Why HERM Modelling? Co-Design of Structure, Functionality, Distribution, and Interaction 23rd Jyv¨ askyl¨ a Summer School http://www.jyu.fi/summerschool/ Jyv¨ askyl¨ an yliopisto University of Jyv¨ askyl¨ a 19.8.2013 Bernhard Thalheim Technologie der Informationssysteme Institut f¨ ur Informatik, Christian-Albrechts-Universit¨ at zu Kiel, BRD Kolmogorow-Professor e.h. der Lomonossow-Universit¨at Moskau
147
Embed
· 2013-08-28 · Information Systems Co-Design 19.8.2013 B. Thalheim Co-Design? Abstraction Layer Methodology Model Suite Exceptions Privacy Open Problems Finally References Concept
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Why HERM Modelling?Co-Design of Structure, Functionality,
Distribution, and Interaction
23rd Jyvaskyla Summer School http://www.jyu.fi/summerschool/
Jyvaskylan yliopisto
University of Jyvaskyla
19.8.2013
Bernhard ThalheimTechnologie der Informationssysteme
Institut fur Informatik, Christian-Albrechts-Universitat zu Kiel, BRDKolmogorow-Professor e.h. der Lomonossow-Universitat Moskau
1
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Overview
• Co-Design - why ?
• Structuring (the classical and the non-classical case)
• Functionality [behavior] (the hidden programmer’s cave)
• Advanced views and media types (the long waited link)
• Interactivity (playout of scenarios, actors and interfacing)
• Making co-design working (handling complexity well-educated)
• References, conferences, open problems
Maximal exploitation of database theory and technology
for intelligent information systems design support
2
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Modeling is outSAP Chief Manager 1999: Modeling is out !but: > 20,000 + > 42,000 + > 87,000 + > 3,500,000
but relational schema redundancy in the SAP data schema: >
4.5
but large runtime and performance problems
but huge integration problems
but hyper-huge development problems: instead of integration
development once more
but until 1999: no documentation on R/3
but: heavy maintenance, installation and extension problems
hyper-redundancy in SAP R/3, e.g., more than 75 address relations
simple update (“change the zip for one street”) may take 2-3 days or
weeks
SAP database system is initialized within a two weeks time frame and
not less
3
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Stone-age Computer EngineeringNo Engineering Yet
handicraft programming
except computer game industry
everybody programs from scratch
Are there other approaches?
why pupils are programming websites?
Solution A: Script languages
Modeling of small programs
Meta-modeling
No Engineering Science Yet
4
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Application Systems are Task-Oriented
• task: specification of goal-oriented actions;
subtasks: workflow with activities, restricted by conditions, data and
Application Systems are User-Oriented:The User Viewpoint
Task User
Life CaseContext
Society Knowledge
36
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Application Systems are User-Oriented:The Information System Viewpoint
Content Database
ProcedureFunction
AlgebraAnalysis
37
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Specification of User Profiles
User profile: ⟨user profile name⟩Education profile: ⟨general description⟩
Education: ⟨list of degrees⟩Capabilities: ⟨list of skills⟩Knowledge: ⟨description of knowledge in the application⟩
Work profile: ⟨general description⟩Task expertise: ⟨description of knowledge⟩Task experience: ⟨positive and negative experience⟩System experience: ⟨experience with infrastructure planned⟩Information profile: ⟨information need⟩Interaction profile: ⟨interaction properties⟩
Personality profile: ⟨general description⟩General properties: ⟨list of user properties⟩Preferences: ⟨list of input/output/dialogue preferences⟩Polarity profile: ⟨list of of polarity properties⟩
Derivable profiles: ⟨profile description and enforcement⟩Security profile: ⟨access control and privacy⟩Safety profile: ⟨safety requirements⟩
Based On: ⟨user goals⟩Based On: ⟨user types⟩
38
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Specification of Portfolio�� ��Explicit scoping of information
Party portfolio: ⟨party portfolio name⟩Task: ⟨general description⟩
Characterisation: ⟨general description⟩Initial state: ⟨characterisation of the initial state⟩Target state: ⟨characterisation of the target state⟩Profile: ⟨profile presupposed for solution⟩Instruments: ⟨list of instruments for solution⟩Collaboration: ⟨specification of collaboration required⟩Auxiliary: ⟨list of auxiliary conditions⟩
Party restrictions: ⟨general description⟩Environment: ⟨general description⟩
Based On: ⟨life cases⟩
39
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Information Modelling must CaptureProfile and Portfolio of Users�� ��Know the purpose of information
Construction purpose for construction of a solution to application
