• PDF / 1,786,467 Bytes
• 15 Pages / 439.37 x 666.142 pts Page_size
• 56 Downloads / 210 Views

DOWNLOAD

REPORT

Cybersecurity and Safety Group, University of Twente Services, Drienerlolaan 5, 7522 NB Enschede, The Netherlands {d.ionita,r.j.wieringa}@utwente.nl 2 Vrije Universiteit Amsterdam, De Boelelaan 1105, 1081 HV Amsterdam, Netherlands [email protected] 3 D-Telekom Chair of Mobile Business & Multilateral Security, Goethe University, Frankfurt am Main, Germany [email protected] http://scs.ewi.utwente.nl/

Abstract. Coordination processes are business processes that involve independent profit-and-loss responsible business actors who collectively provide something of value to a customer. Coordination processes are meant to be profitable for the business actors that execute them. However, because business actors are independent, there is also an increased risk of fraud. To compute profitability as well as quantify the risk of fraud, we need to attach value models to coordination process models. In this paper, we propose guidelines for deriving a value model from any coordination process model. Next, we show how our approach can be used to identify possibilities of fraud offered by a coordination process, as well as quantify the financial impact of known fraudulent processes. Finally, we discuss additional applications, such as identifying commercially superfluous tasks, or missing tasks needed to achieve a financially sustainable process. Keywords: Risk-aware BPM · Cost-aware BPM · Process analysis and improvement

1

Introduction

Today, electronic commercial services, are an important source of revenue for many businesses. For instance, consider companies such as Netflix, Spotify, or in our case study domains, Internet service providers and telecoms. Most e-services share two common attributes: (1) they are paid, usually by a customer and (2) they are provided by a complex network of enterprises. As a result, these services are open to opportunities to commit fraud. For example, a fraudulent actor may use the telephone subscription of someone else to place expensive phone calls. c IFIP International Federation for Information Processing 2016  Published by Springer International Publishing Switzerland 2016. All Rights Reserved J. Horkoff et al. (Eds.): PoEM 2016, LNBIP 267, pp. 102–116, 2016. DOI: 10.1007/978-3-319-48393-1 8

Value-Driven Risk Analysis of Coordination Models

103

Although fraud is often performed by misusing a business or coordination processes, its impact is actually on the business value level. Therefore, we need an instrument to analyze and express its financial effects for all actors involved. In line with previous work on value-based fraud analysis [1,2], we use an e3 value model [3] for this purpose. Because a value model represents what actors exchange with each other in terms of economically valuable objects (such as products, services or information), it is fundamentally different from a process model. Abstracting away from operational details, e3 value models only show what is offered, and not how. Unfortunately, for many commercial services, information contained in a value model only exists in the mi

Recommend Documents

Risk Analysis Foundations, Models, and Methods

144 7 64MB

Adversarial Risk Analysis: Applications to Basic Counterterrorism Models

161 64 191KB

Enterprise Risk Management Models

184 95 4MB

Enterprise Risk Management Models

187 16 5MB

Enterprise Risk Management Models

204 63 5MB

Coordination Models and Languages 7th International Conference, COOR

169 89 3MB

Pareto Models for Risk Management

177 102 10MB

Coordination Models and Languages 18th IFIP WG 6.1 International Con

172 22 12MB

Coordination Models and Languages 19th IFIP WG 6.1 International Con

189 105 17MB

Inter-limb Coordination Assessment and Fall Risk in ADL

176 80 229KB

Coordination Models and Languages 8th International Conference, COOR

163 112 3MB

Coordination Models and Languages 17th IFIP WG 6.1 International Con

168 46 7MB