZEN RELATIONSHIP, THROUGH THE USE OF INFORMATION TECHNOLOGIES. THROUGH E-GOVERNMENT THE GOVERNMENTS, OFFER DIFFERENT UTILITIES AND INFORMATION, TRYING WITH THIS, TO MAKE LIFE EASIER FOR CITIZENS AND TO FACILITATE THE PUBLIC ADMINISTRATION. THIS IMPLIES, AMONG OTHER THINGS, STRONG DATA EXCHANGE BETWEEN GOVERNMENT AND CITIZENS. THIS LEADS US TO THINK THAT THE QUALITY OF THE DATA COULD BECOME AN IMPORTANT FACTOR WHEN ATTEMPTING TO PROMOTE THE USE OF E-GOVERNMENT. CONSEQUENTLY, THIS ARTICLE FOCUSES ON STUDYING THE VIEWS OF CITIZENS REGARDING THE PRESENCE OF DATA QUALITY IN MUNICIPAL E-GOVERNMENT APPLICATIONS. CONCRETELY, THE CASE STUDY, HAS SHOWN THAT CITIZENS RECOGNIZE AND PREFER AN APPLICATION WITH IMPROVED DATA QUALITY.

CONTEXT THERE ARE MANY TECHNIQUES FOR PERFORMING AUTHENTICATION, SUCH AS TEXT PASSWORDS AND BIOMETRICS. COMBINING TWO FACTORS INTO ONE TECHNIQUE IS KNOWN AS MULTI-FACTOR AUTHENTICATION. THE LACK OF A PROPER METHOD FOR COMPARING AND SELECTING THESE TECHNIQUES FOR THEIR IMPLEMENTATION IN SOFTWARE DEVELOPMENT PROCESSES IS OBSERVED. OBJECTIVE THE ARTICLE PRESENTS A RECOMMENDATION FRAMEWORK PROPOSAL FOR COMPARING AND SELECTING AUTHENTICATION TECHNIQUES IN A SOFTWARE DEVELOPMENT PROCESS. METHOD KNOWLEDGE FROM ACADEMY IS OBTAINED THROUGH A SYSTEMATIC LITERATURE REVIEW AND EXPERIENCE FROM INDUSTRY IS GATHERED USING A SURVEY AND INTERVIEWS. THE RESULTS OF THESE TWO TECHNIQUES ARE USED TO GENERATE A FRAMEWORK PROPOSAL, WHICH IS VALIDATED AFTERWARDS, THROUGH AN EXPERT PANEL AND THE CASE STUDY METHOD.

THERE ARE MULTIPLE TECHNIQUES FOR USERS TO AUTHENTICATE THEMSELVES IN SOFTWARE APPLICATIONS, SUCH AS TEXT PASSWORDS, SMART CARDS, AND BIOMETRICS. TWO OR MORE OF THESE TECHNIQUES CAN BE COMBINED TO INCREASE SECURITY, WHICH IS KNOWN AS MULTIFACTOR AUTHENTICATION. SYSTEMS COMMONLY UTILIZE AUTHENTICATION AS PART OF THEIR ACCESS CONTROL WITH THE OBJECTIVE OF PROTECTING THE INFORMATION STORED WITHIN THEM. HOWEVER, THE DECISION OF WHAT AUTHENTICATION TECHNIQUE TO IMPLEMENT IN A SYSTEM IS OFTEN TAKEN BY THE SOFTWARE DEVELOPMENT TEAM IN CHARGE OF IT. A POOR DECISION DURING THIS STEP COULD LEAD TO A FATAL MISTAKE IN RELATION TO SECURITY, CREATING THE NECESSITY FOR A METHOD THAT SYSTEMATIZES THIS TASK. THUS, THIS BOOK CHAPTER PRESENTS A THEORETICAL DECISION FRAMEWORK THAT TACKLES THIS ISSUE BY PROVIDING GUIDELINES BASED ON THE EVALUATED APPLICATION?S CHARACTERISTICS AND TARGET CONTEXT. THESE GUIDELINES WERE DEFINED THROUGH THE APPLICATION OF AN EXTENSIVE ACTION-RESEARCH METHODOLOGY IN COLLABORATION WITH EXPERTS FROM A MULTINATIONAL SOFTWARE DEVELOPMENT COMPANY.

