JISTEM JOURNAL OF INFORMATION SYSTEMS AND TECHNOLOGY MANAGEMENT REVISTA DE GESTÃO DA TECNOLOGIA E SISTEMAS DE INFORMAÇÃO
www.jistem.fea.usp.br
ISSN: 1807-1775
Volume 11 : Number 3 : 2014
Available Online Disponível Online Support:
JISTEM Journal of Information Systems and Technology Management Revista da Gestão da Tecnologia e Sistemas de Informação ISSN online: 1807–1775
Every four months/Quadrimestral
Universidade de São Paulo – FEA USP Prof. Dr. Marco Antonio Zago – USP Reitor/Rector Prof. Dr. Vahan Agopyan – USP Vice-Reitor/Vice-Rector Prof. Dr. Reinaldo Guerreiro - Diretor da FEA/Dean of FEA Editor Prof Edson Luiz Riccio, PhD. University of São Paulo – FEA, São Paulo Brazil Assistant Editor Marici Gramacho Sakata, PhD. TECSI University of São Paulo – FEA, São Paulo Brazil Editorial Board – Comitê de Política Editorial Armando Malheiro da Silva, University of Porto, Porto, Portugal Christophe Benavent, Université Paris Ouest Nanterre La Defense, Paris, France Henrique Freitas, Federal University of Rio Grande do Sul, Rio Grande do Sul, Brazil JaeJon Kim, Chonnam National University, Gwangju, Korea Luc Marie Quoniam, University Paris 8, Paris, France Michael D. Myers, University of Auckland, Auckland, New Zealand Miklos Vasarhelyi, Rutgers Business School, New Jersey, USA Rejane Maria da Costa, University of Brasilia, DF, Brazil Robert D. Galliers, Bentley College, Massachusetts, USA Editorial Review Board – Comitê Científico Editorial Adam Mazurkiewicz, Instytut Technologii Eksploatacji, Poland Adalberto A. Fischmann, University of São Paulo, São Paulo, Brazil Antonio Carlos dos Santos, Federal University of Sao Carlos, São Carlos, Brazil Birger Hjorland, Royal School of Lis, Copenhagen, Denmark Burak Arzova, Marmara University, Istanbul, Turquia Dennis F. Galletta, University of Pittsburgh, Pittsburgh, USA Emerson Maccari, Uninove, Sao Paulo, Brazil Fabio Frezatti, University of São Paulo, São Paulo, Brazil Fernando Colmenero Ferreira, University of Madeira, Madeira, Portugal Geraldo Lino de Campos, University of Sao Paulo, Sao Paulo, Brazil Gilson Schwartz, University of Sao Paulo, Sao Paulo, Brazil Guilherme Ari Plonski, University of São Paulo, São Paulo, Brazil Jan Capek, Univerzita Pardubice, Pardubice, Czech Republic Jose Dutra de Oliveira Neto, University of Sao Paulo, Sao Paulo, Brazil José Rodrigues Filho, Universidade Federal da Paraíba, Paraíba, Brazil Miguel Juan Bacic, University of Campinas, Campinas, Brazil Napoleão Verardi Galegale, Centro Paula Souza and Galegale Associados, Sao Paulo, Brazil Rosana Grillo Gonçalves, University of Sao Paulo, São Paulo Brazil Published by TECSI - Laboratório de Tecnologia e Sistemas de Informação - Revista de Gestão da Tecnologia e Sistemas de Informação - EAC FEA USP Av. Prof. Luciano Gualberto, 908 FEA 3, Cidade Universitária - São Paulo/SP 05508-900 Brasil Fone: 55-11-3091 5820 r.190 Fax: 55-11-3091 5820 jistem@usp.br Indexation/Directories SciELO, Latindex, Proquest, Ulrich's Periodical Directory, DOAJ, The Index of Information Systems Journals, ACPHIS, Dialnet, Ebsco, Gale Infotrac, CLASE, Portal de Periódicos USP, Qualis CAPES, Cabell's Directory Webmaster jistem@usp.br Technical Support Equipe TECSI pesquisatecsi@usp.br Terms and Conditions The license lets others distribute, remix, tweak, and build upon your work, even commercially, as long as they credit you for the original creation. This is the most accommodating of licenses offered. Recommended for maximum dissemination and use of licensed materials. Direitos e Permissão Os artigos são de total responsabilidade dos autores e todos os direitos reservados ao TECSI. Esta licença permite que outros distribuam remixem e construam sobre a sua obra, mesmo comercialmente, desde que lhe deem crédito pela criação original.
Support:
JISTEM Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No.3, Sep/Dec. 2014, pp. 515-516 ISSN online: 1807-1775
Volume 11: Number 3 / Volume 11: Número 3
2014
Content / Índice
515-516
Editorial
517-518
1
THE IMPACT OF E-TICKETING TECHNIQUE ON CUSTOMER SATISFACTION: AN EMPIRICAL ANALYSIS Mazen Kamal Qteishat, Albalqa Applied University, Amman, Jordan Haitham Hmoud Alshibly, Albalqa Applied University, Amman, Jordan Mohammad Atwah Al-ma'aitah, Albalqa Applied University, Amman, Jordan
519-532
2
DETERMINING FACTORS OF BANK EMPLOYEE READING HABITS OF INFORMATION SECURITY POLICIES Willian Allassani, University of Professional Studies, Department of
533-548
Information Technology, Legon-Accra, Ghana 3
THE CASE OF INCA´S NATIONAL TUMOR BANK MANAGEMENT SYSTEM IN BRAZIL Antonio Augusto Gonçalves, Instituto Nacional de Câncer - INCA (Brazilian Nacional Cancer Institute) Information Technology Division, Rio de Janeiro – RJ, Brazil Claudio Pitassi, Faculdades Ibmec-RJ, Rio de Janeiro – RJ, Brazil Valter Moreno de Assis Jr. Faculdades Ibmec-RJ, Rio de Janeiro – RJ, Brazil
549-568
4
CONTEXT MANAGEMENT: TOWARD ASSESSING QUALITY OF CONTEXT PARAMETERS IN A UBIQUITOUS AMBIENT ASSISTED LIVING ENVIRONMENT Débora Cabral Nazário, Federal University of Santa Catarina - UFSC Florianopolis, Santa Catarina, Brazil, Santa Catarina State University – UDESC - Joinville, Santa Catarina, Brazil Mário Antônio Ribeiro Dantas, Federal University of Santa Catarina - UFSC Florianopolis, Santa Catarina, Brazil José Leomar Todesco, Federal University of Santa Catarina - UFSC Florianopolis, Santa Catarina, Brazil
569-590
5
PROPOSITION OF AN ALUMNI PORTAL BASED BENCHMARKING AND INNOVATIVE PROCESS Gislaine Cristina dos Santos Teixeira, UNINOVE University, SP, Brazil Emerson Antonio Maccari, UNINOVE University,, São Paulo, SP, Brazil
ON
591-610
6
ENVIRONMENTAL SCANNING, STRATEGIC BEHAVIOR AND PERFORMANCE IN SMALL COMPANIES. Éverton Luís Pellizzaro de Lorenzi Cancellier, State University of Santa Catarina Itacorubi, Florianópolis/SC Elton José Blageski Junior, University of Vale do Itajaí, Biguaçu/SC, Brazil Carlos Ricardo Rossetto, University of Vale do Itajaí, Biguaçu/SC, Brazil
611-628
7
ARCHITECTURE D’UN SYSTEME D’INFORMATION DECISIONNEL ORIENTEE VERS LE PROCESSUS ELECTORAL ARCHITECTURE OF AN ELECTION-ORIENTED BUSINESS INTELLIGENCE SYSTEM
629-644
Vol. 11, No.3, Sep/Dec. 2014, pp. 515-516
www.jistem.fea.usp.br
208 Content / Indice
Youssef Taher, Centre d'Orientation et de Planification de l'Education- Rue Azzaitoune, RABAT, Morocco 8
L’INFORMATION BREVET AU SERVICE DE L’INDUSTRIE PETROLIERE: CAS DE CONCEPTION ET OPTIMISATION DES TREPANS PAR INGENIERIE INVERSEE THE PATENT INFORMATION FOR OIL & GAS INDUSTRY: CASE STUDY OF DRILL BITS DESIGN AND OPTIMIZATION BY REVERSE ENGINEERING Abdelkader Baaziz, IRSIC Laboratory, Aix-Marseille Université, Marseille, France Luc Quoniam, University of Sud Toulon-Var, France Abdenacer Khoudi, ENSP - Direction Fabrication & Travaux, Alger, Algeria
645-676
9
STANDARDIZATION INITIATIVES IN THE PRODUCTION OF VIRTUAL LEARNING OBJECTS INICIATIVAS DE ESTANDARIZACIÓN EN LA PRODUCCIÓN DE OBJETOS VIRTUALES DE APRENDIZAJE Jhon Francined Herrera Cubides, Universidad Distrital Francisco José de Caldas Bogotá, Colombia. Nancy Yaneth Gelvez García, Universidad Distrital Francisco José de Caldas Bogotá, Colombia. Juan Manuel Sánchez Céspedes, Universidad Distrital Francisco José de Caldas Bogotá, Colombia.
677-716
10
SECURITY INFORMATION IN PRODUCTION AND OPERATIONS: A STUDY ON AUDIT TRAILS IN DATABASE SYSTEMS SEGURANÇA DA INFORMAÇÃO DE PRODUÇÃO E OPERAÇÕES: UM ESTUDO SOBRE TRILHAS DE AUDITORIA EM SISTEMAS DE BANCO DE DADOS Rodrigo Roratto, Federal University of Santa Maria, RS/Brazil Evandro Dotto Dias, Federal University of Santa Maria, RS/Brazil
717-734
Events / Eventos
735
Contributions / Submissão de Artigos
736-737
Editorial Information 2014 / Informações Editoriais 2014
738- 751
Vol. 11, No.3, Sep/Dec. 2014, pp. 515-516
www.jistem.fea.usp.br
JISTEM Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No.3, Sept/Dec. 2014, pp.515-516 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300000
Editorial Edson Luiz Riccio, Editor Dear Readers In this last issue, September – December of 2014, we are pleased to present a selection of 10 highly relevant articles The articles cover important issues of:
Customer Satisfaction Information Security Policies and Security Information Systems Management Context Management Benchmarking and Innovative process Environmental Scanning and Strategic Behavior Information Architecture Reverse Engineering Virtual Learning
JISTEM maintains the high quality and visibility in both national and international sectors. In addition to authors from Jordan, Ghana, Marocco, France, Algeria and Colombia, we also present Brazilian authors from Rio de Janeiro, Santa Catarina and São Paulo We thank all authors and reviewers and wish you a pleasant reading.
R. Gest. Tecn. Sist. Inf. /JISTEM Journal of Information Systems and Technology Management, Brazil
516 Content / Indice
Editorial Edson Luiz Riccio, Editor
Caros Leitores,
Nesta ultima edição de Setembro a Dezembro de 2014, temos o prazer de apresentar uma seleção de 10 artigos altamente relevantes.
Os artigos cobrem os seguintes tópicos principais:
Customer satisfaction
Information Security policies and Security Information
Management Systems
Context Management
Benchmarking and Innovative process
Environmental scanning and Strategic Behavior
Information Architecture
Reverse Engineering
Virtual Learning
A JISTEM mantém a alta qualidade e visibilidade, nos setores nacional e internacional. Além de autores do Jordan, Guana, Marocco, France, Algeria e Colombia, apresentamos também autores brasileiros do Rio de Janeiro, Santa Catarina e São Paulo. Agradecemos a todos os autores e revisores e desejamos a todos uma agradável leitura.