domain problems (either as business system or as embedded system)
Communication purpose among stakeholders
Analysis purpose for validation, verification, tests
Examination ad check purpose for application domain or con-
structed system
Documentation purpose for logging development decisions,alternatives, neglected parts, variants, reference models
Master complexity, improvement, evolution, and realisation�� ��Each purpose requires its constructions and approaches!�� ��We must know the information demand!!!! -
40
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Information Portfolio��
��The missing ‘silver bullet’ for WIS description/prespription
Information production and consumption: information provided by the
system to its users and information entered by a user into the system
context-sensitive: user, data, story, functions, provide, system, user history,
runtime
views with different playout functions, containers for delivery
Information demand and need as two sides of the user space:
(1) need: perceived lack of something desirable or useful
(2) demand: act of demanding or asking
Persona: information is data for the user based on received / requested data,
which has to be organized, interpreted, understood, and integrated into his/her
knowledge
therefore: user model, specific requests of the user, ability of the user to un-
derstand the data, and skills of the user to integrate
simpler approach: characterise the user by prototypesContent chunks: which content is necessary for which actors or users with which
understanding, annotation, shortcuts, with which functionality
41
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Application Systems are User-Oriented:The User and the System Viewpoints
Task User
Life Case Context
Society Knowledge
Information demand
Data & functions
requested &
consumed &
produced
Content Database
ProcedureFunction
AlgebraAnalysis
Antropomorphic notion of the concept of information:
Information as processed by humans, is data perceived or noticed,
selected and organised by its receiver, because of his subjective human
interests, originating from his instincts, feelings, experience, intuition,
common sense, values, beliefs, personal knowledge, or wisdom simulta-
neously processed by his cognitive and mental processes, and seamlessly
integrated in his recallable knowledge.
42
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
The Media Type as the Mediator
Content Database
ProcedureFunction
• information demand and work of
the user is supported by a service
• service is a composition of views
and functions
• services must be adaptable to the
specific demand of a user, to the
specific life case, to the specific
features requested by the user
• services combine information and
features for the support of the
user
Media type specifies media objects delivered to
the user
Containers are media objects adapted to the
user, the context, the environment and the way
of working
Procedures of a system support the functions
provided by the system and use the schema of
the views
View schemata are HERM schemata; sometimes
we might use schemata consisting of one type;
in most cases we need however schemata with
many associated types
Views allow to use the Salami slice modelling ap-
proach without suffering from the local-as-view
approach
43
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Application Systems are User-Oriented:
Services Provided by a Systemthat Satisfy the Information Demand
Task User
Life Case Context
Society Knowledge
Service Information
Feature
�-
�-
�-
Serviceinterface
Content Database
ProcedureFunction
AlgebraAnalysis
Services deliver and accept the data based on content to the user
Information as requested by the user
Features of the information system for the support of the user
44
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Application Systems are User-Oriented:Media Objects
for Information-Intensive Systems
Task User
Life Case Context
Society Knowledge
�-
Informationservice
Content Database
ProcedureFunction
Media Object
AlgebraAnalysis
Containers deliver and accept the data based on content to the user
Container are media types, i.e., provide data with functions for their
utilisation
Information as requested by the user through media objects
Media objects for holistic information logistics
45
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Application Domain Description (1)
Users - Intentions - Context�
Brand of WIS(scope)
Life Cases
9Portfolio
�Profiles
R
Word fields
?Associators
z� -
Storyboard
?
9
Substantiveword fields
9Verb
word fields
?
Application Domain Description
?Containers
z?9?Media types � - Presentation� -
46
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Application Domain Description (1′)
Users - Intentions - Context�Life Cases
9
Brand of WIS(scope)
Portfolio
�Profiles
R
Word fields
?Associators
z� -
Storyboard
?
9
Content chunks
9Function chunks
?
