Showing posts with label Idea Grup Publishing. Show all posts

G. Radhamani & G. S. V. Radha Krishna Rao

e-books shop
Web Services Security & E-Business


There has been a dramatic impact on our society due to multifold increases in the use of
personal computers. Computer networking plays a crucial role in building a wireless
information society. Internet services and their applications have provided us with
tools to obtain any kind of information in a flash of time, and the real world has been
converted into a virtual world due to the proliferation of computers. Web sites are now
a key asset to organizations of all sizes, providing information and services to clients,
suppliers, and employees. Unfortunately, these developments have also opened new
security threats to the enterprise networks, and opened the door to an increasing
number of threats to individual and business computers. There is a growing trend of
hackers attacking networks via home and remote users. These attacks can be range
from partial loss of data to making the system nonusable, and privacy can be completely
violated. Unauthorized users can use their computer to attack other computers
by gaining access through the Internet. In the year 2005, new threats increased by
almost 50%, as cybercriminals joined forces to create targeted malware attacks for
financial gain.
Being security aware means that computer system users understand the potential
threats: that it is possible for some people to deliberately or accidentally steal, damage,
or misuse the data that is stored within their computer systems and throughout their
organization. Therefore, it would be prudent to support the assets of their institution
(information, physical, and personal) by trying to stop that from happening. By following
the recommended security practices, the user has knowledge of the potential hole
in the system, and the capabilities to block the hole in their defenses. There has never
been a greater need for early, integrated, threat-management solutions because organized
criminals are now working more closely together than ever before to infect computers.
Bringing together the understanding of security problems related to the protocols and
applications of the Internet, and their contemporary solutions to these problems in this
book, Web Services Security and E-Business, is both timely and purposeful. Cryptography
has been introduced to understand the security protocols. The focus of the book
is on architectures and protocols. Authors have provided an insight into uncovering
the security risks of dynamically created content, and looks at how proper content
management can greatly improve the overall security. They have also looked at the
security life cycle and how to respond to an attack, as well as the problems of site
hijacking and phishing.

Professor S. S. Jamuar


We would like to thank all contributors/authors who worked very hard to complete their
chapters in time. Without each of their contributions, this book would have never been
Our grateful thanks to the external reviewers for their valuable comments and constructive
criticism, which developed and improved the overall content of this book.
We would like to thank Professor Datuk, Dr. Ghauth Jasmon, president of Multimedia
University, and Dr. Ewe Hong Tat, dean of Faculty of Information Technology for kind
assistance and support.
Special thanks to Dr. Mehdi Khosrow-Pour, senior academic editor, and Kristin Roth,
development editor, of Idea Group Inc., for production of this book. Their efficiency
and amiable manner made working together a pleasure.
We are grateful to all others who have indirectly helped us in bringing out this book to
be successful.

Dr. G. Radhamani
Dr. G. S. V. Radha Krishna Rao

The proliferation of Internet services and applications is bringing systems and Web
services security issues to the fore. There is a consensus that a key, contributing factor
leading to cyberthreats is the lack of integrated and cohesive strategies that extend
beyond the network level, to protect the applications and devices at system level as
well. Many techniques, algorithms, protocols, and tools have been developed in the
different aspects of cybersecurity, namely, authentication, access control, availability,
integrity, privacy, confidentiality, and nonrepudiation as they apply to both networks
and systems.

The IT industry has been talking about Web services for many years. The benefits of
having a loosely coupled, language-neutral, platform-independent way of linking applications
within organizations, across enterprises, and across the Internet, are becoming
more evident as Web services are used in pilot programs and in wide-scale production.
Moving forward, customers, industry analysts, and the press identify a key area
that needs to be addressed as Web services become more mainstream: security.
The purpose of this book is to bring together the technologies and researchers who
share interest in the area of e-business and Web services security. The main aim is to
promote research and relevant activities in security-related subjects. It also aims at
increasing the synergy between academic and industry professionals working in this
area. This book can also be used as the textbook for graduate courses in the area of
Web services security. This book is comprised of 20 chapters that cover various aspects
of Web services security and e-business. The scope of the chapters is summarized hereunder.

The first chapter gives a practical overview of the brief implementation details of the
IEEE802.11 wireless LAN and the security vulnerabilities involved in such networks.
Specifically, it discusses the implementation of EAP authentication using RADIUS
server with WEP encryption options. The chapter also touches on the ageing WEP and
the cracking process, along with the current TKIP and CCMP mechanisms. War driving
and other security attacks on wireless networks are also briefly covered. The chapter
concludes with practical security recommendations that can keep intruders at bay. The
authors hope that any reader would thus be well informed on the security vulnerabilities
and the precautions that are associated with 802.11 wireless networks.