BUSINESS PROCESSES ARE AN IMPORTANT RESOURCE FOR PERFORMANCE ON BUSINESS COMPETITIVENESS. THE BUSINESS PROCESS DESCRIPTIONS MADE; WITH BPMN (BUSINESS PROCESS MODELLING NOTATION), THE DE FACTO STANDARD IN THE MARKET, CAN BE TRANSLATED INTO EXECUTION LANGUAGES; SUCH AS BPEL (BUSINESS PROCESS EXECUTION LANGUAGE). ORIGINALLY, BPMN SPECIFICATION DOES NOT INCLUDE THE REPRESENTATION OF SECURITY ASPECTS. HOWEVER, THERE ARE PROPOSALS THAT INCORPORATE SECURITY SPECIFICATIONS OF BUSINESS PROCESSES USING BPMN. AMONG THESE WE HAVE CONSIDERED FOR DESCRIBING A SBP (SECURE BUSINESS PROCESS), INCORPORATING THE BUSINESS ANALYST'S PERSPECTIVE IN RELATION TO SECURITY. HOWEVER, UNTIL NOW,THERE ARE NO TRANSLATIONS OF THE SBP TO EXECUTION LANGUAGES. IN THIS PAPER WE PROPOSE A TRANSLATION OF THE SECURITY REQUIREMENTS, INCLUDING ACCESS CONTROL, DEFINED IN A SBP TO SECURE WEB SERVICES USING BPEL LANGUAGE.

SECURITY REQUIREMENTS PLAY AN IMPORTANT ROLE IN SOFTWARE DEVELOPMENT. THESE CAN BE SPECIFIED BOTH IN ENTERPRISE ARCHITECTURE MODELS AND IN BUSINESS PROCESSES. ENTERPRISES INCREASINGLY CARRY OUT LARGER AMOUNTS OF BUSINESS PROCESSES WHERE SECURITY PLAYS A MAJOR ROLE. BUSINESS PROCESSES INCLUDING SECURITY CAN BE AUTOMATICALLY OBTAINED FROM ENTERPRISE ARCHITECTURE MODELS BY APPLYING A MODEL-DRIVEN ARCHITECTURE APPROACH, THROUGH A CIM TO CIM TRANSFORMATION. THE AIM OF THIS ARTICLE IS TO PRESENT THE SPECIFICATION OF TRANSFORMATION RULES FOR THE CORRESPONDENCE BETWEEN ENTERPRISE ARCHITECTURE AND BUSINESS PROCESS MODEL ELEMENTS FOCUSING ON SECURITY.

DATA QUALITY IS CONSIDERED AN IMPORTANT ASPECT FOR THE SUCCESS OR FAILURE OF ROUTINE TASKS IN AN ORGANIZATION. NOWADAYS, MOST OF THESE TASKS ARE SUPPORTED BY SOFTWARE APPLICATIONS. THE EARLY SPECIFICATION OF THE REQUIREMENTS FOR THESE APPLICATIONS IS A CHALLENGE FOR SOFTWARE ENGINEERING. THIS PAPER FOCUSES ON EARLY SOFTWARE REQUIREMENTS SPECIFICATION, PAYING SPECIAL ATTENTION ON DATA QUALITY. THESE REQUIREMENTS WILL BE CAPTURED FROM BUSINESS PROCESS MODELS DESCRIBED WITH BPMN (BUSINESS PROCESS MODEL AND NOTATION), AND EXPRESSED THROUGH USE CASES OF UML (UNIFIED MODEL LANGUAGE). FOR THIS PURPOSE WE PROPOSE A METHOD WHEREBY BUSINESS EXPERTS CAN MODEL BUSINESS PROCESSES AWARE OF DATA QUALITY AND SOFTWARE ENGINEERS CAN GET ARTIFACTS USEFUL FOR CREATING SOFTWARE.