Vol. 11, No.3, Sept/Dec. 2014, pp.515-516
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300001
THE IMPACT OF E-TICKETING TECHNIQUE ON CUSTOMER SATISFACTION: AN EMPIRICAL ANALYSIS Mazen Kamal Qteishat Haitham Hmoud Alshibly Mohammad Atwah Al-ma'aitah Albalqa Applied University, Amman, Jordan ___________________________________________________________________________________________
ABSTRACT Recently, internet technology is considered to be the most used information and communication technology by organizations: it can ease the process of transactions and reinforce the relation between companies and customers. This investigation empirically examines the impact of e-ticketing technique on customer satisfaction; a convenience sample of Jordanian airline passengers that had booked flights in the last 12 months through companies offering e-ticketing services was acquired. The findings indicate that customer satisfaction with e-ticketing services was influenced by all of the independent variables measured (Data security, Customer and Technical Support, and User-Friendliness) were noted to have significant impact on customer satisfaction with e-ticketing services. Keywords: E-ticketing, Customer Technical Support, Infrastructure, Security, UserFriendliness
1. INTRODUCTION The popularity of Internet technology has increased substantially over the course of the last several years (Lopez-Bonilla & Lopez-Bonilla, 2013). As a result, organizations have worked diligently to develop new methods for interfacing with customers. Central to this process has been the development of e-tickets (Borthick & Kiger, 2003). As noted by Tripathi, Reddy, Madria, Mohanty and Ghosh (2009), etickets can be used by a wide range of organizations to provide services including coupons for e-shopping, to tickets for entrance into a concert or sporting event. ___________________________________________________________________________________________ Manuscript first received/Recebido em: 23/03/2014 Manuscript accepted/Aprovado em: 17/09/2014 Address for correspondence / Endereço para correspondência Mazen Kamal Qteishat, Assistant Professor, Department of Business, Albalqa Applied University, P.O. Box 1705, Amman 11118, Jordan,Tel: 962-79-705-1054 E-mail:mazenqteishat@hotmail.com Haitham Hmoud Alshibly, Associate Professor, Department of Business, Albalqa Applied University, P.O. Box, Amman 11118, Jordan,Tel: 962-79-705-1054 E-mail:mazenqteishat@hotmail.com Mohammad Atwah Al-ma'aitah,Assistant Professor, Department of MIS, Albalqa Applied University, P.O. Box, Amman 11118, Jordan,Tel: 962-79-705-1054 E-mail:Z_maytah@yahoo.com Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
520
Qteishat, M. K., Alshibly, H. H, Al-ma'aitah, M. A.
Although it is not fair to argue that e-tickets have become ubiquitous, it is evident that the proliferation of e-tickets represents a change in the way that traditional ticket purchasing occurs (Bukhari, Ghoneim, Dennis & Jamjoom, 2013). E-tickets appear to offer a number of advantages to organizations, including lower costs and increased operational efficiency (Boyer, Hallowell & Roth, 2002). As such, it is projected that the use of e-tickets will only continue to increase over time (Bukhari, et al., 2013). Even though e-ticketing services appear to be the future of operations for many organizations seeking to streamline operations and improve customer service, research regarding e-ticketing and e-service indicates that these processes have not been without their challenges (Hallowell, 2001). Curbera, et al. (2002) contend that eticketing services, much like many internet and mobile applications, developed in an ad hoc manner. This has created a situation in which the function and utilization of etickets has not been actively integrated into the strategy of the organization (Curbera, et al., 2002). Other scholars examining the adoption of e-ticketing contend that a host of cognitive variables impact consumer decision-making, leading positive or negative perceptions regarding e-ticketing as a principle method for acquiring service within an organization (Sulaiman, Ng & Mohezar, 2008). In addition, the cognitive elements of e-ticketing have become such an important issue of concern for organizations in recent years as efforts to expand e-ticketing progress (Lopez-Bonilla & Lopez-Bonilla, 2013). Specifically, the issue of customer satisfaction in e-ticketing has become a central issue of focus, prompting organizations to investigate the specific variables that shape customer outcomes when choosing eticketing options (Wei & Ozok, 2005). Using this as a foundation for investigation, the current research utilizes customer satisfaction as the dependent variable to assess what specific independent variables (customer technical support, infrastructure, data security and/or user-friendliness) shape customer satisfaction in decision-making when it comes to purchasing an e-ticket. By correlating independent variables with customer satisfaction, it will be possible to acquire a deeper understanding of how customer satisfaction is developed when it comes to e-ticket purchasing and use by consumers. 2. LITERATURE REVIEW A review of the literature examining the definitions of e-ticketing that have been reported demonstrates efforts to explicate the full spectrum of e-ticketing for both the consumer and the organization. For instance, Alfawaer, Awni and Al-Zoubi (2011) define an e-ticket as “a paperless electronic document used for ticketing travelers, mainly in the commercial airline industry” (p. 848). Sorooshian, Onn and Yeen (2013) further define e-ticketing as “a procedure of keeping record of sales, usage tracking and accounting for a passenger’s transport with no requirement for a paper ‘value document’” (p. 63). This definition clearly indicates that the e-ticket includes more than just a paperless document for the passenger: rather the e-ticket represents an extensive architecture within the organization that provides a wealth of information about the consumer. The definitions of e-tickets and e-ticketing provided in the literature clearly suggest that e-ticketing has a host of implications. Lubeck, Wittmann and Battistella (2012) are able to examine these issues by tracing the evolution of e-tickets and efforts by the organization to improve efficiency in ticketing operations. According to these authors, e-tickets have evolved to address concerns associated with “inefficiency in JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
The impact of e-ticketing technique on customer satisfaction: an empirical analysis
521
information management and control of operations� (p. 18). E-tickets, as noted by Lubeck and co-workers, require the creation of a comprehensive technological platform that controls almost every aspect of the customer relationship within the organization. As such, the roots of e-ticketing go much further than the interface with the customer. 3. THEORETICAL FRAMEWORK Customer satisfaction with e-ticketing services was selected as the dependent variable for this investigation. A review of the literature regarding customer satisfaction with e-ticketing indicates that satisfaction has been measured through two components: customer satisfaction and customer retention. Patterns of loyalty in eticketing and e-service have been reviewed by Chang, Wang and Yang (2009). These authors argue that patterns of customer satisfaction in e-service are similar to those that develop in face-to-face transactions and interactions. Specifically, these authors assert that: “When perceived value is low, the customer will be inclined to switch to competing businesses in order to increase perceived value, thus contributing to a decline in loyalty� (p. 424). Satisfaction develops over time as a response to the way in which customers are treated by the organization. In the context of e-ticketing, satisfaction is thus influenced by a wide range of variables focused on the quality of service provided to the customer. Bernardo, Llach, Marimon and Alonso-Almeida (2013) illustrate this point by noting the loyalty in eservices is shaped by services provided to customers before and after a sale, as well as the general environment in which the transaction takes place. If the environment meets customer expectations for security and support, loyalty with the customer will often be established, leading to the ability of the organization to retain the customer over the long-term. Thus, loyalty and customer retention are integrally related when it comes to the development of e-services (Enzmann & Schneider, 2005). The relationship between loyalty and customer retention for e-services and eticketing appears to stem from commitment, trust, involvement of the organization, and the perceived value of the service provided (Chen, 2012). As such, companies offering e-ticketing services must carefully consider elements of customer support and service to build strong relationships with consumers. Noor and Azila (2012) argue that in order to achieve this outcome, companies offering any type of e-service must be able to build comprehensive relationships with customers. This insight effectively supports what Kolsaker, et al. (2004) note about the need for customer support and service in e-ticketing. Even though many organizations believe that customer service and support is not needed with e-ticketing, in actuality there is a definitive impetus to develop customer service and support that targets customer needs for e-ticketing to ensure the development of commitment and trust leading to increased loyalty and customer retention. 3.1 E-ticketing factors influencing customer satisfaction Critical review of the literature suggests that E-ticketing Technique factors such as Customer Technical Support, Infrastructure, Security and User-Friendliness work together to shape the relationship with customer satisfactions.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
522
Qteishat, M. K., Alshibly, H. H, Al-ma'aitah, M. A.
3.1.1 Customer Technical Support Evaluation of the factors which contribute to customer adoption of e-ticketing clearly indicates that customer and technical support are critical issues of concern (Buhalis, 2004). Lau, Kwek and Tan (2011) assert that customer perceptions of service quality will play a significant role in shaping decision-making for the individual to utilize e-ticketing services. As argued by these authors, customer perception influenced by the level of support provided to the customer, especially when problems arise in eticketing service. Sureshkumar and Palanivelu (2011) delve further into this issue arguing that perceptions of the customer regarding customer service have direct ramifications for customer behavior. If the customer believes that the organization will provide customer service and support through the purchase of e-tickets, customers will be more likely to purchase these products (Sureshkumar & Palanivelu, 2011). Furthermore, the true impact of customer perceptions regarding customer service and technical support is illustrated by Haewoon (2007) who contends that many airlines have alienated customers as a result of a failure to provide customer support in e-ticketing services. Viewing e-ticketing as a panacea for reducing costs and increasing efficiency in operations, Haewoon argues that airlines quickly adopted e-ticketing without establishing protocols for customer and technical support. Research regarding this issue suggests that while many companies employing e-ticketing believe that this service should preclude the need for extensive customer service - thus reducing costs in actuality, this is not the case (Kolsaker, Lee-Kelley & Choy, 2004). Kolsaker and co-workers report that many organizations have found that the implementation of eticketing often requires the development of targeted customer service practices that address specific customer needs related to e-ticketing and e-service. Without these supports in place, customers will view the e-ticketing process as cumbersome and will not gravitate to e-service to meet their needs (Kolsaker, et al., 2004). 3.1.2 Infrastructure Infrastructure to support e-ticketing operations may also play a role in developing customer satisfaction for these services. As noted in the introduction of this investigation, e-ticketing services typically developed in an ad hoc manner within the organization (Curbera, et al., 2002). As a result, e-ticketing was not initially integrated with other operations, leading to problems when customers required additional service or support (Curbera, et al., 2002). Jakubauskas (2006) considers these issues, noting that e-ticketing systems have undergone notable changes since their inception. In order to ensure effective and efficient use of e-tickets, Jakubauskas maintains that organizations have had to establish network architectures to support e-ticketing services. These infrastructures have been essential to creating a comprehensive system that simultaneously addresses customer needs while creating the supports needed to streamline operations within the organization (Jakubauskas, 2006). Without the infrastructure to support e-ticketing, organizations would not be able to utilize these services to achieve cost reductions and enhanced customer satisfaction. Moreover, the importance of infrastructure in the development of e-ticketing systems is further reviewed by Zambon, Etalle, Wieringa and Hartel (2011) who note the myriad of ways in which infrastructure impacts both customer and organizational outcomes. With regard to the implications of e-ticketing infrastructure for customers, Zambon and co-workers note the importance of availability and accuracy in service. The infrastructure used by the organization will have implications for the ability of the JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
The impact of e-ticketing technique on customer satisfaction: an empirical analysis
customer to use the system and to ensure accuracy when purchasing organizations, infrastructure can provide business continuity and offer minimize risks and improve operational functionality (Zambon, et al., when developing e-ticketing services, infrastructure issues must considered.
523
a ticket. For the ability to 2011). Thus, be carefully
3.1.3 Data Security Data security is also an issue of concern impacting consumer behavior and decision-making with regard to e-ticketing. Mut-Puigserver, Payeras-Capellà, FerrerGomila, Vives-Guasch and Castellà-Roca (2012) consider the security concerns associated with e-ticketing, noting that security breaches remain a significant barrier for the adoption of e-ticketing services in many transportation organizations and agencies. The scope and extent of security issues related to e-ticketing is highlighted by Mut-Puigserver and co-workers who argue that “the use of ET systems enables various privacy abuses both in real-time and retrospect since the anonymity of users is not always guaranteed and, therefore, users can be traced and their profiles of usual movements can be created” (p. 926). Smith and Smith (2012) further examine security issues that can arise in the use of e-ticketing services. As acknowledged by these authors, security issues have been reported with e-tickets as a result of efforts on the part of organizations to integrate eservices with other customer relationship management (CRM) programs. CRM programs have long been part of operations to track customer preferences and behaviors. The integration of e-ticketing with these systems has resulted in significant security issues utilization of CRM systems in this capacity has been shown to compromise these infrastructures (Smith & Smith, 2012). This problem appears to relate back to the ad hoc nature in which e-ticketing services have been established within the organization (Curbera, et al., 2002). Security issues in online services including e-ticketing have been noted to be a significant problem for many consumers (Zhang, Prybutok & Huang, 2006). Yang and Jun (2008) argue that if customers perceive problems with security in e-services, they will be less likely to make purchases via the internet. Perceptions of security impact the level of trust for the consumer (Yang & Jun, 2008). If trust is not present in the relationship between the customer and the e-service provider, there is less likelihood that the consumer will conduct business with the organization (Yang & Jun, 2008). Zhang and co-workers further argue that security issues affect customer satisfaction with e-services, making it necessary for organizations to ensure that customer data is protected. 3.1.4 User Friendliness E-ticketing services must also be user-friendly for the customer. Dekkers and Rietveld (2007) consider the issue of user-friendliness, noting that customers, depending on their willingness to use mobile technology, will view this issue differently. Specifically, these researchers examined the use of e-ticketing systems in the public transportation system of the Netherlands. Tracking usage patterns and customer preferences, Dekkers and Rietveld found that e-ticketing services were convenient for regular and semi-regular customers using the transportation system. These individuals found the e-ticketing system easy to use and navigate. For less regular users, the system was viewed as difficult to utilize, resulting in a decline of eticket use among this group.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
524
Qteishat, M. K., Alshibly, H. H, Al-ma'aitah, M. A.