RequirementsPrescription
?Containers
z?9?Media types � - Presentation� -
47
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Application Domain Description (2)
• D. Bjorner: High-level, informal application domain description
• L. Heinrich: Strategic information analysis
• Volere: Business use cases (simple word fields) combined to
business scenarios and business tasks
Product scope
9 ?
Business use case
(Product)use case
9 zFunctional, nonfunctional,
or technological requirements
?
?
Business events
Constraints
z 9?UML diagrams
48
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Modelling Life Cases by Stories�� ��Digicult: Representing successful behavioural pattern
K
Surveyon opportunities
j
K
Deletingoptions
U
j Nofurtheroptions
jGaining info
on problems
zSamplecasesY
U z
j
Successfulcases
K
Approachesfor use
y :
SimilarcasesY
Backgroundinfo
9
Analogous search
Mapping behaviour of users with full option space
Intelligent representation of information and knowledge spaces
Adaptation to the user, curent situation, context, ...
Representation: ⟨general style guide⟩Atmosphere: ⟨general description of atmosphere⟩Metaphors: ⟨list of metaphors⟩
Based On: ⟨tasks, audience, mission, goal⟩
50
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Input for the Application DomainDescription
• User: General description of the users
• User intentions: General description gathering the reasons to visit
the WIS
• User profiles: General specification of the userstogether with personas
• Context of the WIS in general
51
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Application Domain Description
• Brand of the WIS
• Life cases with relative importance for the WIS
• Word fields as basis business activities (business use cases and
events)
• Associators representing the general life case chart
• Portfolio supported by the WIS
• Context of the WIS depending on technology
• Actor profiles and portfolio
52
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Life Cases
Life case: ⟨life case name⟩Characterisation: ⟨outcome description⟩
Tasks: ⟨list of user tasks⟩Problems: ⟨list of problems⟩Background: ⟨general characterisation⟩Objectives: ⟨list of objectives⟩
Life case flow: ⟨general graphical description⟩Milestones: ⟨graph of milestones⟩Content consumed: ⟨consumed content items⟩Content produced: ⟨produced content items⟩Themes: ⟨class of intents⟩
Context: ⟨general context description⟩Time: ⟨temporality limitations⟩Place: ⟨assignment of places⟩Legacy: ⟨names of documents⟩WIS: ⟨general WIS context⟩
Representation: ⟨general behavior⟩Approaches: ⟨general description of approaches⟩
53
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Refinement of Life Cases
Life case: ⟨life case name⟩Tasks: ⟨list of tasks associated with the life case⟩Actors involvement: ⟨description of actors involvement⟩Profile restrictions: ⟨list of restrictions due to actors profile⟩Context specialisation: ⟨context embedding⟩
relocation
parties
housing benefit
house owner benefit
insurance agencies
health insurance
associated life cases
associated parties
vehicle documents
parking card
specialownership
special/exceptional
foreign resident
foreign temporary
second home additional taxation rent level
employment office
employer
employment
phone
water,sewage
supply energy,gas
pets registration
pet taxpets
children
partners
proofs
certificaterscertificate of authority for authorizing others
static constraints / maintenance, dynamic constraints in implemen-
tations
• Interfaces are going to be developed later
• Distribution in the Las Vegas approach
60
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Conceptualisation: Oneness of Schema(ta)�� ��Depending on the viewpoint
Leading, governing schemata in UML (13 of 142)
Class diagram with associated object, package, composite structure, de-
ployment, and distribution diagrams
State machine diagram with associated use case, activity diagrams
Interaction diagram with associated communication, sequence, timing
diagrams
or consider the ER-backed layered conceptual modelling
(1) (Extended) Entity-Relationship schema with H(igher-order)ER alge-
bra, HERM logics as the governing or kernel schema
(2) Business process model ,e.g., BPMN
(3) Distribution styles, profiles, pattern with communication + coopera-
tion + coordination
(4) Storyboards and stories as the often neglected dimensions
61
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Separation of Concern
(a) Properties essential for things of consideration in the application
domain
(b) Log as a volatile but essential piece of data
(b1) docket / superimposed schemata
(b2) source
(b3) time
... ...