The increasingly important role of security for wireless Web services environments has
opened an array of challenging problems centered on new methods and tools to improve
existing data encryption and authentication techniques. Real-time recurrent neural
networks offer an attractive approach to tackling such problems because of the high
encryption capability provided by the structural hidden layers of such networks. In the
second chapter, a novel neural network-based symmetric cipher is proposed. This cipher
releases the constraint on the length of the secret key to provide the data integrity
and authentication services that can be used for securing wireless Web services communication.
The proposed symmetric cipher design is robust in resisting different
cryptanalysis attacks. Simulation results are presented to validate its effectiveness.
In the third chapter, the business implications, as well as security and privacy issues of
the widespread deployment of radio frequency identification (RFID) systems, were
discussed. At first, the components that make up an RFID system to facilitate better
understanding of the implications of each were discussed, and then the commercial
applications of the RFID were reviewed. Further, the security and privacy issues for
RFID systems, and what mechanisms have been proposed to safeguard these, were
discussed. The topics discussed in this chapter highlight the benefits of using RFIDs
for user convenience in ubiquitous and pervasive commercial services and e-businesses,
while maintaining the integrity of such systems against malicious attacks on
the users’ security and privacy. This is vital for a business establishment to coexist
with peers, and remain competitively attractive to customers.

Over the years, computer systems have evolved from centralized monolithic computing
devices supporting static applications, into client-server environments that allow complex
forms of distributed computing. Throughout this evolution, limited forms of code
mobility have existed. The explosion in the use of the World Wide Web, coupled with
the rapid evolution of the platform-independent programming languages, has promoted
the use of mobile code and, at the same time, raised some important security issues. The
fourth chapter introduces mobile code technology, and discusses the related security issues.

Multicast communication demands scalable security solutions for group communication
infrastructure. Secure multicast is one such solution that achieves the efficiency of
multicast data delivery. Key generation plays an important role in enforcing secure and
efficient key distribution. The fifth chapter addresses the issues focused on the area of
key generation on key management cryptographic algorithms that support security
requirements in multicast group communications. These issues are of importance to
application developers wishing to implement security services for their multicast applications.
The three main classes: centralized, decentralized, and distributed architec tures, are investigated and analyzed here, and insight is given to their features and
goals. The area of group key generation is then surveyed, and proposed solutions are
classified according to the efficiency of the cryptographic algorithms and multicast
security requirements. The open problems in this area are also outlined.
Agent technologies have grown rapidly in recent years as Internet usage has increased
tremendously. Despite its numerous practical benefits and promises to provide an efficient
way of mitigating complex distributed problems, mobile agent technology is still
lacking effective security measures, which severely restricts their scope of applicability.
The sixth chapter analyzes and synthesizes the different security threats and attacks
that can possibly be imposed to the mobile agent systems. The security solutions
to resolve the problems and the research challenges in this field are presented.
The seventh chapter introduces the intrusion detection system (IDS). It started with a
brief explanation of history of IDS, proceeded with generic components of IDS. Besides
highlighting current advances in IDS, the chapter describes recent challenges to the
system. The authors hope that this chapter will shed a light for readers who are unfamiliar
with this domain.

ZKP-based authentication protocols provide a smart way to prove an identity of a node
without giving away any information about the secret of that identity. There are many
advantages, as well as disadvantages, to using this protocol over other authentication
schemes, as well as challenges to overcome in order to make it practical for general use.
The eighth chapter examines the viability of ZKPs for use in authentication protocols in
networks. It is concluded that nodes in a network can achieve a desired level of security
by trading off key size, interactivity, and other parameters of the authentication
protocol. This chapter also provides data analysis, which can be useful in determining
expected authentication times based on device capabilities. Pseudocode is provided
for implementing a graph-based ZKP on small or limited processing devices.

Web services enable the communication of application to application in a heterogeneous
network and computing environment. The powerful functionality of Web services
has given benefits to enterprise companies, such as rapid integrating between
heterogeneous e-business systems, easy implementation of e-business systems, and
reusability of e-business services. While providing the flexibility for e-business, Web
services tend to be vulnerable to a number of attacks. Core components of Web services
such as simple object access protocol (SOAP), Web services description language
(WSDL), and universal description, discovery, and integration (UDDI) can be
exploited by malicious attacks due to lack of proper security protections. These attacks
will increase the risk of an e-business that employs Web services. The ninth chapter
aims to provide a state-of-the-art view of Web services attacks and countermeasures.
This chapter also examines various vulnerabilities in Web services, followed by the
analysis of respective attacking methods. Further, this chapter also discusses preventive
countermeasures against such attacks to protect Web services deployments in ebusiness,
and finally address future trends in this research area.