Lei, Quintero and Pierre (2009) further review usage patterns of e-ticketing systems examining those that are integrated and those that require two different processes for use: authentication and payment. Analysis provided by these authors indicates that integrated e-ticketing systems that require fewer steps for customers were typically utilized more frequently, suggesting the need to streamline these systems in order to increase customer adoption. In short, system interfaces will influence customer adoption of e-ticketing to some degree. However, as reported by Dekkers and Rietveld (2007), user characteristics, including technological capabilities and frequency of system use, will also impact outcomes. According to the previous literature research, model-1 was developed and applied as the theoretical framework for understanding the impact of e-ticketing techniques as (independent variable) on customer satisfaction (dependant variable). H1
Customer/Tech Support h2
Infrastructure h3
Customer/ Satisfaction h4
Data Security h5
User-Friendliness
Model-1: e-ticketing technique on customer satisfaction
4. MAIN RESEARCH QUESTION To what extent does the proposed model, and in particular the role of components: Customer Technical Support, Infrastructure, Security and UserFriendliness play in Customer Satisfaction? 4.1 Sub-research Questions Is there a significant effect of e-ticketing factors (customer/technical support) on customer satisfaction? Is there a significant effect of e-ticketing factors (infrastructure) on customer satisfaction? Is there a significant effect of e-ticketing factors (Data Security) on customer satisfaction? Is there a significant effect of e-ticketing factors (User-Friendliness) on customer satisfaction?
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
The impact of e-ticketing technique on customer satisfaction: an empirical analysis
525
5. THE RESEARCH METHODOLOGY Population and Sample The population for this investigation was drawn from a local group of airline customers that had utilized airline services that offer e-ticketing in the last 12 months. Customer names and addresses were obtained from marketing information collected by airlines. Customers on the list had agreed to have their personal information shared for marketing purposes. A total of 250 surveys were mailed to potential respondents for the survey. Of these surveys, 177 were completed and returned for a 71 percent response rate. Although respondents were initially identified for mailing of the surveys, return responses did not include any identifying information about the customer ensuring the ability of the researcher to protect the anonymity of respondents. Table I: Demographic Characteristics Percent
Frequency
Characteristics Gender
53.1
94
Male
46.9
83
Female Age
5.4
8
LESS THAN 20
1..7
715
12-1.
74.1
11
30-39
7..1
78
40 AND OVER Education
1.8
75
HIGH SCHOOL
5.4
8
DEPLOMA
87.8
754
BA
4.2
7.
POST GRADUTE Computer Literacy
82.8
742
Yes
7..1
78
No
14.1
725
15.2
52
Internet (Home)
Accessibility Yes No
In terms of demographic composition of the respondents Table 1 shows that, 53.1 percent (n = 94) were male with the remaining 46.9 percent (n = 83) female. Additionally, 4.5 percent (n = 8) of the respondents were under the age of 20, 70.1 percent (n = 124) were between the ages of 20 and 29, 15.32 percent were between the ages of 30 and 39 (n = 27), and 10.2 percent were over the age of 40 (n = 18). Of those returning surveys, 7.8 percent (n = 14) had some high school education while 4.5 Percent (n = 8) had a high school diploma, 81.8 percent had a Bachelors Degree (n = 145), and 5.9 percent had a post-graduate degree (n = 10). A majority of respondents JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
526
Qteishat, M. K., Alshibly, H. H, Al-ma'aitah, M. A.
reported computer literacy (89.9 percent, n = 159) and internet accessibility in the home (75.7 percent, n = 134). 5.2 Data Collection and Analysis For the purpose of this investigation, reliability coefficients of scales (Cronbach’s Alpha), multiple regression modeling and simple regression was used to evaluate the relationships between variables. The questionnaire used for the research was designed based on an analysis of the empirical literature - see table-2. Pilot-testing was utilized on a small sample of airline passengers that had used e-ticketing services in the past three months. Based on the feedback provided by these participants, the questions were revised. Components of e-ticketing on customer satisfaction were measured using a 5point Likert scale with 5 = strongly agree and 1 = strongly disagree. Respondents were asked to evaluate their reaction to each of the assessments, identifying areas for agreement and disagreement. The reliability for the instrument was established using Cronbach’s alpha, which is a measure of the internal consistency of the instrument. Cronbach’s alpha estimates the true score variance captured by the items in the scale by comparing the sum of the item variance with the variance of the sum of the scale (Hill & Lewicki, 2006, p. 461). A Cronbach’s alpha result of 0.70 or higher is generally considered to show adequate reliability for instruments used to gather psychometric data (Dunn-Ranking, 2004, p. 118). The analysis of the data with Cronbach’s alpha indicated that the instrument was reliable for each of the five scales: customer and technical support, infrastructure, data security, user-friendliness and customer satisfaction. Table 2 shows Cronbach’s alpha for the instrument scales.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
The impact of e-ticketing technique on customer satisfaction: an empirical analysis
Table II: Reliability coefficients of scales (Cronbach’s Alpha) Scales Questionnaire instrument Customer Technical Support
1. 2.
3.
4.
5. Infrastructure
6. 7. 8. 9. 10. 11.
Data security
12. 13.
14. 15. 16. 17. UserFriendliness
18. 19. 20. 21. 22.
Customer Satisfaction
23. 24.
25. 26. 27. 28.
E-ticketing provides good personal sales assistance by e-mail or SMS. E-ticketing provides FAQ (frequently asked questions and answers) links to the relevant information. E-ticketing technical support terms and conditions of sales are easy to find through the web. E-ticketing provides an easy access to the company’s policy for shipping and handling of their products. E-ticketing provides full details of pricing and taxes for product and service. E-ticketing infrastructure allows information to be readily accessible to you. E-ticketing Infrastructure helps new users with an easy access to all applications. E-ticketing Infrastructure can be integrated with other e-things. E-ticketing Infrastructure flexibly adjusts to new job demands E-ticketing Infrastructure provides sufficient information. I’m satisfied with the accuracy that Eticketing website provides. E-ticketing Websites check online customers’ identity for security purposes E-ticketing websites ensure that information about electronic transactions is protected from being altered or destroyed. I felt secure in providing personal information for purchasing airline tickets online Airline companies have adequate website security features. Airline companies protect my privacy when purchasing tickets online. Airline companies websites provide high protection on my credit card information I find it easy to get E-ticketing Websites to do what I want them to do It is easy for me to become skilful at using Eticketing Websites. Using E-ticketing Websites enables me to accomplish my purchasing. I find E-ticketing Websites easy to use. Learning to operate E-ticketing Websites is easy for me. Overall, as a customer, are you satisfied with this website? How effective is this websites in supporting your purchase from your perspective as a customer? How satisfied are you with the technical quality of these websites? How satisfied are you with the information provided through these websites? How satisfied are you with the quality of the service available through these websites? How satisfied are you with the way these websites adjust to your particular needs?
527
Cronbach Alpha 0.791
N. of Items 5
0.837
6
0.866
6
0.877
5
0.901
6
Scoring for the questionnaire included an overall review of the total scores for all independent variables (customer and technical support, infrastructure, data security and user-friendliness). Data is provided by Table 2 which supports the main hypothesis: H1: Is there a significant effect of e-ticketing factors on customer satisfaction?
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
528
Qteishat, M. K., Alshibly, H. H, Al-ma'aitah, M. A.
Table III: E-Ticketing Technique and Customer Satisfaction E-Ticketing Factors
B
Beta
t-value
Sig
R2
Adjusted R2
F
Sig
hypothesis
E-Ticketing Factors
.63 7
.712
13.409
.000
.763
.577
121.2
.000
Accepted
To answer the main research question “to what extent does the proposed model, and in particular the role of components: Customer Technical Support, Infrastructure, Security and User-Friendliness, play in Customer Satisfaction?� Multiple linear regression analysis was used to explore the impact of the independent variables (customer and technical support, infrastructure, data security and user-friendliness) on the dependent variable customer satisfaction. The total R2 value includes a unique results support and accepting hypotheses H1 with (R2 = .763) shown in Table 3, which indicates that the hypothesis was accepted. The remainder of the tables (Tables 4, 5, 6 and 7) focus on the sub-hypotheses examining each of the independent variables separately using simple linear regression to understand their influence on the dependent variable: customer satisfaction. h2: Is there a significant effect of e-ticketing factors (customer technical support) on customer satisfaction? Table IV: Customer Tech Support and Customer Satisfaction E-Ticketing Factors
B
Beta
t-value
Sig
R2
Adjusted R2
F
Sig
hypothesis
Customer Tech Support
.431
.474
7.125
.000
.474
.220
50.76
.000
Accepted
The results from the single linear regression analysis as shown in Table 4 provide support for accepting hypotheses h2. The coefficient of determination (R2 = .758) indicates that a strong effect exists between Customers/Tech Support and Customer Satisfaction. h3: Is there a significant effect of e-ticketing factors (infrastructure) on customer satisfaction? TableV: Infrastructure and Customer Satisfaction hypothesis E-Ticketing Factors
B
Beta
t-value
Sig
R2
Adjusted R2
F
Sig
Infrastructure
.486
.553
8.789
.000
.306
.302
77.2
.000
Accepted
The results from the single linear regression, as shown in Table 5, provide support for accepting hypotheses h3 by showing that there is a positive correlation between the independent variable of Infrastructure and the dependent variable of Customer Satisfaction, which indicates that Infrastructure accounts for a larger amount of the variance in customer satisfaction with R = .306. h4: Is there a significant effect of e-ticketing factors (data security) on customer satisfaction? TableVI: Data Security and Customer Satisfaction E-Ticketing Factors
B
Beta
t-value
Sig
R2
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
Adjusted R2
F
www.jistem.fea.usp.br
Sig
hypothesis
The impact of e-ticketing technique on customer satisfaction: an empirical analysis
Data Security
.637
.712
13.409
.000
.507
.504
179.8
529
.000
Accepted
The results from the single linear regression, as shown in Table 5, provide support for accepting hypotheses h4 by showing that there is a positive correlation between the independent variable of data security and the dependent variable of Customer Satisfaction, which indicates that Infrastructure accounts for a larger amount of the variance in customer satisfaction with R = .507. h5: Is there a significant effect of e-ticketing factors (user-friendliness) on customer satisfaction? Table VII: Customer Satisfaction and Data Security E-Ticketing Factors
B
Beta
t-value
Sig
R2
Adjusted R2
F
Sig
hypothesis
User-Friendliness
.487
.665
11.792
.000
.443
.440
139.056
.000
Accepted
The results from the single linear regression, as shown in Table 6, provide support for accepting hypotheses h5 by showing that there is a positive correlation between the independent variable of user-friendliness and the dependent variable of Customer Satisfaction, which indicates that Infrastructure accounts for a larger amount of the variance in customer satisfaction with R2 = .443. 6. RESULTS AND DISCUSSION Model testing is necessary to address the main research question of the study, which is: To what extent does the proposed model, and in particular the role of components: Customer/Technical Support, Infrastructure, Security and UserFriendliness play in Customer Satisfaction? Examining the adjusted R2 value (0.763) for the main hypothesis (Table 3), it is evident that the four independent variables evaluated in this investigation account for over 76 percent of the variance in customer satisfaction with e-ticketing. Statistical analysis using a significance level of p < 0.05 employed when looking at each independent variable separately supports the significance of each variable in the development of customer satisfaction as it relates to e-ticketing. Thus, the research supports the inclusion of customer and technical support, infrastructure, data security and user-friendliness as integral components of eticketing services to ensure that customer satisfaction is achieved. Based on the data obtained for this investigation, it becomes evident that there is an impetus for organizations using e-ticketing services to carefully consider each of the independent variables noted in a comprehensive platform for e-ticketing. Each of the variables contributes significantly to the development of customer satisfaction. However, it is evident that data security, customer and technical support, and userfriendliness represent the most significant variables for consideration. Infrastructure is clearly important but may not be as evident to the customer utilizing an e-ticketing system. Infrastructure for e-ticketing appears to support the other functions of security, customer service, and user-friendliness (Zambon, et al., 2011; Jakubauskas, 2006). The results in conjunction with the literature reviewed on the topic suggest that the development of an integrated system is thus imperative for the success of eticketing systems. When information technology architecture is developed and JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
530
Qteishat, M. K., Alshibly, H. H, Al-ma'aitah, M. A.
