Broadly speaking, business processes are used to describe which activities need to be completed to accomplish a specific business goal, in which order they are to be executed, and by whom. They are very useful for assigning responsibilities among agents (humans or computers) and for defining interactions among them. BPMN  is a well-known language for modeling business processes. It graphically depicts business processes using workflows, where nodes represent activities, edges represent activity flow, and gateways represent activity coordination. Business applications are software solutions ensuring that all the activities which encompass a business process are completed in the required order and by the required agents. The standard components of a businessapplication are: (i) a task management window, where agents can choose the next task (activity instance) to be executed; and (ii) for each activity, a task execution window, where agents can execute to completion a previously chosen task. The abuse of special privileges is a serious security threat in many business processes. Secure BPMN [2, 8] has been proposed as a formal way of integrating separation of duties (SoD) and binding of duties (BoD) requirements into business processes. SoD requirements prevent a user from executing two activities with conflicting interest. BoD requirements prevent widespread dissemination of sensitive information by forcing that two related activities are to be executed by the same agent. The main contribution of the work presented here is a novel methodology (unpublished yet) for developing securebusiness applications from Secure BPMN models. In a nutshell, it is a three-step process. In the first step, ActionGUI models will be automatically generated from the given secure BPMN model. ActionGUI  is a language for modeling security-aware, data- centric business applications, to whose design and implementation we have contributed as part of our work. The generated ActionGUI models specify the high-level behaviour of the desired businessapplication, based on the information contained in the given BPMN model. In the second step, the modeler will complete the generated ActionGUI models with all the relevant information about the desired businessapplication that can not be expressed in the given BPMN model. In the third step, the desired businessapplication will be automatically generated from the finalized models, using the available ActionGUI code generator.
are sold directly to the consumer; Consumer-to-Business (C2B): business transactions between consumers and organizations, where consumers can fix prices for both goods and services offered and Consumer-to-Consumer (C2C): business transaction between consumers among others (Ayo, 2009). Therefore, appropriate considerations must be given to these categories so that the most suitable e-Payment system can be adopted. Nigeria has remained the fastest growing mobile phone country in Africa and the third in the world where over 60% of the populace are connected (Akwaja, 2010). Thus, Nigeria has great potential for mobile commerce implementation besides the electronic commerce that is gradually gaining momentum. The major distinction between the electronic and mobile business transaction prefixed as “e” and “m” is that the electronic medium offers “anytime access”, while mobile medium offers “anytime and anywhere access” to business processes respectively (Tiwari et al., 2006). However, the success of e-Payment will impact greatly on m-Payment if security and usability issues are well considered.
The first factor in the success of e-business is the suitability and support of e-business activities for the overall strategy of the company. The implementation of e-business in business organizations only means using network and communication information technology more efficiently and effectively in carrying out business processes. The strategic value to do this will depend on the extent to which the process can help business organizations implement and achieve the overall strategy. According to Romney, there are two basic strategies that can be followed by any type of organization, namely, first to be a low-cost producer. Both provide differentiated products. E-Business can be used to pursue these two basic strategies. However, it is important for the organization to understand the safe strategy it follows, so as not to accidentally design its e-business process in a way that is contrary to the strategy chosen. For example, the optimal website or site design for companies pursuing a product differentiation strategy is based on the quality of service performed to their customers, it seems to be different from the company's website design that sees itself as a low-cost commodity provider.
The Department of Communication and Information Technology (CIT) of Pasuruan Regency is a government institution that has the task to manage all government application in Pasuruan Regency. This institution is also responsible for serving other institution request about new application. This department is not only developing the requests by themselves but also throwing them to third- party application developers. For those applications which are developed by third-party developer, CIT department only taking part on defining business processes. This behaviour makes CIT department does not get full control on their software development.
Based upon the written evaluations included with the final documentation package, students find this project to be the most valuable learning experience of the course. In addition to the students learning the technical skills necessary to be Web developers, they also learn the vital role that project management plays in Web development. Students learn first-hand that they must balance the triple constraints of scope, time, and budget. Although most student teams are quite aggressive in their original Web design document, they immediately see that the time constraint prohibits them from accomplishing everything that they set out to accomplish. The original project scope is somewhat diminished once students realize that the 16 week semester is not long enough to accommodate all of the skill learning that must take place in addition to the development effort itself.
importantly for security, it has no notion of the 'state' or 'function' of the business application’s request for a voice enrolment or verification. As a 'stateless' machine, ArmorVox does not require session identifiers or the retention of any PII. Through this, ArmorVox complies with the GDPR requirements.