The 10th chapter presents a new simple scheme for verifiable encryption of elliptic curve
digital signature algorithm (ECDSA). The protocol presented is an adjudicated protocol,
that is, the trusted third party (TTP) takes part in the protocol only when there is a
dispute. This scheme can be used to build efficient fair exchanges and certified e-mail
protocols. In this chapter, the authors also present the implementation issues. The chapter presents a new algorithm for multiplying two 2n bits palindromic polynomials
modulo xp − 1 for prime p = 2n + 1 for the concept defined in Blake and Roth (1998) and
it is compared with the Sunar-Koc parallel multiplier given in Sunar and Koc (2001).
Finally, the chapter concludes that the proposed multiplication algorithm requires (2n2−n+1) XOR gates, which is approximately 34% extra, as compared to 1.5(n2−n) XOR gates
required by the Sunar-Koc parallel multiplier, and 50% less than the speculated result
4n2 XOR gates given by Sunar and Koc (2001). Moreover, the proposed multiplication
algorithm requires (2n2 − n) AND gates, as compared to n2 AND gates which is doubled
that of the Sunar-Koc method
Firstly, the fact that business intelligence (BI) applications are growing in importance,
and secondly, the growing and more-sophisticated attacks launched by hackers, the
concern of how to protect the knowledge capital or databases that come along with BI
or, in another words, BI security, has thus arisen. In the eleventh chapter, the BI environment,
with its security features, is explored, followed by a discussion on intrusion
detection (ID) and intrusion prevention (IP) techniques. It is understood, through a
Web-service case study, that it is feasible to have ID and IP as counter measures to the
security threats; thus, further enhancing the security of the BI environment or architecture.
In the 12th chapter, the concept of “trust transfer” using chain signatures will be presented.
Informally, transferring trust involves creating a trust (or liability) relationship
between two entities, such that both parties are liable in the event of a dispute. If such
a relationship involves more than two users, we say they are connected in a chained
trust relationship. The members of a chained trust relationship are simultaneously bound
to an agreement with the property that additional members can be added to the chain,
but once added, members cannot be removed thereafter. This allows members to be
incrementally and noninteractively added to the chain. We coin the term “chained
signatures” to denote signatures created in this incremental way. An important application
of chained signatures is in e-commerce transactions involving many users. We
present a practical construction of such a scheme that is secure under the Diffie-Hellman
assumption in bilinear groups.

The recent increase in the malicious usage of the network has made it necessary that an
IDS should encapsulate the entire network rather than at a system. This was the inspiration
for the birth of a distributed intrusion detection system (DIDS). Different configurations
of DIDSs have been actively used, and are also rapidly evolving due to the
changes in the types of threats. The thirteenth chapter gives an overview and the
structure of DIDS. The various agents that are involved in DIDS, and the benefits are
given in brief. In the end, directions for future research work are discussed.
In the 14th chapter, we discuss how security protocols can be attacked by exploiting the
underlying block cipher modes of operation. This chapter presents a comprehensive
treatment of the properties and weaknesses of standard modes of operation. Further,
this chapter shows why all modes of operation should not be used with public-key
ciphers in public-key security protocols. This includes the cipher block chaining (CBC)
mode, when there is no integrity protection of the initialisation vector (IV). In particular,
it was shown that it is possible in such instances to replace a block at the beginning,
middle, or end of a CBC-encrypted message. This chapter demonstrates that the security
of single-block encryptions can be reduced to the security of the electronic codebook
(ECB) mode, and show that in the absence of integrity, one could exploit this to aid in
known- and chosen-IV attacks. Finally, this chapter also presents chosen-IV slide attacks
on counter (CTR) and output feedback (OFB) modes of operation. Results show
that protocol implementers should carefully select modes of operation, be aware of the
pitfalls in each of these modes, and incorporate countermeasures in their protocols to
overcome them. It is also important to realize that modes of operation only provide
confidentiality, and that when used in the context of security protocols, these modes
should be combined with authentication and integrity protection techniques.
The 15th chapter addresses the need of cryptographic algorithm to prepare unbreakable
cipher. Though the performance of symmetric key algorithms is far better than asymmetric
key algorithms, it still suffers with key distribution problem. It is highly evident
that there is always a demand for an algorithm to transfer the secret key in a secure
manner between the participants. This chapter argues that by providing the randomness
to the secret key, it would be increasingly difficult to hack the secret key. This
chapter proposes an algorithm effectively utilizes the random nature of stock prices, in
conjunction with plain text, to generate random cipher. This algorithm can be used to
exchange the secret key in a secure manner between the participants.

In the 16th chapter, a watermarking scheme that utilizes error correction codes for added
robustness is proposed. A literature survey covering various aspects of the
watermarking scheme, such as the arithmetic redundant residue number system and
concepts related to digital watermarking, is given. The requirements of a robust
watermarking scheme are also described. In addition, descriptions and experimental
results of the proposed watermarking scheme are provided to demonstrate the functionality
of the scheme. The authors hope that with the completion of this chapter, the
reader will have a better understanding of ideas related to digital watermarking, as well
as the arithmetic redundant number system.