BUSINESS PROCESS MODELS ARE DESCRIBED AS A SET OF TASKS THAT, WHEN EXECUTED IN A SPECIFIC ORDER, ALLOW THE ACHIEVEMENT OF A BUSINESS OBJECTIVE. IN RECENT YEARS THE USE OF SUCH MODELS HAS INCREASED AS A USEFUL DEVICE FOR DEVELOPING SOFTWARE. SINCE BPMN DOES NOT CONSIDER THE SPECIFICATION OF SECURITY REQUIREMENTS IN ITS DEFINITION, DURING THE LAST DECADE EXTENSIONS TO THE LANGUAGE HAVE BEEN PROPOSED THAT AIM TO COVER THIS NEED. [...]OF THE INVESTIGATION, A SET OF ARTICLES WITH PROPOSALS FOR SECURITY REQUIREMENTS TO BE REPRESENTED IN BPMN HAS BEEN OBTAINED.

BUSINESS PROCESSES HAVE BECOME IMPORTANT RESOURCES, BOTH FOR AN ENTERPRISES PERFORMANCE AND TO ENABLE IT TO MAINTAIN ITS COMPETITIVENESS. THE LANGUAGES USED FOR BUSINESS PROCESS REPRESENTATION HAVE, IN RECENT YEARS, BEEN IMPROVED AND NEW NOTATIONS HAVE APPEARED. HOWEVER, DESPITE THE WIDE ACCEPTANCE OF THE IMPORTANCE OF BUSINESS PROCESS SECURITY, TO DATE THE BUSINESS ANALYST PERSPECTIVE IN RELATION TO SECURITY HAS HARDLY BEEN DEALT WITH. MOREOVER, SECURITY REQUIREMENTS CANNOT BE REPRESENTED IN MODERN BUSINESS PROCESS MODELING NOTATIONS. IN THIS PAPER, WE PRESENT AN EXTENSION OF UML 2.0 ACTIVITY DIAGRAMS WHICH WILL ALLOW SECURITY REQUIREMENTS TO BE SPECIFIED IN BUSINESS PROCESSES. OUR PROPOSAL, DENOMINATED AS BPSEC (BUSINESS PROCESS SECURITY), IS MODEL DRIVEN ARCHITECTURE COMPLIANT SINCE IT IS POSSIBLE TO OBTAIN A SET OF UML ARTIFACTS (PLATFORM INDEPENDENT MODEL-PIM) USED IN SOFTWARE DEVELOPMENT FROM A SECURE BUSINESS PROCESS MODEL SPECIFICATION (COMPUTATION INDEPENDENT MODEL-CIM). WE ALSO PRESENT THE APPLICATION OF OUR APPROACH TO AN EXAMPLE BASED ON A TYPICAL HEALTH CARE INSTITUTION, IN WHICH OUR M-BPSEC METHOD IS EMPLOYED AS A FRAMEWORK FOR THE USE OF OUR UML EXTENSION.