From above discussions, it is clear that we must pay careful attention to security in E-commerce. SecureE-commerce generally employs in- formation security functions such as authentication, confidentiality, and data integrity to deal with such risks. Commonly, it implies the use of cryptographic-based technologies such as encryption and digital signa- tures, especially when valuable or private information is communicated over open systems, or when the potential for repudiation of transac- tions is unacceptable. As a practical matter, secureE-commerce may come to mean the use of information security mechanisms to ensure the reliability of business transactions over insecure networks.
WeB-Demand Generation platform is WeB’s extended service portfolio for its customers to launch outbound and inbound e-Marketing campaigns such as ‘Joint Promotion’, ‘eCoupon’, and the recently launched ‘WeB-Reach’ service. Customers can use the platform and partner with other members of the WeB community to design and launch new promotional campaigns so that they can extend their reach to more new prospects. Since their launch, these email marketing tools and promotion programmes have aroused a great deal of attention among existing customers, and Escape Spa was one of them.
The main power of DDD is relied on systematical approach, it offers to Pinpoint and “Crunch” business domain aspect. DDD is revolutionary because it is not depend on technology or increasingly strong service to achieve business objective through software. DDD has two different parts: strategic design and tactical design. Strategic design is the most important things and spin around in the pattern and the practice to analyze domain and design the top-level-architecture of the system. Tactical design is about the outcome implementation of strategic design . To allow doing analysis like thorough analysis of business domain, DDD offers three patterns of analysis as follow: First, Ubiquitous Language, It is a shared team language. It is shared by domain experts and developers . You can understand business language and know in detail about business mechanic. It is true to say that ubiquitous language determines the naming conventions, but the essence of making ubiquitous vocabulary is understanding business and reflecting business process with code. It is more relevant than only making the effective naming convention . Second, Bounded Context, It is business domain area that provides the element of ubiquitous language as the clear and not ambiguous meaning . In single Bounded context is Ubiquitous language that is formulated by team. It is stated between team in within software model. The different teams, sometimes each of them are responsible for Bounded context given, using context mapping to separate strategically Bounded context and understand its integration. In single modeling limitation, team can use a tactical modeling tools which is useful: Aggregate, Entity, Value Object, Service, Domain Event, etc. . Third, Context Mapping, The way of DDD to express top-level- architecture is through the plural bounded context composition which is interconnected to the relationship. Design artifact that expresses scheme is called context map. In other words, context map is diagram that gives a thorough view of system being designed .
Document-centric Web implementation prevents the possibility to model design ele- ments, like user interface objects in interactive applications, dialogue parts of workflows, or structural elements to keep care of the application’s corporate look and feel. Fine-granular model entities will get lost after mapping to coarse-grained entities of the implementation model, as they have to be glued together in one code base or even be cloned into several docu- ments. Thus, changes in design and layout, or reuse of the entities for cost reduction and quality improvement makes maintenance respectively evolution of a Web application a difficult task to perform. Design methods and systems with support of mapping higher-level concepts and fine- grained entities to the Web, like OOHDM , RMM , JESSICA , or TML  address these problems in different ways. The disciplined development of large-scale Web applications with heterogeneous legacy systems in the back-end and a possible partial distribution for main- tenance and reuse of higher-level concepts is less looked at, even though this scenario is impor- tant in e-commerce applications.
The BI process consists of two primary activities, getting data in and getting data out, which is illustrated in figure 8. Gathering raw data for BI is also known as data warehousing, this involves moving data from multiple source systems into an integrated data warehouse . The sources can be available within the organization (for hospitals the information systems as displayed in figure 7), be supplied by an external data provider (like the DIS by DBC- Onderhoud) or made available by a business partner (for example another hospital). The data of these sources can be structured or semi-structured. Structured data will be available from sources that consists of databases, for example a CDSS. But most of the available data will be semi-structured data, data that does not fit neatly into relational or flat files. Examples of semi-structured data are spreadsheet files, reports, memos, and e-mails . During the data warehousing process the gathered data will be transformed so that it is meaningful for decision support. For example records from several systems are matched. But also new fields can be created during data transformation, such as time periods of activities or totals .