A security framework for secure message delivery and off-line message viewing of the
electronic bills is presented in the seventeenth chapter. This framework is implementable
towards smart applications such as electronic bill presentment and payment systems.
Chapter XVIII, introduces the concept of access control and its objectives in fulfilling
security requirements for the computing world. The main arrears in access control,
namely DAC, MAC, and RBAC, will be covered; thus, giving enough background
knowledge to the reader on existing policies and framework. Hence, the reader will be
able to comprehend the concept of task delegation with regard to access control policies,
and how delegated tasks or roles can affect existing risk levels in an organization.
Measuring risk has a two-fold benefit: one is that it enables security officials to be
prepared with more accurate security measures with higher granularity and secondly,
this will certainly be useful for security plans for mitigating potential risks.

Internet protocol version 6 (IPv6) is the next generation Internet protocol proposed by
the Internet Engineering Task Force (IETF) to supplant the current Internet protocol
version 4 (IPv4). Lack of security below the application layer in IPv4 is one of the
reasons why there is a need for a new IP. IPv6 has built-in support for the Internet
protocol security protocol (IPSec). The nineteenth chapter reports work done to evaluate
implications of compulsory use of IPSec on dual stack IPv4/IPv6 environment.
Finally, in the last chapter provides a conceptual modeling approach for Web services
(WS) security risk assessment, which is based on the identification and analysis of stakeholder intentions. There are no similar approaches for modeling Web services
security risk assessment in the existing pieces of literature. The approach is, thus,
novel in this domain. The approach is helpful for performing means-end analysis; thereby,
uncovering the structural origin of security risks in Web services, and how the root
causes of such risks can be controlled from the early stages of the projects. The approach
addresses “why” the process is the way it is, by exploring the strategic dependencies
between the actors of a security system, and analyzing the motivations, intents,
and rationales behind the different entities and activities in constituting the system.

This book aims to help toward technical strategy and a roadmap whereby the industry/
academia can produce and implement a standards-based architecture that is comprehensive,
yet flexible enough to meet the Web services security needs of real businesses

Blake & Roth. (1998)
Sunar & Koc. (2001)

Table of Contents
Foreword .......... viii
S. S. Jamuar Universiti Putra Malaysia, Malaysia
Preface ........ x
Chapter I
Wireless LAN Setup and Security Loopholes ......1
Biju Issac, Swinburne University of Technology, Malaysia
Lawan A. Mohammed, Swinburne University of Technology, Malaysia
Chapter II
Wireless Web Security Using a Neural Network-Based Cipher .... 32
Isaac Woungang, Ryerson University, Canada
Alireza Sadeghian, Ryerson University, Canada
Shuwei Wu, Ryerson University, Canada
Sudip Misra, Cornell University, USA
Maryam Arvandi, Ryerson University, Canada
Chapter III
RFID Systems: Applications vs. Security and Privacy Implications ....... 57
Dennis M. L. Wong, Swinburne University of Technology, Malaysia
Raphael C.-W. Phan, Swinburne University of Technology, Malaysia
Chapter IV
Mobile Code and Security Issues .......... 75
E. S. S. Samundeeswari, Vellalar College for Women, India
F. Mary Magdalene Jane, P. S. G. R. Krishnammal, India
Chapter V
A Survey of Key Generation for Secure Multicast Communication Protocols .. 93
Win Aye, Multimedia University, Malaysia
Mohammad Umar Siddiqi, International Islamic University Malaysia, Malaysia
Chapter VI
Security in Mobile Agent Systems .........112
Chua Fang Fang, Multimedia University, Malaysia
G. Radhamani, Multimedia University, Malaysia
Chapter VII
Intrusion Detection System: A Brief Study .......... 129
Robin Salim, Multimedia University, Malaysia
G. S. V. Radha Krishna Rao, Multimedia University, Malaysia
Chapter VIII
Node Authentication in Networks Using Zero-Knowledge Proofs ...... 142
Richard S. Norville, Wichita University, USA
Kamesh Namuduri, Wichita University, USA
Ravi Pendse, Wichita University, USA
Chapter IX
Web Services Security in E-Business: Attacks and Countermeasures ...... 165
Wei-Chuen Yau, Multimedia University, Malaysia
G. S. V. Radha Krishna Rao, Multimedia University, Malaysia
Chapter X
Verifiable Encryption of Digital Signatures Using Elliptic Curve Digital
Signature Algorithm and its Implementation Issues ..... 184
R. Anitha, PSG College of Technology, India
R. S. Sankarasubramanian, PSG College of Technology, India
Chapter XI
An Introductory Study On Business Intelligence Security ..... 204
Chan Gaik Yee, Multimedia University, Malaysia
G. S. V. Radha Krishna Rao, Multimedia University, Malaysia
Chapter XII
Secure Trust Transfer Using Chain Signatures ....... 218
Amitabh Saxena, La Trobe University, Australia
Ben Soh, La Trobe University, Australia
Chapter XIII
Distributed Intrusion Detection Systems: An Overview....... 231
Rosalind Deena Kumari, Multimedia University, Malaysia
G. Radhamani, Multimedia University, Malaysia
Chapter XIV
Subtle Interactions: Security Protocols and Cipher Modes of Operation ..... 239
Raphael C.-W. Phan, Swinburne University of Technology, Malaysia
Bok-Min Goi, Multimedia University, Malaysia
Chapter XV
Generic Algorithm for Preparing Unbreakable Cipher: A Short Study ..... 262
R. A. Balachandar, Anna University, India
M. Balakumar, Anna University, India
S. Anil Kumar, Anna University, India
Chapter XVI
A Robust Watermarking Scheme Using Codes Based on the Redundant Residue
Number System ........ 271
Vik Tor Goh, Multimedia University, Malaysia
Mohammad Umar Siddiqi, International Islamic University Malaysia, Malaysia
Chapter XVII
A Framework for Electronic Bill Presentment and Off-Line Message Viewing ..... 306
Ezmir Mohd Razali, Multimedia Univerisity, Malaysia
Ismail Ahmad, Multimedia Univerisity, Malaysia
G. S. V. Radha Krishna Rao, Multimedia Univerisity, Malaysia
Kenneth Foo Chuan Khit, NetInfinium Sdn. Bhd., Malaysia
Chapter XVIII
Propagation and Delegation of Rights in Access Controls and Risk Assessment
Techniques .... 328
Saravanan Muthaiyah, George Mason University, USA and
Multimedia University, Malayasia
Chapter XIX
IPSec Overhead in Dual Stack IPv4/IPv6 Transition Mechanisms:
An Analytical Study ........ 338
M. Mujinga, University of Fort Hare, South Africa
Hippolyte Muyingi, University of Fort Hare, South Africa
Alfredo Terzoli, Rhodes University, South Africa
G. S. V. Radha Krishna Rao, University of Fort Hare, South Africa
Chapter XX
An Approach for Intentional Modeling of Web Services Security Risk
Assessment ........ 363
Subhas C. Misra, Carleton University, Canada
Vinod Kumar, Carleton University, Canada
Uma Kumar, Carleton University, Canada
About the Authors .... 380
Index ........ 390