integrated as part of the organizationâ&#x20AC;&#x2122;s system for customer service, the end result is a fully functioning system that can provide elements of data security, customer and technical support as well as user-friendliness (Curbera, et al., 2002). As in the literature, the need for creating a comprehensive and integrated infrastructure for the development of e-ticketing systems is emphasized (Curbera, et al., 2002). 7. IMPLICATIONS The implications of the research lie in the recognition of the need for organizations to consider a wide range of variables when developing e-ticketing services for customers. Although ad hoc systems have been widely used in the past, it is evident that in order to achieve high levels of customer satisfaction, integrated systems that offer a number of different supports for the end user are needed (Curbera, et al., 2002). When developing e-ticketing services, organizations must be aware of the need for: customer service (Sureshkumar & Palanivelu, 2011), data security (MutPuigserver, et al., 2012), and the development of systems that are easy to use from the point of view of the customer (Lei, et al., 2009). The development of user-friendliness in e-ticketing can be tricky and may require the organization to garner an integral understanding of its customer base (Dekkers & Rietveld, 2007). The implications of this research are quite significant as they require the organization to comprehensively and holistically develop and implement e-ticketing services. By addressing e-ticketing in this manner, organizations will be able to effectively cover most of the pertinent concerns that will impact customer satisfaction with e-ticketing. Although the process is one that will require the organization to engage in more extensive planning and development for e-ticketing, it is also one that should improve the ability of the organization to establish effective and efficient eticketing services without the need for continual change and improvement to the systems over time. 8. CONCLUSION Customer satisfaction in e-ticketing is a complex phenomenon that is shaped by a wide range of variables including customer technical support, infrastructure, data security and user-friendliness. Understanding these issues is critical for organizations to create e-ticketing systems that initially meet customer needs and generate a high level of satisfaction. E-ticketing systems that meet these requirements will provide the organization with satisfied customers who will express their satisfaction through loyalty and by remaining with the organization over the long-term. High levels of customer retention will form the foundation to maintaining the organizationâ&#x20AC;&#x2122;s bottom line. Although creating e-ticketing systems that achieve customer satisfaction is a significant undertaking for the organization, addressing the key issues noted in this investigation should facilitate the ability of the organization to create an e-ticket system that allows for building customer satisfaction, loyalty and retention.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
The impact of e-ticketing technique on customer satisfaction: an empirical analysis
531
REFERENCES Alfawaer, Z.M., Awni, M., & Al-Zoubi, S. (2011). Mobile e-ticketing reservation system for Amman International Stadium in Jordan. International Journal of Academic Research, 3(1), 848-852. Bernardo, M., Llach, J., Marimon, F., & Alonso-Almeida, M.M. (2013). The balance of the impact of quality and recovery on satisfaction: The case of e-travel. Total Quality Management & Business Excellence, 24(11/12), 1390-1404. Borthick, A.F., & Kiger, J.E. (2003). Designing audit procedures when evidence is electronic: The case of e-ticket travel revenue. Issues in Accounting Education, 18(3), 275-290. Boyer, K.K., Hallowell, R., & Roth, A.V. (2002). E-services: Operating strategy—A case study and a method for analyzing operational benefits. Journal of Operations Management, 20, 175-188. Buhalis, D. (2004). eAirlines: Strategic and tactical use of ICTs in the airline industry. Information & Management, 41(7), 805-825. Bukhari, S.M.F., Ghoneim, A., Dennis, C., & Jamjoom, B. (2013). The antecedents of travellers’ e-satisfaction and intention to buy airline tickets online: A conceptual model. Journal of Enterprise Information Management, 26(6), 624-641. Chang, H.H., Wang, Y., & Yang, W. (2009). The impact of e-service quality, customer satisfaction and loyalty on e-marketing: Moderating effect of perceived value. Total Quality Management & Business Excellence, 20(4), 423-443. Chen, S. (2012). The customer satisfaction-loyalty relation in an interactive e-service setting: The mediators. Journal of Retailing & Consumer Services, 19(2), 202-210. Curbera, F., Duftler, M., Khalaf, W., Nagy, W., Mukhi, N., & Weerawarana, S. (2002). Unraveling the web services web: An introduction to SOAP, WSDL and UDDI. IEEE Internet Computing, 3(4), 86-93. Dekkers, J., & Rietveld, P. (2007). Electronic ticketing in public transport: A field study in a rural area. Journal of Intelligence Transportation Systems, 11(2), 69-78. Dunn-Rankin, P., 2004. Scaling methods. Lawrence Erlbaum. Enzmann, M., & Schneider, M. (2005). Improving customer retention in e-commerce through a secure and privacy-enhanced loyalty system. Information Systems Frontiers, 7(4/5), 359-370. Haewoon, Y. (2007). Airlines’ futures. Journal of Revenue & Pricing Management, 6(4), 309-311. Hallowell, R. (2000). Scalability: The paradox of human resources in e-commerce. International Journal of Service Industry Management, 12(1), 34-43. Hill, T. & Lewicki, P., 2006. Statistics: methods and applications: a comprehensive reference for science, industry, and data mining. StatSoft, Inc. Jakubauskas, G. (2006). Improvement of urban passenger transport ticketing systems by deploying intelligence transport system. Transport, 21(4), 252-259.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
532
Qteishat, M. K., Alshibly, H. H, Al-ma'aitah, M. A.
Kolsaker, A., Lee-Kelley, L., & Choy, P.C. (2004). The reluctant Hong Kong consumer: Purchasing travel online. International Journal of Consumer Studies, 28(2), 295-304. Lau, T., Kwek, C., & Tan, H. (2011). Airline e-ticketing service: How e-service quality and customer satisfaction impacted purchase intention. International Business Management, 5(4), 200-208. Lei, T., Quintero, A., & Pierre, S. (2009). Mobile services access and payment through reusable tickets. Computer Communications, 32(4), 602-610. Lopez-Bonilla, J.M., & Lopez-Bonilla, L.M. (2013). Self-service technology versus traditional service: Examining cognitive factors in the purchase of the airline ticket. Journal of Travel & Tourism Marketing, 30(5), 497-513. Lubeck, T.M., Wittmann, M.L., & Battistella, L.F. (2012). Electronic ticketing system as a process of innovation. Journal of Technology Management & Innovation, 7(1), 17-29. Mut-Puigserver, M., Payeras-CapellĂ , M.M., Ferrer-Gomila, J., Vives-Guasch, A., & CastellĂ -Roca, J. (2012). A survey of electronic ticketing applied to transport. Computers & Security, 31(8), 925-939. Noor, M., & Azila, N. (2012). Trust and commitment: Do they influence e-customer relationship performance? International Journal of Electronic Commerce Studies, 3(2), 281-295. Smith, A.A., & Smith, S.D. (2012). CRM and identity theft issues associated with eticketing of sports and entertainment. Electronic Government: An International Journal, 9(1), 1-26. Sorooshian, S., Onn, C.W., & Yeen, C.W. (2013). Malaysian-based analysis on eservice. International Journal of Academic Research, 5(4), 62-64. Sulaiman, A., Ng, J., & Mohezar, S. (2008). E-ticketing as a new way of buying tickets: Malaysian perceptions. Journal of Social Science, 17(2), 149-157. Sureshkumar, D., & Palanivelu, P. (2011). Perceptions of value: E-CRM features. SCMS Journal of Indian Management, 8(2), 106-111. Tripathi, A., Reddy, S.K., Madria, S., Mohanty, H., & Ghosh, R.K. (2009). Algorithms for validating e-tickets in mobile computing environment. Information Sciences, 197(11), 1678-1693. Wei, J., & Ozok, A. (2005). Development of a web-based mobile airline ticketing model with usability features. Industrial Management & Data Systems, 105(9), 12611277. Yang, Z., & Jun, M. (2008). Consumer perception of e-service quality: From internet purchaser to non-purchaser perspectives. Journal of Business Strategies, 25(2), 59-84. Zambon, E., Etalle, S., Wieringa, R., & Hartel, P. (2011). Model-based qualitative risk assessment for availability of IT infrastructures. Software & Systems Modeling, 10(4), 533-580. Zhang, X., Prybutok, V., & Huang, A. (2006). An empirical study of factors affecting e-service satisfaction. Human Systems Management, 25(4), 279-291.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 519-532
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 533-548 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300002
DETERMINING FACTORS OF BANK EMPLOYEE READING HABITS OF INFORMATION SECURITY POLICIES William Allassani University of Professional Studies, Legon-Accra, Ghana _________________________________ __________________________________________________________
ABSTRACT This paper seeks to answer the question ‘What factors determine bank employee reading habits of security policies? Using the chi-square test, this research analyses the reading habits of bank staff to ascertain whether there is significant difference in their reading habits with regards to the following independent variable- gender, the section of bank the employee works (whether department or branch), number of years the staff has worked with the bank and the ownership status of the bank (public, private or foreign owned). In addition, logistic regression was employed to determine the predictors of these reading habits. This paper adopts a quantitative research methodology to study the information security reading habits of 136 Ghanaian bank staff from various banks and concludes that bank staffs working in departments are more likely to regularly read their banks policies than employees working in a branch. This paper also shows that there is statistical significant difference in reading habits with regards to the number of years an employee has worked with the bank. The paper finally shows that there is no statistical significant difference in security reading habits with regards to gender and ownership status of the bank. The logistic regression analysis also reveals that a respondent in a department is 4.4 times more likely to read the security policies relative to those in a branch. The analysis also concludes that , respondents who have worked for less than 5 years were less likely to read the policy relative to those who have worked more than 5 years (OR=.51) Keywords: Computer Security, Security Policies, User Attitudes
1. INTRODUCTION Information Security plays a very crucial role in the protection of a bank’s network systems. With the advent of the World Wide Web, e-commerce and e-banking and its attendant security risks such as cyber crime, the need to protect a banks’s network and data becomes more relevant. Apart from providing technical solutions such as anti-virus software, firewall systems, intrusion detection system, cryptology, organizations also attempt to influence and manage the behaviour and activities of their employees through information security policies which spells out the do’s and don’ts of the use of computer systems. Organizations also supplement the ___________________________________________________________________________________________ Manuscript first received/Recebido em: 03/08/2013 Manuscript accepted/Aprovado em: 03/10/2014 Address for correspondence / Endereço para correspondência
Willian Allassani, University of Professional Studies, Department of Information Technology, LegonAccra, Ghana. E-mail: wallass123@yahoo.com Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
534
Allassani, W.
effectiveness of these security policies and procedure by organizing regular training programmes for their employees. A security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets. A security policy is often considered to be a "living document", meaning that the document is never finished, but continuously updated as technology and employee requirements change. An information security policy addresses many issues such as: disclosure, integrity, and availability concerns; who may access what type of information in what type of manner; basis on which the access decision is made (for example, user characteristics such as nationality or group affinity, or some external conditions such as time or status); maximized sharing versus least privilege;separation of duties; who controls and who owns the information; and authority issues, (Olson and Abrams 1995) The first stage of defining a security policy is to determine the security needs of a given community, express those needs in a formal requirement, followed by a description of how the company plans to educate its employees about the policies, (Goguen and Meseguer,1982). A company's security policy may include an acceptable user policy in the company's assets, an explanation of how security measurements will be carried out and enforced, and a procedure for evaluating the effectiveness of the security policy to ensure that necessary corrections will be made. However, over the years, the activities of employees in the use of computers have tended to be counter-productive in the sense that it does not fall in line with the information security policies of their organizations. This stems from the fact that users sometimes adopt a negative attitude to these security policies and flout its directives. There is therefore the need to assess and investigate the attitude of users towards information security in general and information security policies in particular and why they sometimes flout these policies. According to Besnard and Arief (2004), computer security has traditionally been assessed from a technical point of view and that another way to assess it is by investigating the role played by legitimate users of systems in impairing the level of protection. They further argue that, from research in psychology, it is known that people make biased decisions and as a result sometimes overlook rules in order to gain maximum benefits for the cost of a given action. This situation leads to insidious security lapses whereby the level of protection is traded off against usability. Ghana’s banking sector has improved by leaps and bounds, thanks to the introduction of technology. Universal banks operating in Ghana have introduced lots of technology-driven products and services which have led to massive growth in the sector. However, Ghana’s banking industry has not been spared the downside of technology. There have been reported cases of fraudulent practices by bank employees most of which involves the manipulation and misuse of computers systems. There is therefore the need for the banks to strengthen their computer protective systems starting from controlling the security behaviour of their employee, which can be done through sound and effective security policies and procedures. Computer security is important to all businesses particularly for banks, Checkley, (1994). According to O’Leary, Williams and O’leary (1989) two issues come to mind when banks talk about security. They are privacy and controlling whoever gets access to the bank’s computer systems and its programmes and what time to access them. They explain privacy as being primarily a personal concern; it is the assurance from the banks to individual banking customers that personal information will be used properly or accurately and protected from improper access either from within or outside the bank. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
Determining factors determinants of bank employees’ reading habits of information security policies
535
One of such a fraudulent activity as reported in the press involves the manipulation of a bank’s computer system where false credit and debit balances were recorded to assist a branch manager grant unauthorised overdrafts. The false entries were described in various ways in the bank’s books as transfers, sundry cheques, uncleared cheques, reversed cheques, cash, and telegraphic transfer. With the now infamous case of Kweku Adoboli, the thirty-one-year-old Ghanaian who was arrested in connection with the 2 billion dollar bank fraud at a Swiss Bank, UBS in London readily comes to mind. This led the bank to be fined £30 million by Britain's financial regulator for failures in its systems and controls that allowed Kweku Adoboli to conduct Britain’s biggest bank fraud, Daily Telegraph (2012). Considering the foregoing challenges within the Ghanaian banking sector among others, this study aims to examine the information security habits of bank employees with special emphasis on the reading habits of security policies and procedures. Employees can only exhibit good security behaviour if they know the do’s and don’ts of the use of computer system, and these can only be known via information security policies and procedures. 2. RESEARCH BACKGROUND Commercial banking started in Ghana in 1874 when Standard Chartered Bank, then known as Bank of British West Africa, opened a branch in Accra. They were closely followed by Barclays bank, which started its operations in Accra in 1917. It was not until 1953 when the first state owned bank, Bank of the Gold Coast, was established to be followed by the establishment of a central bank, Bank of Ghana, and the first indigenous commercial bank, Ghana Commercial Bank, in its independence in 1957. The formation of these two banks was the result of the splitting of the Bank of the Gold Cost. A number of banks, mostly state-owned banks were subsequently established and in December 2001 there were 17 banks in Ghana, IMF (2007). They are Ghana Commercial bank, Barclays bank, Standard Chartered Bank, SG-SSB Bank, Bank for Africa (then Amalgamated Bank), Agricultural Development Bank, National Investment Bank, Merchant Bank, CAL Bank, Ecobank, First Atlantic Bank, Stanbic Bank, UT Bank (formerly Metropolitan and Allied Bank), Prudential Bank, Unibank, International Commercial Bank, The Trust Bank (now part of the Ecobank Group). According to Bank of Ghana´s updated list of banks for 2012, there are 25 recognised universal and fully operational banks in Ghana with 882 branches. The ownership status of the banks is made up of 4 publicly owned banks, 14 foreign owned banks and 7 privately owned banks. Table1: Universal Banks Operating in Ghana on 31 December 2012 Name of Bank Year of Ownership Incorporation Status Access Bank 2008 Foreign Agricultural Development Bank 1965 Public Bank for Africa 1997 Foreign Bank of Baroda 2007 Foreign Barclays Bank 1917 Foreign Sahel Sahara BANK 2008 Foreign JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
Number of Branches 31 91 20 1 92 11
536
Allassani, W.