Confidentiality issues are magnified with the use of IT as leakage of digital information is easily done, for instance forwarding emails and copying e-documents. This may have serious impact such as mistrust and financial loss on a company. For instance, trade secret, contract negotiation and other exchange of confidential information transmitted across the Internet are subjected to unauthorized access and disclosure, and other security issues. Many suppliers fostered the mentality that sharing information will expose them to risks. They ranked confidentiality of information as the top priority followed by ownership issues. This might be due to the ease of sharing and transferring data in the electronic medium. The new medium also facilitates meddling, theft or disclosure of confidentiality documents such as design drawings, bill of quantity and tender documents. 3. Legal Liability
It might be watched that clients drive the incomes of any association. Getting new clients, charming and holding existing clients, and foreseeing purchaser conduct will enhance the accessibility of items and administrations and consequently the benefits. Along these lines the true objective of any information mining exercise in online business is to enhance forms that add to conveying an incentive to the end client. Consider an on-line store like http:www.dell.com where the client can design a PC of his/her decision, put in a request for the same, track its development, and in addition pay for the item and administrations. With the innovation behind such a site, Dell has the chance to influence the retail to encounter outstanding. And no more essential level, the data accessible in web log documents can distinguish what forthcoming clients are Organizations like Dell give their clients access to insights about the greater part of the frameworks and designs they have obtained so they can join the data into their ability arranging and foundation reconciliation. Back-end innovation frameworks for the site client profiles and prescient displaying of situations of client cooperation’s. For instance, switches, switches, stack balancers, reinforcement gadgets and so on. Administer mining based frameworks could look for from a site. Of the incorporate refined information mining instruments that deal with learning portrayal of once a client has bought a specific number of servers, they are probably going to require extra used to propose such other options to the clients.
To meet these needs, e-commerce organizations should be able to establish secure communication links. For instance, to manage value chain in real time, a staff from company A may need to communicate with financial unit of company B and the also supply unit of company C. This is quite natural that we try to use available PKIs previously provided for internal security of organization. Furthermore, there would be enormous potential benefits if such facilities are available. However, it is too difficult to gain required standards for interoperability of different PKIs. Basically, a PKI is normally based on a set of rules and understanding meanings and applications of public key certificates.
The advent of Smart Card Technology has brought many positive changes to the society such as security and convenience in the performance of an array of activities. Since its introduction in 1974, the use of smart cards has become increasingly prominent. Over 3.8 billion were estimated to be in use as at the last millennium . The smart card with its many applications has been implemented in Angola, Morocco, Germany, Italy and some other European countries as a medium of electronic identification with a good amount of success. With the tremendous success of smart card technology, it is extremely rare to find individuals from the developed and developing societies and nations with only one card in their carriage. They probably have at least two or more cards each, one serving its distinct function i.e. either for the identification e.g. national ID card, driver’s license or as a means of business transaction e.g. E-tranzact card, Bank ATM card etc.
E-Commerce, an electronic medium that generates revenue on demand, can be demanding in maintaining security administration and management. Ensuring a desktop PC, or a server on the LAN can provide moderate challenges in securing the device, securing a device in an E-Commerce environment can prove most challenging. Whether Consumer or Business, E- Commerce provides extraordinary challenges in that our organization uses this revenue generating medium to provide a service which is highly accessible publicly and privately and usually requires undesirable communication to be opened to these devices. The criticality of E-Data poses additional security measures, sensitive data pertaining to customers and business partners traversing private to public networks requires proactive measures to insure a secure environment.
The Change Approval Framework helps ensure that all changes done using any of the products of Application Change Management Pack for Oracle E-Business Suite (ACP) go through a change approval mechanism. This change control mechanism entails one level of approval for any change that results in a configuration or code change of an Oracle E-Business Suite instance. The Change Approval Framework provides tracking and auditing with respect to the change control requests and historical data. A common change control tracking dashboard is provided for tracking all change requests within ACP. Auto-approvals are possible if the requestor is a Super Administrator or has the respective approver role with approval target access.
This paper carried out analysis of various application level attacks and classified those attacks. The information contained in this paper could be very useful for new application/web developers for developing smarter and secure applications running over the web. Although a complete secureapplication is not guaranteed in the modern world, but still a considerable amount of work and research has been done in this area. Completely securing a web application seems to be a daunting task for developers today.
A smart home which consists of electrical and electronics devices such as fans, Television, air conditioners, motors, heater, lighting systems and the sensors to sense different circumstances. For example it can have a gas detection system, Fire detection system, motion sensors; temperature sensors etc. A remotely accessible environment is an environment in which each appliance can be remotely accessed and controlled using software as an interface, which includes an Android application or IOS application. Such remotely accessible systems are already available in the market. How this system is suitable for Indian market, how many of them using existing system, Is that affordable to common people. Should we have to create a new system according to middle class’s expectation?