e-books shop

Purchase Now !
Just with Paypal

Product details
 410 p
 File Size
 5,123 KB
 File Type
 PDF format
 1-59904-170-7 (ebook)
 1-59904-169-3 (softcover)
 2007 by Idea Group Inc 

═════ ═════

Mahesh Raisinghani

Opportunities, Limitations and Risk

IDEA GROUP PUBLISHINGHershey • London • Melbourne • Singapore

e-books shop
Intelligence in the Digital Economy:
Opportunities, Limitations and Risk

In the past years, research in the field of responsive business environments
has had many successes. The most significant of these has been the
development of powerful new tools and methodologies that advance the subject
of Business Intelligence (BI). This book provides the BI practitioner and
researcher with a comprehensive view of the current art and the possibilities of the subject.

Dr. Raisinghani and his colleagues delight us with a breadth of knowledge
in Business Intelligence (BI) that ranges from the business executive viewpoint
to insights promised by text mining. The expert authors know that BI is
about reducing the uncertainties of our business world. A timely and accurate
view into business conditions can minimize uncertainty.

The reduction of business and technical risk is the central theme of this
text. If data gives us the facts and information allows us to draw conclusions,
then intelligence provides the basis for making good business decisions. Information
technology can help you seize the information that is available.
Intelligence involves knowing information about your competitors, such
as their profitability and turnover rate. The most important thing to gain from
intelligence is knowledge of customers and potential customers. This knowledge
will help you to better serve customers and ensure that your service
offerings align with their needs. Performing an annual survey will not give you
this type of information. You need to know why people are or are not your
customers. If they are not your customers, whose are they? Have they heard
of your company? Are they familiar with your services or are they part of an
untapped market?

An IT organization is responsible for putting information in a place where
it can be mined by salespeople, product developers, and others within an
organization. One way to achieve this is through an information portal. An
information portal uses the same technology as Web search engines to find
and catalog information within your company giving access to everyone. IT
sets up pointers to the information, allowing people to turn it into intelligence.
Business decision makers need rapid access to information about their
customers, markets, investors, suppliers, governments, employees, and finances.
There are four critical success factors for strategically using and managing
IT. First, enterprises must be able to quantify the value of IT. They must
know how IT contributes to the creation of the value and wealth of their organization.
The second factor involves the ability to collect and organize intelligence,
both internally and externally. This intelligence includes information about
your market, your customers, and your potential customers. Third, enterprises
need to understand the wide spectrum of capability and productivity of IT
people within the same skill set. The final success factor is to invest in IT
people that can invent and create new tools or services. The internal and
external business information problem has existed for centuries — the best
hope for the future is the wise use of business intelligence tools.
Thomas L. Hill
Electronic Data Systems (EDS)
Thomas Hill has the distinction of being an EDS Fellow, the highest level
of technical achievement in the corporation. He brings more than 30
years of extensive experience to EDS’ efforts for clients around the world.
EDS Fellows are visionary thinkers who represent the top echelon of EDS’
thought leadership capabilities. Fellows play a vital role in promoting
innovation at EDS and in extending EDS’ external reputation as a thought
leader and an innovative company through their work and engagements.