Name of Bank (cont.)
Year of Ownership Incorporation Status CAL Bank 1990 Private Ecobank 1990 Foreign Energy Bank 2010 Foreign Fidelity Bank 2006 Private First Atlantic Merchant Bank 1994 Private Ghana Commercial Bank 1953 Public GT Bank 2004 Foreign HFC Bank 1990 Private International Commercial Bank 1996 Foreign Merchant Bank 1971 Public National Investment Bank 1963 Public Prudential Bank 1993 Private SG-SSB Bank 1975 Foreign Stanbic Bank 1999 Foreign Standard Chartered Bank 1896 Foreign UniBANK 1997 Private United Bank for Africa 2004 Foreign UT Bank 1995 Private Zenith Bank 2005 Foreign Source: Ghana Banking Survey 2012-PricewaterhouseCoopers (Ghana) Ltd
Number of Branches 18 78 3 31 7 157 22 24 17 22 27 32 45 23 35 19 32 24 26
The main segments served by the Ghanaian banking sector are corporate and institutional, retail and SME entities. Entities that are served by the Ghana banking industry are mainly in the oil and gas, commerce, manufacturing and agricultural sectors. The Ghanaian banking industry over the last 3 years has had impressive records in terms of profitability, return to shareholders, deposit mobilisation, and operating assets. According to the 2012 Ghana Banking Survey, the industry profits before tax margin rose from 27% in 2010 to 30.6% in 2011. This was attributable to an 18% decline in interest expense and a 30% increase in net fees, commission income, compared to 2% decline and 18% increase in 2010 respectively. According to the report, industry profits after tax increased by 28% in 2011. The report further states that shareholder equity increased by GHc484 million in 2011 due to the combined effect of GHc280 million capital injection and GHc204 million in the form of statutory or reserves retained by bank reserves. Overall industry return on equity increased from 16.6% to 17.9%. The industryâ&#x20AC;&#x2122;s operating assets grew from GHc16.4 billion in 2010 to Ghc19.9 billion in 2011. Loans and advances continued to be the most significant component of the industry´s earning assets as it contributed to approximately 63% of total income of banks despite the decline in the average lending rates, from 27.7% in December 2010 to 25.96 in December 2011. The Ghana Banking Survey showed that total industry deposits grew by 28% in 2011. It is significant to note that in both 2010 and 2011, more than 80% of deposit liabilities held by banks were non retail. The average base rate fell from 24.3% to 21.5% in 2011. Lending rates followed a similar trend and dropped from an average of 27.6% in January 2011 to 25.9% in December 2011. With the above impressive performance by the Ghana banking sector over the last couple of years, it is expected that all efforts would be geared towards sustaining this performance. It is therefore imperative that banks put in place a mechanism that JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
Determining factors determinants of bank employees’ reading habits of information security policies
537
blocks all loopholes that could lead to loss of revenue which could be perpetrated through manipulation of computer systems; hence the need for protecting banks’ information technology infrastructure and system from inside and outside the bank. Information Technology is a modern handling of information by electronic means which involves its access, storage, processing and transmission. Alu (2002) also asserts that information technology positively affects financial institutions by easing enquiry, saving time and improving service delivery. It is not surprising that Ghanaian banks have fully adopted Information Technology in their quest to provide e-banking products and services. Currently the 25 banks in Ghana offer various types of technology-driven products and services. They include networked branches, internet banking, telephone banking, mobile banking, card services, and Automated Teller Machines (ATM). However, it must the noted it was not until foreign banks, especially from Nigeria entered the Ghanaian banking industry from 2004, that real e-banking took off. The earliest form of electronic banking in Ghana in the 1980’s was the use of telex, telephone, and facsimile, Abor (2001). These gadgets were used for the exchange of information, and especially transfer of funds between branches of the same bank. Outstation cheques for clearing took a minimum of 28 working days to clear. Other banking operations such as cheques for payment over the counter, issuing of bank drafts, salaries of workers from both Government and private establishments were all processed manually As competition in the banking industry intensified and computers begun to take the centre stage, banks like Ghana Commercial Bank, National Savings and Credit Bank (later became part of SG-SSB Bank) and Bank for Housing and Construction (later liquidated) started using computers in back office operations. The most significant development in the electronic banking in Ghana was the introduction of the Automatic Teller Machine (ATM) by The Trust Bank (now part of the Ecobank Group) in 1995. Ghana Commercial Bank also introduced their ATMs in 2001 in collaboration with Agricultural Development Bank, Abor (2001). Another technological innovation in Ghanaian banking was the various electronic cards, which the banks have developed over the years. The first major card product was a cash card product of Social Security Bank, now S-G SSB, introduced in May 1997. Their card, ‘Sika Card’ was a value card, onto which a cash amount is electronically loaded. Standard Chartered Bank launched the first debit card in Ghana in 2001, Abor (2002). A consortium of three (3) banks (Ecobank, Cal Merchant Bank and The Trust Bank) introduced a further development in electronic cards in November 2001, with a product called ‘E-Card’. This card was online in real time, so a client uses the card at anytime, or if changes occur in their account balance, their card automatically reflects the change. Barclays Bank also launched its telephone banking services in 2002. SSB Bank also launched its “Sikatel” or “SSB Call Centre” (telephone banking) in 2002 (Abor 2001). The services available with this system were ascertaining information about the bank’s products and services, customers’ complaints, bank statements and cheque book request and any other complaints and inquiry. Between 1995 and 2002 a lot happened in the Ghanaian banking sector in terms of technology adoption and the introduction of e-banking. However it was not until 2004 when internet banking, and other related e-banking products such as Card JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
538
Allassani, W.
Payment systems started permeating the banking industry. This was after Nigerian banks like United Bank for Africa (Formerly Standard Trust Bank) Guarantee Trust Bank (GT Bank) and Zenith Bank had entered the Ghanaian banking industry and fully rolled out these services. Today all the 25 universal banks have rolled out comprehensive e-banking products including internet banking, international debit and credit cards, mobile money payments, e-statements, sms banking, and many more. Problem Statement Banks in Ghana use different methods in ensuring that its employees are made aware of these policies and the implications for non adherence to the policies. In some banks, branches and departments keep copies of the policy document and employees are expected to read and attest they have read the policies. The attestation is repeated every six months. Attestation by an employee gives the banks the right to summarily dismiss an employee for any behaviour that leads to a security breach or incident. Kankanhalli et al (2003) define computer security incident among others as a violation of any computer security policy. Other banks also give copies of security policy documents to newly recruited staff to read during the period of orientation. Another method of dissemination of security policies within the banks is through the bank’s intranet where employees are expected to read the policies online which are subsequently monitored through audit trail systems. Bank employees are expected to read policies regularly, at least every six months to update themselves on new development and other updates. According to Santon et al (2004) success in computer security depends on the effective behaviour and attitude of users. It pre-supposes that any untoward behaviour by users would spell disaster for organization. What recent studies about the attitude of bank employees towards information security behaviour by users, especially in the banking industry, have not captured is whether there is a disparity in the attitude towards computer security in terms of gender, number of years worked with the bank, the section employees work (whether a branch or a department) and whether there is a disparity in terms of ownership status i.e. public, private, or foreign owned. So the question is ‘do bank employees in Ghana regularly read their banks´ security policies? What are bank employee reading habits of security policies and what determines and influence those habits? Extensive research carried out for empirical literature on information security in general and security policies, in particular within the Ghanaian business, or education sector in general and the banking sector in particular lead to no clear results. Thus, to the best of the author’s knowledge no empirically tested literature is available on Information security policies within the banking sector of Ghana. It is therefore a very fertile and virgin area which researchers can look at. Most empirical research in security in Ghana relates to food and nutrition security, security of land tenure etc. This paper therefore seeks to find out if bank employees in Ghana read their banks´ security policies and what factors influence their reading habits and what the differences are, if any, in the reading habits. Hypothesis of the Study The study is guided by the following hypotheses:
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
Determining factors determinants of bank employeesâ&#x20AC;&#x2122; reading habits of information security policies
539
Ho: There is no statistically significant difference in the security policy reading habits between bank employees based in branches and employees based in departments. Ho There is no statistically significant difference in the security policy reading habits between bank employees with regards to the number of years they have worked with the bank. Ho: There is no statistical significant difference in the security policy reading habits of bank employees as far as gender is concerned.
3. LITERATURE REVIEW The importance of Information security to the banking sector cannot be overemphasised. Researchers and academics have undertaken a number of researches in the area of Information security and especially end-user behaviour and attitude to information security. User Security Behaviour. Organizations increasingly rely on information systems for processing, transmission and storage of information. Consequently, it is essential to protect the information within these systems and the availability of these computer systems. However, while deploying technological solutions and counter measures is important to avoid security risks, (Claburn, 2005), improving the level of security awareness of users is equally if not more important (Tim, et al 2004); (Vijayan, 2005). D'Arcy et al (2009) contend that intentional insider misuse of information systems resources (i.e., IS misuse) represents a significant threat to organizations. For example, industry statistics suggest that between 50%â&#x20AC;&#x201C;75% of security incidents originate from within an organization. Thus, they suggest that there is the need to understand user security behaviour with a view to ensuring that those behaviours are in tandem with organization security policies. They developed an extended deterrence theory model that combines work from criminology, social psychology, and information systems. The model posits that user awareness of security countermeasures directly influences the perceived certainty and severity of organizational sanctions associated with information system misuse, which leads to reduced misuse intention. The model was tested on 269 computer users from eight different companies. The results suggest that three practices deter information systems misuse: (a) user awareness of security policies; (b) Security Education, Training, and Awareness (SETA) programs; (c) computer monitoring. The results also suggested that perceived severity of sanctions is more effective in reducing information system misuse than certainty of sanctions. Further, their research showed that the impact of sanction perceptions vary based on one's level of morality. Empirical Research on Determinants of user Security Behaviour While there is a rich body of literature on user acceptance of technologies with positive outcomes, there is little empirical research on the determinants of user security behaviour. Igbaria et al (2005) studied user behavioural intention toward protective technologies based on the framework of the theory of planned behaviours. They JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
540
Allassani, W.