resulting in
• binding schemata for references
• implicit exclusion via explicit exclusion
• special viewpoints (with importance in the development and de-
ployment processes)
62
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Three-Model-Conceptualisation
Natural model: representing reality as it is
m-schema as an object-centred representation:
my car # my car product # my car model #my car brand # my car manufacturer #my product # my product registration
thing of reality with scope, role, cohesion/adhesion, context, func-
tion, ‘personality’, competing viewpoints, with ‘natural’ semantics
Universal model: ER-architecture with inner (abstract) structure
and scoping profiles, explicit shuffling among schema dimensions,
folders and mappers, with full semantics and enforcement styles
Implementation model: class-separation schema with central -
view tower architecture, performance information as an class-
centred representation, with rigid implementation semantics�� ��Information (iso-)morphism among the three schemata�� ��Mapping theory with the universal model as governor.��
��Refinement of ER schemata (see Qing/β @ ER’2011)
63
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Conceptualisation: Solution�� ��Assumption nowadays: Oneness of conceptual schema
instead however
Application-oriented conceptual schema: typically compacti-
fied;
with different viewpoints for roles of stakeholders;
zooming out, scaling, scoping
Universal (real) conceptual schema: represents the conceptua-
lisation;
based on many-dimensional separation of concern
Realisation-oriented conceptual schema: depending on imple-
mentation policy, style and implementation platform;
also object-wise realisation
64
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
The Software Engineering Quadruple
Software specification
Requirementsprescription
Architectureblueprint
Application domain description
The ‘holy’ triade so far extended by context
• Application domain description
• Requirements prescription
• Software specification
65
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Classical dichotomy: Human-computersystems and information systems
ImplementationTransformation
Informationsystem
Presentationsystem
Web information system
Implementationlayer
Information systemspecification
Presentation systemspecification
WIS specification
Conceptuallayer
DesignRefinement
Applicationarea
description
Requirementsprescriptions
WIS descriptionand prescription
Description/prescription
layer
66
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Dichotomy of human-computer systemsand modern software systems
ImplementationTransformation
Presentationsystem
Informationsystem
Web information system
Implementationlayer
Presentation systemspecification
Information systemsspecification
WIS specification
Conceptuallayer
DesignRefinement
Applicationarea
description
Requirementsprescriptions
WIS descriptionand prescription
Description/prescription
layer
67
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Logical Tuning
• Tuning the disk cache
• Tuning the logical schema
• Query optimisation support
• Denormalisation of logical schemata for performance improvement
• Materialisation and layered architectures
• Query ‘gardening’
• Transaction processing tuning
• Load control techniques
68
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Conceptual Tuning
• Optimising the conceptual schema
• Performance-oriented translation to logical and physical schemata
• Adaptation to the optimisation strategy of the DBMS
• Technical tuning at the conceptual level
• Revision and optimisation of the logical schema
• Explicit performance-oriented control strategies for integrity main-
tenance
• Explicit introduction of parameters for performance collapses
• Optimisation of functions and queries depending on translation
choices, with explicit introduction of alternatives
69
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
The General Approach to PerformanceModelling
70
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Modelling the Application DemandPortfolio
the characterisation of the kind of computation based on
the description of the operations involved, the operation support,
and the data volumina transferred for support of computation,
the visibility description of processes for the business user
that includes frequency of operations and their relation to business
processes,
the description of the modes of computation such as onli-
ne, batch and interactive mode of computation or deferrable and
immediate application of computation,
the performance properties and quality based on the expec-
ted execution time for online etc. modes, based on the throughput
expectation for queries, modifications and transactions, based on
restrictions such as suitability or response time, and based on prio-
rity claims issued by the business user,
the criticality level of the processes.
71
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Modelling the Database SystemPerformance Parameter Space
72
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Different Scope - Need - Demand
• Business user , application-oriented scopes, local processes, repre-
sentation in an adequate form
• Scope-oriented representation for reasoning of a singleton user
(object-centred model style (XML style)
• Data representation at different abstraction and granularity levels
detection of probably inconsistent parts of the database
ability for diagnosing,resolving exceptions
treatment of exception conformance (consistency) and composition
Truth maintenance system
113
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
The Exception Facilitation Model
Inquire: Discovering the symptoms.
Investigate Defining the current state.