EDS, the leading global services company, provides strategy, implementation
and hosting for clients managing the business and technology complexities
of the digital economy. As the world’s largest outsourcing services
company, EDS, founded in 1962, is built on a heritage of delivery
excellence, industry knowledge, a world-class technical infrastructure
and the expertise of its people. EDS brings together the world’s best technologies
to address critical client business imperatives. It helps clients
eliminate boundaries, collaborate in new ways, establish their customers’
trust and continuously seek improvement. EDS, with its management-
consulting subsidiary, A.T. Kearney, serves more than 35,000 business
and government clients in 60 countries. EDS Fellows provide ongoing
support to a large number of EDS clients, including General Motors,
Sabre, Veterans Administration, Inland Revenue, British Petroleum, First
Health and Telecom New Zealand and are integrated into other clientfacing
engagements. This integration is critical to thoroughly diagnosing
their clients’ business challenges as well as developing innovative

Focus and Content of this Book
Business Intelligence in the Digital Economy: Opportunities,
Limitations, and Risks
Wisdom grows in those who help others achieve greatness.
- Colle Davis
Who will build intelligence into your business processes? Organizations
that need to gain more efficiency and manage or reduce costs are looking to
Business Intelligence (BI) to address their requirements. This book can be
used as a tool to explore the vast parameters of the applications, problems,
and solutions related to BI. Contributing authors include management consultants,
researchers, and BI specialists from around the world. The book has an
extensive range of topics for practitioners and researchers who want to learn
about the state of the art and science in business intelligence and extend the
body of knowledge.

BI is important in helping companies stay ahead of the competition by
providing the means for quicker, more accurate and more informed decision
making. BI is a general term for applications, platforms, tools, and technologies
that support the process of exploring business data, data relationships,
and trends. BI applications provide companies with the means to gather and
analyze data that facilitates reporting, querying, and decision making. The most
agile BI products/services are not confined by industry classification and can
create an infinite number of possible applications for any business department
or a combination of departments.

Business Intelligence (BI) provides an executive with timely and accurate
information to better understand his or her business and to make more
informed, real-time business decisions. Full utilization of BI solutions can optimize
business processes and resources, improve proactive decision making,
and maximize profits/minimize costs. These solutions can create an infinite
number of possible applications for finance, competition monitoring, accounting,
marketing, product comparison, or a combination of a number of business
areas. The most agile BI solutions can be used in any industry and provide
an infinite number of value-increasing possibilities for any organization.
The purpose of this executive’s guide on Business Intelligence is to describe
what BI is; how it is being conducted and managed; and its major
opportunities, limitations, issues, and risks. It brings together some high-quality
expository discussions from experts in this field to identify, define, and
explore BI methodologies, systems, and approaches in order to understand
their opportunities, limitations and risks.

The audience of this book is MBA students, business executives, consultants,
seniors in an undergraduate business degree program, and students
in vocational/technical training institutes.
The scholarly value of this proposed book and its contribution will be to
the literature in information systems/e-business discipline. None of the current
books on the market address this topic from a holistic perspective. Some are
more geared toward knowledge management or artificial intelligence. Others
take a more computer science and engineering perspective or a statistical
analysis perspective.

Chapter I proposes that the initial perceptions of uncertainty and risk
relating to the decisions faced are unlikely to be modified, irrespective of the
quantity or quality of the information transmitted and processed by the decision
maker. Initial risk perceptions and decisions are fairly robust even when
confronted with contradictory information. Empirical evidence presented illustrates
that the decision maker may also construct his or her decision-making
behavior to constrain the opportunity for new information to alter the initial
perceptions and choices made. Chapter I thus explores the premise that increased
business intelligence reduces the risk inherent in decision making and
provides suggestions on the appropriate management of individuals involved
in information search activities.

Chapter II presents a high-level model for employing intelligent agents in
business management processes in order to gain competitive advantage by
timely, rapidly, and effectively using key, unfiltered, measurements to improve
cycle-time decision making. It conceptualizes the transition of intelligent agents
utilized in network performance management into the field of business and
management. The benefits of intelligent agents realized in telecommunications
networks, grid computing, and data visualization for exploratory analysis connected
to simulations should likewise be achievable in business management processes.

Chapter III describes the different flavors of data mining, including association
rules, classification and prediction, clustering and outlier analysis, customer
profiling, and how each of these can be used in practice to improve a
business’ understanding of its customers. The chapter concludes with a concise
technical overview of how each data-mining technology works. In addition,
a concise discussion of the knowledge-discovery process — from domain
analysis and data selection, to data preprocessing and transformation, to
the data mining itself, and finally the interpretation and evaluation of the results
as applied to the domain — is also provided along with the moral and legal
issues of knowledge discovery.