defined information technologies as what protect data and systems from disturbances such as viruses, unauthorized access, disruptions, spyware. Their studies found out that awareness of the threats posed by negative technologies is a strong predictor of user behavioural intention toward the use of protective technologies. They also posited that, in the presence of awareness, the influence of subjective norm on individual behavioural intention is weaker among basic technology users but stronger among advanced technology users. Furthermore, while their results are consistent with many of the previously established relationships in the context of positive technologies, they also found out that the determinants ‘perceived ease of use’ and ‘computer selfefficacy’ are no longer significant in the context of protective technologies. Ng, et al (2008) carried out studies that used the Health Belief Model (HBM) to study users’ computer security attitude. They validated the HBM model using survey data from 134 employees. Results showed that perceived susceptibility, perceived benefits and self efficacy are determinants of e-mail related security behaviour when applied to exercising care with e-mail attachment. The HBM is one of the earliest comprehensive attempts to explain health care behaviour on expectancy value principles. (Rosenstock, 1974). However, the limitation of this research is that only one security practice was measured, i.e. e-mail security. It must be noted that the work of Ng et al (2008) contradicts the work by Ibgaria, Guimaraes and Davis (2005) who concluded that computer self-efficacy is no longer significant in the context of protective technologies. However, the internet relies heavily on protective technologies such as anti-virus software, intrusion detection systems, etc. Dinev, et al. (2008) developed a theoretical model of user behaviour based on the framework of the theory of planned behaviour and national cultural dimensions and indices. Using this model they carried out comparative studies across different cultures in which they examined the cross-cultural differences between South Korea and the United States in user behaviour towards protective information technologies. They concluded that cultural factors reduce the strength of the relationships in the behavioural model in the context of protective information technologies. The model was then empirically tested using structural equation modelling techniques in conjunction with multi-group analysis. Most of the hypothesized moderating effects of national cultural factors were found to be statistically significant. Their findings suggest that cultural factors should be considered in order to design effective information security policies, practices and technologies in global networks where multiple cultures coexist. Dinev and Qing (2007) agree that the major threat to information security is constituted by careless employees who do not comply with organizations' information security policies and procedures. According to Dinev and Qing (2007) prior research on information security compliance has criticized these existing information security awareness approaches as lacking theoretically and empirically grounded principles to ensure that employees comply with security policies. To fill this gap, their study proposed a theoretical model that contains the factors that explain employees' information system security policy compliance. Data from 245 respondents from a Finnish company provided empirical support for the model. The results suggested that information quality has a significant effect on actual security policy compliance. Employees' attitude, normative beliefs and habits have significant effect on intention to comply with security policies. Their work also revealed that threat appraisal and facilitating conditions have a significant impact on attitude towards complying, while JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
Determining factors determinants of bank employeesâ&#x20AC;&#x2122; reading habits of information security policies
541
coping appraisal does not have a significant effect on employees' attitude towards complying. They also concluded that sanctions have an insignificant effect on intention to comply with security policy and awards do not have a significant effect on actual compliance with IS security policy. The model did not, however, consider organizational attributes such as the ownership status of the companies (whether private, public) on the user compliance with security policies, neither did it consider the effects of demographics on usersâ&#x20AC;&#x2122; compliance with security policies. Determining the factors that influence general public acceptance of generic information technology solutions can be a daunting task. A lot of variables would have to be considered and this even makes the research more extensive. In their research, Hung, et al. (2006) identified the factors that determine public acceptance of eGovernment services which was an online tax filing and payment system (OTFPS) in Taiwan. Using a theoretical model based on the theory of planned behaviour, this study had as its aims to identify the determinants for acceptance of the OTFPS and to examine the causal relationships among the variables of acceptance behaviour for the OTFPS, and to also explore the relative importance of each determinant for both those who use the OTFPS and those who do not. Based on a survey of 1,099 usable responses, the results indicated that the proposed model explained up to 72 percent of the variance in behavioural intention. In addition, the important determinants of user acceptance of the OTFPS are perceived usefulness, ease of use, perceived risk, trust, compatibility, external influences, interpersonal influence, self-efficacy, and facilitating condition. Perceived security is defined as the level of security that users feel while they are shopping on e-commerce sites or using information technology systems. In their work, Yeniseya, et al. (2005) determined items that positively influence this feeling of security by users during shopping, and to develop guidelines for perceived security in e-commerce. A virtual shopping security questionnaire (VSSQ), consisting of fourteen perceived security items, was presented to the users. The VSSQ had a Cronbach's alpha internal reliability value of 0.70. With the exception of two items, they found no significant differences in item ratings between the groups of different shopping item values. A factor analysis procedure determined two main factors concerning perceived security in e-commerce. The perceived operational factor includes: the site's blocking of unauthorized access; emphasis on login name and password authentication; funding and budget spent on security; monitoring of user compliance with security procedures; integration of state-of-the-art systems; distribution of security items within the site; website's encryption strategy; and consolidation with network security vendors. The perceived policy-related factor includes: the website's emphasis on network security; top management commitment; effort to make users aware of security procedures; the website's keeping up-to-date with product standards; the website's emphasis on security in file transfers; and issues concerning the web browser. The gap identified in the above literature has to do with the fact that most of the studies did not bring bio-data and organization characteristics to support their work. Another gap in the literature review has to do with little research on IT security within the banking and finance sector. Most research has concentrated on other sectors such as communication, educational institutions, manufacturing, military and government establishments. Whatâ&#x20AC;&#x2122;s more, there has been lots of research on information security and user behaviour with emphasis on the developed world, but with little empirical research on the developing world. With the lack of theoretically grounded empirical JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
542
Allassani, W.
studies on whether users regularly read their organization’s security policies and the lack of empirical studies on security behaviour within the banking sector and in the developing world, this study aims to find out information on bank employee reading habits of security policies in Ghana and what factors influence these habits. 4. METHODOLOGY The study was conducted at the National Banking College in Accra. Founded in 1994, the National Banking College (NBC) was the first specialist academic training institution for middle to top level bankers. Over the years, the College has grown to carve a new mission and vision offering, from relevant applied research spanning a uniquely broad range of fields to specialist consultancy services. It is presently funded by the 25 universal banks and is under the supervision of the Bank of Ghana which also provides some funding for its operations. The college has 5 main faculties namely Banking Operations, Human Resource and Marketing, Information Technology, Treasury, Credit Operations, Corporate Reporting. Data Gathering A questionnaire was randomly distributed to 150 bankers from various banks who were attending various training programmes at the college. 136 of the questionnaires were returned made up of 82 male (60.3%) and 54 females (39.7) respondents. The questionnaire had three sections. Section one requested for information such as gender, number of years worked with the bank, and whether respondent worked in a department or branch. Section two requested for information on respondent’s bank, its ownership status (whether public, private or foreign owned) the number of years the respondents bank has operated in the country. Section three requested for information on the bank’s information security policies and procedure such as whether the respondent’s bank has an information security policy in place, whether the respondent reads the policies, the number of times the respondent has read the policies, whether respondent’s bank regularly monitors the security policy habits of employees. This section also wanted to know if respondents are more likely to read the policies, if senior executives are directly involved in the monitoring the reading habits of employees. In all, 20 banks took part in the survey. They are made up of 19 banks out of the 25 universal banks in the country, and Bank of Ghana as indicated below. Table 2 Banks that took part in the survey Participating Banks
No of Respondents
HFC Bank International Commercial Bank
9
6
7
Merchant Bank National Investment Bank
Barclays Bank
4
Prudential Bank
8
CAL Bank
4
7
Ecobank
11
Sahel Sahara Bank Standard Chartered Bank
Participating Banks
No of Respondents
Access Bank Agricultural Development Bank
4
Bank for Africa
9
Bank of Ghana
3
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
4
6
4
Determining factors determinants of bank employees’ reading habits of information security policies Participating Banks (cont.)
No of Respondents
Fidelity Bank
7
Ghana Commercial Bank Guarantee Trust Bank
543
Participating Banks
No of Respondents 4
12
Unibank United Bank Africa
10
Zenith Bank
for
Total
11 6 136
Data Analysis Data was analysed using SPSS 18.0. Logistic regression was employed to examine factors that predict two outcomes; firstly, whether the bank employees read the policies or not, and secondly, whether they would read the policies if senior executives are involved in the monitoring of reading habits. This enabled the computation of the probability that a respondent reads or does not read the security policies using covariate The study has two dependent variables: reading or not reading bank’s security policies and whether executive involvement in monitoring reading habits would influence respondent to read or not. Independent variables in this paper are: gender, the number of years worked with the bank, the section of the bank where the respondent works (department or branch), and ownership status of the bank (whether public, private and foreign owned). The study sought to find out if these variables have any effect on the reading habits of respondents. The analysis of the determinants of each of the two dependent variables was done separately. Both bivariate and multivariate analysis were performed to explore the determinants of reading or not reading bank’s security policies as required by bank rules, and reading the policies if executives is involved in monitoring reading behaviour. The statistical significance was based on a p-value of less than 0.05. 5. RESULTS Bivariate Analysis of Respondents who Read or Do not their Bank’s Security Policies. Of the 136 respondents a total of 71 representing 52% of respondents said they read their bank’s policies against 65 representing 48% of respondents who do not read their banks policies. In this section, the paper explores at the bivariate level, the differences between those who read the policies as stipulated by the banks´ regulations and those who do not read them, and thus flout their banks’ regulation. As seen in Table 3, there was a significant difference (p < 0.0001) between those who work in departments and those based in branches with regards to those who read and those who do not read security policies. In terms of the number of years, a respondent who has worked in the bank, there was a slight significance (p < .010) between those who have worked for less than 5 years, those who have worked for more than 5 years, but less than 10 years and those who have worked for more than 10 years. There was however no significant difference in terms of gender (p = .209) and the ownership status of the banks (p = .781) JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
544
Allassani, W.
Bivariate Analysis of Respondents who would read policies if Senior Executive are involved in the monitoring of reading habits 118 respondents representing 87% said they would read the policies if bank executives are involved in the monitoring of employees reading habits, while 17 respondents representing 13% said they would not read them. From Table 3, it can be seen that there is no statistical significance differences in terms of gender (p = .531), section of the bank that respondent works (p = .314), ownership status of bank (p = .983) and length of service of respondents (p = .910) Table 3 - Bivariate Analysis of respondents who read security policies and those who would read if senior executives are involved in monitoring reading behaviours
Characteristics
% of Respondents who have read or have not read policies P-value
% of respondents who will read policies if executive is involved
Yes
No
Yes
48.8 57.4
51.2 42.6
.209
87.8 86.8
12.2 13.2
.531
67.6 36.8
32.4 63.2
.000*
89.6 85.3
10.4 14.7
.314
52.9 46.9 54.3
47.1 53.1 45.7
.781
88.2 87.5 87
11.8 12.5 13
.983
86.2 88.9
13.8 11.1
P-value
No
Gender Male Female Section of the Bank where the respondent Works Department Branch Ownership Status of Banks Public Private Foreign Length of Service
5 yrs or less 43.1 56.9 More than 5 yrs 54.5 45.5 but Less than 10 years More than 10 69.6 30.4 years Total 53.19 46.81 * Statistically Significant at 1% ** Statistically Significant at 10%
87 13
.090**
.910 87.4
12.57
Multivariate Analysis JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
Determining factors determinants of bank employees’ reading habits of information security policies
545
Separate analysis were undertaken for each of the two outcomes variables: reading the banks policies in compliance with bank’s rules, and reading policies provided executives are involved in monitoring employee reading habit. To evaluate possible impact on each of the two outcome variables by personal level and bank attribute variables, multivariate logistic regressions were employed. The results are presented in Table 4 and it shows a statistical significance for the relationship between the two variables and the explanatory variables considered in this paper. One of the major objectives of this study is to identify key variables that strongly explain the security policy reading habit of respondents. Two predictors were identified, i.e. the section where a respondents works (department or branch) and the number of years a respondent has worked in the bank. A respondent who worked in a department is 4.4 times more likely to read the policies than a respondent who worked in a branch (OR = 4.446, p = .000). The number of years a respondent has worked with the bank was found to be a weak predictor of reading habits (OR = .507, P = .016). The study however showed that gender and ownership status of a bank are not predictors of security policy reading behaviour of respondents: (Gender: OR=.602, p = .202) (Ownership Status of Bank: OR= .742, p=.208). The studies revealed that all the four covariates are not strong predictors of the second outcome, i.e. whether respondents would read policies if senior executives are involved in the monitoring of reading behaviour of employees. Table 4 - Multivariate analysis of determinants of banks´ security policy reading habits and banks´ security policy reading habits if executives are involved in monitoring reading habits
Variables
Gender
Analysis Reading as a rule
of Analysis of reading Policies policies if reading habits are monitored by senior executives
OR
Sig
OR
Sig
.602
.202
1.072
.899
.016*
.922
.831
Number of years Worked with Bank .507 Section of Bank respondent works
4.446
<.000*
1.466
.473
Ownership status of bank
.742
.208
1.035
.918
Statistically significant difference at p < 0.05 6. DISCUSSION This survey showed that almost half of respondents, i.e., 47% do not read their bank’s security policies and procedures. The study also revealed that whether a respondent reads the policies or not greatly depended on one very important explanatory variable, that is, the section of the bank where the respondent works. Respondents who work in departments are more than 4 times likely to read the security JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
546
Allassani, W.