CONTEXT MODEL-DRIVEN DEVELOPMENT (MDD) IS AN ALTERNATIVE APPROACH FOR INFORMATION SYSTEMS DEVELOPMENT. THE BASIC UNDERLYING CONCEPT OF THIS APPROACH IS THE DEFINITION OF ABSTRACT MODELS THAT CAN BE TRANSFORMED TO OBTAIN MODELS NEAR IMPLEMENTATION. ONE FAIRLY WIDESPREAD PROPOSAL IN THIS SPHERE IS THAT OF MODEL DRIVEN ARCHITECTURE (MDA). BUSINESS PROCESS MODELS ARE ABSTRACT MODELS WHICH ADDITIONALLY CONTAIN KEY INFORMATION ABOUT THE TASKS THAT ARE BEING CARRIED OUT TO ACHIEVE THE COMPANY?S GOALS, AND TWO NOTATIONS CURRENTLY EXIST FOR MODELLING BUSINESS PROCESSES: THE UNIFIED MODELLING LANGUAGE (UML), THROUGH ACTIVITY DIAGRAMS, AND THE BUSINESS PROCESS MODELLING NOTATION (BPMN). OBJECTIVE OUR RESEARCH IS PARTICULARLY FOCUSED ON SECURITY REQUIREMENTS, IN SUCH A WAY THAT SECURITY IS MODELLED ALONG WITH THE OTHER ASPECTS THAT ARE INCLUDED IN A BUSINESS PROCESS. TO THIS END, IN EARLIER WORKS WE HAVE DEFINED A METAMODEL CALLED SECURE BUSINESS PROCESS (SBP), WHICH MAY ASSIST IN THE PROCESS OF DEVELOPING SOFTWARE AS A SOURCE OF HIGHLY VALUABLE REQUIREMENTS (INCLUDING VERY ABSTRACT SECURITY REQUIREMENTS), WHICH ARE TRANSFORMED INTO MODELS WITH A LOWER ABSTRACTION LEVEL, SUCH AS ANALYSIS CLASS DIAGRAMS AND USE CASE DIAGRAMS THROUGH THE APPROACH PRESENTED IN THIS PAPER.

AGRICULTURE PRODUCTION HIGHLY DEPENDS ON WATER AND SOIL FACTORS WHICH INCREASINGLY NEED TO BE UTILIZED EFFICIENTLY. PRECISION AGRICULTURE, THROUGH THE SET OF INFORMATION TECHNOLOGIES THAT IT USES, ALLOWS TO EFFECTIVELY MANAGE THESE RESOURCES. THIS WORK AIMS TO GATHER THE EXISTING KNOWLEDGE ON TECHNOLOGIES USED IN PRECISION AGRICULTURE AND WAYS TO DISCERN THE MOST APPROPRIATE ONE FOR DIFFERENT CONTEXTS IN AGRICULTURAL PROCESSES. A SYSTEMATIC LITERATURE REVIEW IS PERFORMED TO IDENTIFY PRECISION AGRICULTURE IMPLEMENTATIONS AND TO ANSWER QUESTIONS SUCH AS THE TYPE OF TECHNOLOGIES USED, CRITERIA FOR THEIR COMPARISON AND SELECTION, AND THE EXISTENCE OF FRAMEWORKS THAT HELP TO DECIDE WHAT TECHNOLOGIES TO IMPLEMENT. A TOTAL OF 3,949 PUBLICATIONS WERE REVIEWED, OF WHICH 259 ADDRESSED THE POSED RESEARCH QUESTIONS. THE FINDINGS ARE THAT REMOTE SENSORS ARE THE MOST USED TECHNOLOGY, THE REQUIRED KNOWLEDGE IS AN IMPORTANT CRITERION FOR DECIDING TO IMPLEMENT PRECISION AGRICULTURE, AND NO FRAMEWORK WAS FOUND THAT GUIDES ITS IMPLEMENTATION.

THE INCORPORATION OF SECURITY CONCEPTS ON BUSINESS PROCESSES MODELS HAS TURNED OUT TO BE AN INTERESTING FACTOR IN THE SOFTWARE DEVELOPMENT CYCLE, SINCE IT ALLOWS AN EARLY CAPTURE OF SECURITY ASPECTS, WHICH WILL THEN BE USED IN LATER STAGES. A WAY OF COMPLEMENTING SECURITY INCORPORATED IN A BUSINESS PROCESS IS TO LINK THIS KIND OF REQUIREMENT WITH SECURITY PATTERNS, DUE TO THE IMPORTANCE OF THESE PATTERNS ON THE SOFTWARE DEVELOPMENT PROCESS. THIS ARTICLE TACKLES THE PROCUREMENT OF UML CLASSES THAT ALLOW THE ADVANCEMENT IN A SOFTWARE DEVELOPMENT PROCESS WITH SECURITY REQUIREMENTS EXPRESSED AS BUSINESS PROCESSES AS A BASE, USING A BPMN EXTENSION AND SECURITY PATTERNS.