Vision: Defining the possibilities.
Analyse: Generating a list of potential solutions.
Qualify: Narrowing solutions down to those with the greatest lever-
age.
Plan: Securing ownership, commitment, permission.
Apply: Managing the realisation of the solution(s).
Report: Measuring the final outcome and capturing experience.
114
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Proactive Exception Handling�� ��based on a general conceptual approach
• (a) Conceptualisation of exception handling solutions.
• (b) Enhancement of conceptual schemata by exception handling
templates.
• (c) Development of control and measurement practices.
• (d) Development of parameter set reduction and dependence repre-
sentation techniques.
• (e) Substantiation of data mining and statistics techniques for per-
formance analysis.
• (f) Development of a exception handling framework .
115
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Privacy Enhanced Infrastructures�� ��Various Facets of Privacy Protection
“[P]rivacy will be to the information economy of the next century what
consumer protection and environmental concerns have been to the in-
dustrial society of the 20th century.”
Media privacy: supported by laws, constitutional rights and other
legal frameworks
Territorial privacy: supported by laws, constitutional rights and
other legal frameworks
Communication privacy: supported by laws, constitutional rights
and other legal frameworks
Bodily privacy: supported by laws, constitutional rights and other
legal frameworks
Information privacy: not well supported, tools for the “glass box
customer”
116
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Information Privacy EnhancedInfrastructures�� ��Basic Requirements
Information privacy: not well supported, tools for the “glass box
customer”
Openness and transparency: no secret record keeping
Individual participation: ability of change by the subject of
the record
Data quality: relevant to the purposes and and up-to-date
Collection limitation: collection proportional to its purpose
Use limitation: used for their specific purpose by authorized per-
sonnel
Reasonable security: adequate security safeguard
Accountability: accountable for the compliance with the other
principles
117
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Research Issues on Privacy EnhancingTechnologies
Decentralized architectures and query methodologies for weakly struc-
tured and heavily distributed data
Automatic acquisition and integration of context for information supply
on real demand (context-sensitive information logistics)
Dynamic orchestration of services, conditioning, optimal service granularity,
information asymmetry, payment
Data protection and security preferences of users and automatic ali-
gnment with characteristics of services
Adjustment between inspection of technology and minimization of transaction
costs
Ubiquitous and calm availability of all relevant data with redesign of busi-
ness processes, including logistics
Novel cooperation and coordination models based on policies, contracts,
arbiters
Support for economy of attention of human users with limited time
118
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
The Information Privacy Model (IPM)�� ��Towards sound theory and feasibility of management
Infons as the basic unit of chunks of data to be considered
Information: true infon(s)
Possession of infons by agents
Proprietorship of infons by individuals
Logical and procedural treatment of possession, proprietorship
and their relations
Constraints limiting the usage of infons
Architectures for information privacy enhanced information systems
Management of possession and proprietorship
119
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Separation of Concern: Proprietor,Possession, Privacy Unit
120
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Special Case: Participatory PrivacyEnhancing Systems�� ��Matured user with informed proprietors within a fully trusted community
Proprietor sovereignty principle: right to sovereigntyover his/her proprietary infons
policy supporting the proprietor sovereignty principle:possessor in the role of ‘content and topic observer’;proprietor in the role of ‘informed owner’ and ‘refresher’
contract: between proprietor and possessor for using content and topicson an ongoing basis in order tomonitor, collect information (about conditions of possession),give a warning, andtake actions such as use, security, welfare, accuracy, correctness,
and maintenance of infons
Faithful collaboration:portfolio and profile of contracting possessor
do not include any forbidden action or ability,all reporting obligations are observed
proprietor is observing his/her obligations
121
InformationSystemsCo-Design
19.8.2013
B. Thalheim
Co-Design?Abstraction Layer
Methodology
Model Suite
Exceptions
Privacy
Open Problems
Finally
References
Concept Topic
Content
Information
Infon: The Concept�� ��Generalizing Kauppi, Devlin, Seligman, Wille
Infon definition:
• discrete item of information
• parametric: objects, anchors
Action results in changing many infons
Basic infon set I: (temporary, epistemic) subset of the set of all
infons
• all dual infons of the basic infons
• expansion of all anchored infons into the basic infons