Chapter IV provides a German industry perspective with a good balance
of business and technology issues. Although system performance and
product efficiency are continuously increasing, the information and knowledge
capability of the enterprise often does not scale to the development of business
requirements. This often happens due to complex company structures,
fast growth or change of processes, and rising complexity of business information
needs on one hand and a slow and difficult IT-improvement process
on the other hand. The chapter illustrates which system architecture to use,
which logical application structure to develop, how to set up and integrate the
implementation project successfully, how to operate and improve these environments
continuously, and how to configure, improve, and maintain the reporting,
OLAP and HOLAP environments.

Chapter V presents an Intelligent Knowledge-Based Multi-Agent Architecture
for Collaboration (IKMAC) to enable such collaborations in B2B
e-Marketplaces. IKMAC is built upon existing bodies of knowledge in intelligent
agents, knowledge management, e-business, and XML and web services
standards. This chapter focuses on the translation of data, information,
and knowledge into XML documents by software agents, thereby creating
the foundation for knowledge representation and exchange by intelligent agents
that support collaborative work between business partners. Some illustrative
business examples of application in Collaborative Commerce, E-Supply Chains,
and electronic marketplaces and financial applications — credit analysis, bankruptcy
analysis — are also presented. IKMAC incorporates a consolidated
knowledge repository to store and retrieve knowledge, captured in XML
documents, to be used and shared by software agents within the multi-agent
architecture. The realization of the proposed architecture is explicated through
an infomediary-based e-Marketplace prototype in which agents facilitate collaboration
by exchanging their knowledge using XML and related sets of standards.

Chapter VI takes a closer look at text mining that is a collection of broad
techniques for analyzing text, extracting key components, and restructuring
them in manner suitable for analysis. As the demands for more effective Business
Intelligence (BI) techniques increases, BI practitioners find they must
expand the scope of their data to include unstructured text. To exploit those
information resources, techniques such as text mining are essential. This chapter
describes three fundamental techniques for text mining in business intelligence:
term extraction, information extraction, and link analysis; an outline of the
basic steps involved; characteristics of appropriate applications; and an overview
of its limitations. The limits and risks of all three techniques center around
the dependency on statistical techniques — the results of which vary by the
quality of available data, and linguistic analysis that is complex but cannot yet
analyze the full range of natural language encountered in business environments.

Chapter VII makes a step-by-step analysis of how one retail giant moved
quickly to solve a very real problem facing industry executives today, i.e.,
getting and manipulating necessary data from a large variety of diverse legacy
systems running on heterogeneous operating systems and platforms. The case
study shows how the organization evaluated available software packages
against internal development and nimbly adopted internal development to yield
an integrated system that gathers and manipulates data from diverse systems
using a common system architecture. The chapter also provides a valuable
insight into the area of reclamation of advertising revenue that is valued at 3%
of retail sales. The imperative this company faced was the loss of that revenue
due to the expiration of the claim period unless its proposed solution came
online as planned. The analysis shows, in detail, how a variety of systems’
data were linked in a highly unique but effective manner to create the system
that has value far greater than the sum of its parts.

Chapter VIII explores the opportunities to expand the forecasting and
business understanding capabilities of Business Intelligence (BI) tools by using
the system dynamics approach as a complement to simulate real-world
behavior. System dynamics take advantage of the information provided by BI
applications to model real-world under a “systems thinking” approach, improving
forecasts and contributing to a better understanding of the business
dynamics of any organization. It discusses how BI tools can support system
dynamics tools, supplying “analyzed and screened data” to models of realworld
situations that are illustrated by application examples such as Customer
Relationship Management (i.e., supporting the processes of acquiring, retaining,
and enhancing customers with a better understanding of their behavior),
Value-Based Management (i.e., understanding the dynamics of economic value
creation in an organization), and Balanced Scorecard (i.e., modeling a balanced
scorecard for a better insight of enterprise performance drivers).

Chapter IX explores data mining and its benefits and capabilities as a
key tool for obtaining vital business intelligence information. It includes an
overview of data mining, followed by its evolution, methods, technologies,
applications, and future. It discusses the technologies and techniques of data
mining, such as visual, spatial, human-centered, “vertical” (or application-specific),
constraint-based, and ubiquitous data mining (UDM) for mobile/distributed
environments. Examples of applications and practical uses of data
mining as it transitions from research prototypes to data-mining products, languages,
and standards are also presented in this chapter.

Chapter X focuses on the factors necessary for strategic BI success from
a managerial perspective. BI results from the various information and human
knowledge source systems, as well as the holistic view of the business processes
within an organization, with its goal being to maximize the resources,
and minimize the inefficiencies that are systematic within an organization. The
interrelated and non-sequential factors for BI success are discussed. The chapter
discusses the critical success factors that enable strategic BI success, i.e.,
business process of BI within an organization, managerial understanding of
data systems, accountability for BI, and execution on BI.