policies than respondents who work in branches. This may be as a result of the fact that employees in branches are the “face of the bank” because they deal directly with customers of the bank all the time and may not find the time to read the policies. Unlike employees based in branches, employees based in departments may not necessarily deal directly with customers. If employees in departments deal directly with customers at all, the numbers would not be as the number of customers employees in branches have to contend with. The study also showed that the 87% of the respondents would read the bank’s policies if senior executives are involved in the monitoring of security policy behaviour. The key predictor for this outcome is the number of years the respondent has worked with the bank. Respondents who have worked for less than 5 years in the bank are .51 less likely to read the policies than those who have worked in the bank for more than 5 years. This could stem from the fact that the longer an employee stays with the bank, the more conversant he/she becomes in terms of the culture of the bank, the more likely he/she practices that culture. Another possible explanation for this phenomenon is that the longer an employee has worked with the bank, the more likely he would have experienced some sanctions with regards to non-compliance with security issues. Finally this study shows that there is no statistically significant difference as far as gender and ownership status of banks are concerned ( p = .209). There is also no statistically significant difference with regards to reading habits as far as ownership status of banks is concerned (p = .781). Irrespective of whether a bank is public, private or foreign, it has no bearing on the security policy reading habits of its employers. 7. CONCLUSION AND RECOMMENDATION This study has produced important information on bank employee reading habits of security policies. It has been established through this study that the main predictor of bank employees’ security policy reading habits is the section of the bank that the employee works. Employees based in branches are less likely to read security policies due to the fact that they deal with a huge number of customers each day and thus have little time to read these policies. The study also finds that there is a strong link between reading the policies and the number of years an employee has worked with the bank. Employees who have worked less than 5 years are less likely to read even if senior executives are involved in the monitoring process. Based on these findings this study wishes to recommend that banks create reward systems to all employees who show good reading habits as far as reading security policies are concerned. To also encourage employees to read the policy, banks should make reading of the policies part of end-of year appraisal and tied to end of year bonuses. Banks should also make it financially attractive for employees who work in branches to come to work on weekends purposely to read the banks security policies and procedures. These findings should not be seen as a local issue pertaining to Ghana, but that it is likely that such reading habits can be found within banks on the African continent. This is because most of the banks operating in Ghana have their parent companies located in other African countries, notably Nigeria and South Africa. What’s more,
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
Determining factors determinants of bank employees’ reading habits of information security policies
547
these banks move staff around the continent and it is likely that there could be a transfer of attitudes around the continent 8. LIMITATIONS OF RESEARCH The first limitation of this study is the sample size. Due to the difficulty getting responses from bank employees when they are on the job in their banks, this study targeted a small number of bank employees who were attending training courses at a central location and were, therefore, more receptive to giving responses to survey questionnaires. It is recommended that this study is carried out with a much larger sample size and more independent variables such as age, education qualifications, and marital status. The second limitation is the level of staff involved in the survey. All the respondents were senior staff of the banks. Further research should be carried out to include junior staff, by comparing the reading behaviour of senior and junior staff. REFERENCES Abor, B (2001) Technological Innovations and Banking in Ghana: An Evaluation of Customers’ Perceptions. http://www.financialanalyst.org/Technological%20Innovations%20and%20Banking% 20in%20Ghana%20-%20AAFM.doc. Retrieved 24 June, 2012. Alu A.O, (2000) Effects of Information Technology on Customers Service in the Banking Industry in Nigeria. Information Technology Review. 3(1), 5-19. Besnard, D., & Arief, B. (2004). Computer Security Impaired by legitimate users. Computers & Security, 23(3), 253-264. Boon-Yun N, Kankanhalli A, Xu Y, C (2009) Studying Users Computer Security Behaviour: A health Belief Perspective Decision Supports Systems, 46, 815-825. Checkly J, (1994) Electronic Banking Security: Banking System Security. Brain Welch (ed) P47. Basel Blackwell Claburn, T. (2005, 2007). http://www.informationweek.com/story/showArti Retrieved 24 June, 2013
Spam cost billions. cle.jhtml?articleID=59300834.
D'Arcy J, Hovav A, Galletta D. (2009) User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach. Information System Research, 20(1), 79-98. Daily Telegraph (2012) UBS fined £30m over Kweku Adoboli fraud failures. http://www.telegraph.co.uk/finance/financial-crime/9702513/UBS-fined-30m-overKweku-Adoboli-fraud-failures.html Retrieved 24 June 2012 Dinev T , Qing Hu (2007) "The Centrality of Awareness in the Formation of User Behavioural Intention toward Protective Information Technologies," Journal of the Association for Information Systems, 8(7), Article 23. Dinev T, GooJ, Hu Q, Nam K (2008) User behaviour towards protective information technologies: the role of national cultural differences. Information Systems Journal, 19(4) 391–412. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
548
Allassani, W.
Goguen, J. A., & Meseguer, J. (1982, April). Security Policies and Security Models. In IEEE Symposium on Security and privacy (Vol. 12) http://scholar.google.com/scholar?cluster=16438665001756746046&hl=en&as_sdt=0, 5# Retrieved on 24 June 2013. Hung S, Y, Chang C,M , Yu T,J (2006) Determinants of user acceptance of the eGovernment services: The case of online tax filing and payment system. Government Information Quarterly, 23(1), 97–122. Ibgaria M, Guimaraes T, Davis G, B (1995) Testing the determinants of Microcomputer Usage via a Structural Equation Model. Journal of Management Information Systems - Special section, 11(4), 87 – 114. IMF (2007) Staff Country Report. Capital Markets P.25 Kankanhalli A, Teo H.H, Tan B.C.Y, Wei K.K (2003) An integrative study of information system security effectiveness, International Journal of Information Management 23 O’Leary T.J. Williams B.K, O’Leary L. (1989). McGraw Hill Microcomputing. Annual Edition McGraw Hill Olson, I. M., & Abrams, M. D. (1995). Information security policy. Information Security–and Integrated Collection of Essays. http://www.acsac.org/secshelf/book001/07.pdf Retrieved on 24 June 2013. Park, C. H., & Kim, Y. G. (2003). Identifying key factors affecting consumer purchase behavior in an online shopping context. International Journal of Retail & Distribution Management, 31(1), 16-29. Rosenstock I.M (1974) The health belief model and preventive behaviour. Health education monographs Santon J.M, Mastrangelo P.R, Stam K.R, Jolton J (2004).Behavioral Information Security:Two end-user survey studies of innovation and security practice, Proceedings of the Tenth America’s Conference on Information Systems, New York. Stanton J.M, Stama K,R, Mastrangelo P, Jolton J (2005) Analysis of end user security behaviours. Computers & Security, 24(2), 124–133. Timms, S., Porter C, Bead A (2004) Information System Security breaches Survey. UK Department of Trade and Industry Survey Report. Vijayan J (2005) Targeting the enemy within. Computer World, 39(32), 23-26. Yeniseya M.M, Ozokb A.A, Salvendycd (2005) Security Determinants in ecommerce among Turkish university students . Behaviour & Information Technology, 24(4), 259-274. Yi-Shun Wang, Yu-Min Wang, Hsin-Hui Lin, Tzung-I Tang, (2003) Determinants of user acceptance of Internet banking: an empirical study, Emerald 14.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. . 533-548
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300003
THE CASE OF INCA´S NATIONAL TUMOR BANK MANAGEMENT SYSTEM IN BRAZIL Antonio Augusto Gonçalves Instituto Nacional de Câncer - INCA (Brazilian National Cancer Institute), Rio de Janeiro, RJ, Brazil Claudio Pitassi Valter Moreno de Assis Jr. Faculdades Ibmec do Rio de Janeiro, Rio de Janeiro, RJ, Brazil ___________________________________________________________________________________________
ABSTRACT Information Technologies can provide the basis for new directions in cancer research, supplying tools that identify subtle but important signs from the analysis of clinical, behavioral, environmental and genetic data. The purpose of this paper is to describe and analyze the system developed for managing Banco Nacional de Tumores (SISBNT) – National Tumor Bank System highlighting its role in the technological innovation of Instituto Nacional do Câncer (INCA) – Brazilian National Cancer Institute. It is a qualitative empirical theoretical paper, descriptive and exploratory in nature, based on the single case study method and on participant observation. The results show the importance of good practices in information management for the full operation of a biobank in a research-oriented pharmaceutical company. There is also evidence that the implementation of SISBNT has contributed to the improvement of cancer treatment quality and to the support of efforts towards the organization of the integration of clinical, translational and basic research. The non-use of data mining techniques for the identification of molecular patterns and structures associated with the different types of cancer undergoing study at INCA seems to occur due to the early stage of Bioinformatics and translational research, as well as the National Tumor Bank, in the institution.
___________________________________________________________________________________________ Manuscript first received/Recebido em: 13/12/2011 Manuscript accepted/Aprovado em: 25/06/2014 Address for correspondence / Endereço para correspondência Antonio Augusto Gonçalves, Doctor´s Degree in Production Engineering from the Universidade Federal do Rio de Janeiro UFRJ, 2004. The INCA´s Head of the Information Technology Division and Assistant Professor at the Professional Administration Master´s Degree Course from the Universidade Estácio de Sá do Rio de Janeiro. Address: Rua do Rezende 195, sala 304, Centro - Rio de Janeiro, CEP: 20230-092 Telefone: (5521)- 32075202 e-mail: augusto@inca.gov.br Claudio Pitassi, Doctor´s Degree in Administration from Pontifícia Universidade Católica do Rio de Janeiro, PUC-Rio, 2004, Address: Assistant Professor and Researcher at Faculdades Ibmec do Rio de Janeiro. Faculdades Ibmec-RJ Mestrado em Administração Mater´s Degree in Administration Address: Av. Presidente Wilson, 118 – CEP. 20030-020 - Centro - Rio de Janeiro – RJ Telephone: (5521)- 4503-4000 e-mail: claudio.pitassi.@gmail.com Valter Moreno de Assis Jr., PhD in Business Administration from the University of Michigan, 2001, Assistant Professor and Researcher at Faculdades Ibmec do Rio de Janeiro. Faculdades Ibmec-RJ Mestrado em Administração Mater´s Degree in Administration Address: Av. Presidente Wilson, 118 – CEP. 20030-020 - Centro - Rio de Janeiro – RJ Telephone: (5521)- 4503-4000 e-mail: valter.moreno@gmail.com Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
550
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
Keywords: Information and Communication Technologies (ICT);
Biobank; Health Biopharmaceutical.