Chapter XI discusses the role of text mining (TM) in BI and clarifies the
interface between them. BI can benefit greatly from the bulk of knowledge
that stays hidden in the large amount of textual information existing in the organizational
environment. TM is a technology that provides the support to
extract patterns from texts. After interpreting these patterns, a business analyst
can reach useful insights to improve the organizational knowledge. Although
texts represent the largest part of the available information in a company,
just a small part of all Knowledge Discovery applications are in TM. By
means of a case study, this chapter shows an alternative of how TM can contribute
to BI. The case study presented, with the methodological approach
described and an adequate tool, can be used to guide an analyst in developing
similar applications. A discussion on future trends such as the approach that
uses concepts instead of words to represent documents supports the effectiveness
of TM as source of relevant knowledge.

Chapter XII is an explanatory study of a CRM application in a financial
services organization to understand decision-making in data warehousing and
related decision support systems (DSS), the authors find the DSS provided
by these systems limited and a difference in strategy selection between the
two groups of user, analysts and advisors, related to incentives. They recommend
an extended version of the DSS-decision performance model that includes
the individual characteristics of the user as a construct to better describe
the factors that influence individual decision-making performance and
includes metadata, explanations and qualitative data as explicit dimensions of
the DSS capability construct.

Chapter XIII is a two-part survey exploring the role of data integration
in E-CRM Analytics for both B2B and B2C firms. The first part of the survey
looks at the nature of the data integrated and the data architecture deployed
and the second part analyzes technology and organizational value added with
respect to the e-CRM initiative. Interestingly, (and as one’s intuition may lead
one to believe) they find that an organization that integrates data from multiple
customer touch points has significantly higher benefits, user satisfaction, and
return on its investment than organizations that do not do so. They propose an
e-CRM Value framework as a model for generating greater total benefits for
organizations engaging in e-CRM projects.
Mahesh Raisinghani, PhD, CEC
October 2003


e-books shop

Purchase Now !
Just with Paypal

Product details
 File Size
 3,566 KB
 309 p
 File Type
 PDF format
 1-59140-206-9 (hardcover)
 1-59140-280-8 (softcover)
 1-59140-207-7 (ebook)
 2004 by Idea Group Inc 

Table of Contents
Foreword ................. vii
Preface ...... x
Chapter I
Reducing Risk in Information Search Activities 1
Clare Brindley, Manchester Metropolitan University, UK
Bob Ritchie, Manchester Metropolitan University, UK
Chapter II
Intelligent Agents for Competitive Advantage: Requirements and Issues 25
Mahesh Raisinghani, University of Dallas, USA
John H. Nugent, University of Dallas, USA
Chapter III
Data Mining and Knowledge Discovery 35
Andi Baritchi, Corporate Data Systems, USA
Chapter IV
Enterprise Information Management  48
Ulfert Gartz, PA Consulting Group, Germany
Chapter V
An Intelligent Knowledge-Based Multi-Agent Architecture for
Collaboration (IKMAC) in B2B e-Marketplaces  76
Rahul Singh, University of North Carolina at Greensboro, USA
Lakshmi Iyer, University of North Carolina at Greensboro, USA
Al Salam, University of North Carolina at Greensboro, USA
Chapter VI
Text Mining in Business Intelligence  98
Dan Sullivan, The Ballston Group, USA
Chapter VII
Bypassing Legacy Systems Obstacles: How One Company Built
Its Intelligence to Identify and Collect Trade Allowances 111
James E. Skibo, University of Dallas, USA
Chapter VIII
Expanding Business Intelligence Power with System Dynamics  126
Edilberto Casado, Gerens Escuela de Gestión y Economía, Peru
Chapter IX
Data Mining and Business Intelligence: 
Tools, Technologies, and Applications  141
Jeffrey Hsu, Fairleigh Dickinson University, USA
Chapter X
Management Factors for Strategic BI Success  191
Somya Chaudhary, Bellsouth Telecommunications Inc., USA
Chapter XI
Transforming Textual Patterns into Knowledge  207
Hércules Antonio do Prado, Catholic University of Brasília,
Brazilian Enterprise for Agriculture Research, Brazil
José Palazzo Moreira de Oliveira, Federal University of
Rio Grande do Sul, Brazil
Edilson Ferneda, Catholic University of Brasília, Brazil
Leandro Krug Wives, Federal University of Rio Grande do Sul, Brazil
Edilberto Magalhães Silva, Brazilian Public News Agency, Brazil
Stanley Loh, Catholic University of Pelotas and Lutheran University
of Brazil, Brazil
Chapter XII
Understanding Decision-Making in Data Warehousing and Related
Decision Support Systems: An Explanatory Study of a Customer
Relationship Management Application  228
John D. Wells, Washington State University, USA
Traci J. Hess, Washington State University, USA
Chapter XIII
E-CRM Analytics: The Role of Data Integration  251
Hamid R. Nemati, University of North Carolina, USA
Christopher D. Barko, University of North Carolina, USA
Ashfaaq Moosa, University of North Carolina, USA
Glossary .............. 270
About the Authors ......... 277
Index ........... 285


═════ ═════

Loading... Protection Status