Management;
Technological
Innovation;
1. INTRODUCTION According to the World Health Organization, 2014, one out of eight deaths in the world is caused by cancer. In Brazil, there is a complex scenario in cancer treatment. The occurrences and rates of death have been growing, around 576,000 cases every year: they are particularly high when it comes to prostate cancer in men and breast cancer in women. Research has found that waiting lines for treatment and diagnosis have become commonplace in many regions of the country, resulting in patients being diagnosed at advanced stages of the disease. According to the Rede Brasileira de Pesquisas sobre o Câncer – Brazilian Cancer Research Network – cancer is a disease caused by the buildup of genetic and epigenetic modifications in the genome of a normal cell. Such modifications result from errors that occur during DNA replication and exposure to mutagenic agents and agents in the cell metabolism. In addition, according to the Brazilian Cancer Research Network, “the identification of the modified genes in tumor cells which are directly related to tumorigenesis has been the main focus of cancer genetics research over the last 30 years.” Promptness in referring patients to proper therapeutic procedures, with a short waiting time, is essential to increase survival rates, improve quality of life and the chance of being cured. Being diagnosed early is one of the most critical success factors: it is, therefore, essential to create organizational mechanisms that simplify the access to pertinent information and to health care services in order to reduce the fragmentation of the services and to speed up diagnosis time and beginning of cancer treatment. In the Brazilian context, Instituto Nacional do Câncer (INCA) – Brazilian National Cancer Institute – is the federal agency in charge of setting and implementing assistance, education and cancer prevention policies, with a specific coordination team based in the city of Rio de Janeiro. Ever since 1997, INCA has made huge changes in its organization, with the aim of transforming its Research Center (RC) into a Technological Development Center (TDC) that is capable of leading Brazilian efforts towards the development of drugs in the oncology therapeutic class. From this background of change, Information and Communication Technologies (ICTs) have played a relevant role in supporting R&D activities. The Rede de Atenção Oncológica (RAO) - Oncologic Attention Network - is the main vehicle through which the Brazilian National Cancer Institute (INCA) bases its national integration plan on. Its purpose is to establish a partnership between organizations responsible for research and services in the cancer area. This network translates into a cooperation environment with the aim of joining doctors, administrators and society segments that represent patients. Its goals are the following: i) to make the access to information and knowledge easy on all spheres – doctors, hospital administrators and patients; ii) to create a community for the practice of research and treatment; iii) to develop a friendly environment and easy access to relevant information to support clinical and administrative decision-making processes. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
The case of Inca´s National Tumor Bank management system in Brazil
551
Cancer-related research is a long, complex and high-risk process and involves a myriad of organizations (Goldblatt & Lee, 2010). Brazil still does not have a suitable public structure for the storage of tumor samples used in different cancer research lines. Hence, the creation of a biobank and of an IT architecture that provides easy information access is critical in order to speed up research projects and reduce the fragmentation of the databases used. According to the World Health Organization (2009), the biobank represents an organized collection of human biological material and associated information, collected prospectively and specifically stored for research purposes, in accordance with recommendations and technical, ethical and pre-defined operational standards. This reality highlighted the need to establish policies that aim to create a national bank of tumor samples (National Tumor Bank). The first step towards it was the investment in the development of technological infrastructure. One important decision was the implementation of a system that could support the network of organizations involved in the collection and processing of normal and tumor tissue samples, blood and clinical data of the most relevant tumors in Brazil, becoming a necessary tool for the advancement of research at INCA. Studies show that there is a big potential for theoretical and empirical research on the use of Information Science and IS Management to support cancer treatment and prevention (Clauser, Wagner, Aiello Bowles, Tuzzio, & Greene, 2011; Krysiak-Baltyn et al., 2014; O’Brien M., Kaluzny D., & Sheps G., 2014; Peterson, Bensadoun, Lalla, & McGuire, 2011; Pitassi, Gonçalves & Moreno, 2013). This study broadens scientific knowledge in these areas, in an attempt to answer the following research question: how can modern information and communication technologies contribute to the management of technological innovation in health care, in particular in a biopharmaceutical company, which operates in an oncology therapeutic class? In this sense, the specific purpose of this paper is to describe and analyze the system developed for the management of Banco Nacional de Tumores (SISBNT) – National Tumor Bank System - highlighting its role in basic, translational and clinical research at INCA (Brazilian National Cancer Institute) in Brazil. 2. THEORETICAL FRAMEWORK As shown by Pronovost and Goeschel (2010), most countries have been facing serious problems in healthcare, arising from: i) the increase in the demand for healthcare due to the growth in the number of elderly citizens with chronic diseases; ii) higher demand for accessibility to extra hospital care which ensures efficiency, equality and individualization of healthcare; iii) limitation of financial resources; iv) difficulty recruiting and retaining personnel. Medical resources, such as specialized personnel, hospital beds and state-of-the-art equipment, are usually costly, which results in a huge budgetary pressure. These challenges help to transform highly complex services, such as cancer treatment, into high relevance areas for the organizations that operate therein (Goldblat & Lee, 2010). Healthcare organizations have generated massive amounts of data distributed on hospital information systems, patient electronic records, administrative systems, etc (Côrtes & Côrtes, 2011). However, most of this effort has proven unfruitful, as this JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
552
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
information is hardly ever effectively used in decision-making processes (Abidi, 1999). According to this reality, there is a need to create an environment in healthcare organizations that makes it easy to transform all this raw information into knowledge (Barbosa et al., 2009). Therefore, as determined by Wickramasinghe (2000), researchers, doctors, nurses and other professionals in healthcare can be referred to as sophisticated knowledge workers. They have the means of production, specialists´ skills and training obtained throughout the years of formal learning and education, using this experience in clinical decision-making processes and treatment of diseases. Knowledge management in healthcare organizations can be defined as a combination of concepts and techniques to make it easy to create, indentify, acquire, develop, disseminate and use intellectual capital (O’Leary, 1998), whose creation and dissemination take place by means of multidisciplinary teams (Fried et al, 1998). It is important to highlight that cancer patient services are inherently multidisciplinary, involving the primary care doctor, the pathologist, the oncologist and the surgeon (O’Brien M. et al., 2014; Peterson et al., 2011). The quality of these services has been affected by the limited number of qualified oncology professionals and by the reduced number of research professional networks specialized in complex scientific disciplines that involve cancer treatment (Rastogi, Hildesheim & Sinha, 2004; Lenoir, 1998). The use of information technology can contribute significantly to the improvement of healthcare (Abraham, Nishihara, & Akiyama, 2011; Bardhan & Thouin, 2013; Côrtes & Côrtes, 2011). For instance, Galligioni, Berloffa and Caffo (2009) describe their experiences in the development and use of electronic records of medical oncology patients to support research in this area. These records have been designed carefully in order to integrate the spectrum of cancer information and to allow it to be shared between researchers, stressing the importance of the use of Information and Communication Technologies (ICTs). Despite such reports as the one by Galligioni et al. (2009), the implementation of Information Systems (IS) has basically scratched the surface of possibilities and the potential of applying Information Science to healthcare (Wallace, 2007), especially in the context of developing countries (Turan & Palvia, 2014). Such authors as Catanho, Miranda and Degrave (2007) and Wallace (2007) suggest that basic research using information and communication technologies can provide resources for new directions in clinical sciences. In the context of cancer treatment, Bash et al. (2004) present three fundamental lines of work. The first line has its focus on state-of-the-art clinical medicine, which can include therapies based on evidence and sophisticated and personalized studies on the nature of the patients´ tumor and its biological characteristics. The second line regards the systemic approach of the patients´ care and needs (physical, psychosocial, functional and spiritual). The third line regards the use of Information and Communication Technologies that support clinical medicine geared towards patients and their care. As far as the first line is concerned, cell and molecular-related studies generated a large number of data related to genetic mapping and protein structures, turning Biology into a “mathematical” science and, increasingly, based on information (Lenoir, 1998). Researchers in Pharmacogenomics and Pharmacoepidemiology need this and other types of information in order to understand why patients respond differently to the treatment with certain drugs, both regarding adverse effects and efficiency in the treatment (Kim & Gilbertson, 2007). It is noticed, however, the importance of modern information technologies to provide the collection, management JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
The case of Inca´s National Tumor Bank management system in Brazil
553
and processing of such data in an efficient and efficacious fashion. In general, their introduction in cancer research and treatment institutions means opportunities for the development and adoption of organizational innovations. According to the Oslo Manual - The Organization for Economic Co-operation and Development (1997), technological innovations comprehend the implementation of technologically new products and processes, and meaningful technological improvements in products and processes. At the organizational level, innovation “[...] implies combining different types and parts of knowledge and transforming them into useful products and services” (Figueiredo, 2009, p.31). In the biopharmaceutical industry, technological innovation, characterized by the systematic discovery of new drugs or of new uses for the drugs already on the market, depends on the mastering and integration of various scientific disciplines, such as Molecular Biology, Fine Chemicals, Computer Science, Information Science, Physics, Optics, and Mechanical Engineering, among others (Pitassi, Moreno & Gonçalves, 2014). Therefore, the discovery of new drugs depends on the technological capability built by the organization in a variety of areas (Moreira & Pitassi, 2013). Given these characteristics, the pharmaceutical industry was one of the trailblazers in adopting open innovation models (Hughes & Wareham, 2010). Traditional linear and vertical models of innovation, such as the Innovation Funnel (Cooper, 1993), reflect a concern on the part of the companies regarding the “false positive”, in view of the magnitude of the investments usually made in the development of new products (Chesbrough, 2006). In the current technical productive paradigm, due to the risks and costs involved, innovation is established as an interdepartmental and inter-organizational process (Bell & Figueiredo, 2012). Therefore, open innovation models are currently predominant in organizations, including Brazilian organizations, which seek to dynamize in-flows and outflows of knowledge and technology (Pitassi, 2014). Biopharmaceutical organizations, which focus their research on the oncology therapeutic class, have resorted to (with the purpose of creating more new drug production opportunities) translational research, which guides research from “the bench to the bedside”, as a mechanism to promote the integration between advancements resulting from basic research and clinical trials (Goldblat & Lee, 2010). According to Chiaroni, Chiesa and Frattini (2008), basic research in biopharmaceuticals is done at three essential stages: i) identification of the disease genetic base; ii) identification of the compound for the treatment of the disease; iii) pre-clinical tests. As for cancer, basic research is necessary for the advancement of knowledge on genetic mutation causes that lead to the different stages of the disease (Goldblat & Lee, 2010). Studies on the possible causes of the poor performance of the information sent out by DNA then gave rise to the research in: Genomics, which analyzes genetic sequencing, aiming to quantify the gene expression in cells; Proteomics, which carries out experiments to identify the structure of proteins and their functions in living organisms; molecular dynamics, which simulates the physical movement of atoms and molecules (Lenoir 1998). In general, a clinical trial or clinical study is defined by Good Clinical Practice (GCP) as “any investigation in human subjects intended to discover or verify the clinical, pharmacological, and/or other pharmacodynamic effects of an investigational product(s), and/or to identify any adverse reactions to an investigational product(s), and/or to study absorption, distribution, metabolism, and excretion of an investigational product(s) with the object of ascertaining its safety and/or efficacy. In JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
554
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
the cancer studies, basic research in Molecular Biology is essential for the identification of new drugs and the a priori assessment of their positive and negative effects on the treatment of the disease. The development of this type of research is considerably driven forward by the availability of biological samples (Goebell & Morente, 2010). In this sense, biobanks have been developed in many countries with tumor samples (Specimen Central, 2014). According to the World Health Organization (2009), a biobank is an organized collection of human biological material and associated information, collected prospectively and stored for research-related purposes in accordance with recommendations or pre-defined operational, ethical and technical standards. The challenges to establish, develop and sustain biobanks with the required size and scope for clinical studies are highlighted in the literature (McQueen et al., 2014). The contribution of comprehensive and structured biobanks, as determined by good information management practices, is seen as a condition for the advancement of translational research on cancer, owing to the difficulty perceiving standards from the variety of causes and manifestations of the disease (Goebell & Morente, 2010). Thus, it is necessary to stress the importance of the standardization of processes for the integrity of the stored samples (Malm et al., 2013), as well as the potential for the use of data-mining techniques in translational research (Krysiak-Baltyn et al., 2014). 3. METHODOLOGY The empirical theoretical study described in this paper is a field research, with a qualitative approach, descriptive and exploratory in nature (Vergara, 2005). It is descriptive as it shows the motivations for the implementation and main functionalities of Banco Nacional de Tumores (SISBNT) â&#x20AC;&#x201C; National Tumor Bank System. It is exploratory as it seeks to analyze the contribution that SISBNT makes towards the integration between clinical, translational and basic research, a process that is still at an early stage in Brazilian pharmaceutical companies. The study adopts the single case study method (Yin, 1994), having semistructured interviews and participant observation as the main ways of data collection (Checkland, 1991). The case study, to the extent it takes dimensions of time and space into account (Yin, 1994), has proven to be a suitable methodological tool for the analysis of a phenomenon whose development occurred concomitantly to the huge structural changes that had taken place at INCA as of the second half of the 1990s. The choice of emblematic cases is a suitable scientific procedure due to the opportunity to understand specific dynamics; therefore, they can teach important lessons to organizations with the same mission statement or organizational objectives (Yin, 1994). Choosing INCA as a single case owes to the fact that the organization is the most qualified in Brazil to perform all the translational research stages in the oncology therapeutic class and to the efforts of incorporating ICTs made by the institute over the last years. The research analysis unit consisted of organizational units involved in the development and use of the National Tumor Bank (NTB), herein seen as components of a broad information system, supported by equipment and computer technologies. The focus of data collection and analysis was on the role of SISBNT in the JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
The case of Inca´s National Tumor Bank management system in Brazil
555
management of the information generated at the biobank and applied to basic, translational and clinical research activities. Field data collection took place by two different methods. One of the authors of this paper was a member of INCA´s Information Technology Division when this research was being done, working on the development and implementation of the organization’s IT strategy. As such, he could closely monitor the development and implementation of SISBNT, interacting with the various actors and technological artifacts involved. In addition to the data obtained from the documents related to this process, the researcher´s own perceptions were used as an input for the analysis of the investigated phenomena herein. Consequently, the first method of data collection - participant observation, performed by him was selected (Argyris, Putnam & Smith, 1985): this method is justified because it was intrinsically associated to the implementation of the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System. In the second data collection method, the researchers conducted five semistructured interviews with the persons in charge of the implementation of SISBNT in the area of Information and Communication Technologies and with five representatives of the areas of the Research Center (users of the system) including the manager of the SISBNT. The interviews had been conducted over the first six months of 2011, based on a script with open questions, and structured from the literature review used in the research. Its main purpose was the collection of evidence regarding the role that SISBNT had been developing in basic, translational and clinical research in oncology. The choice of the interviewed subjects was intentional, made from the identification of the key actors in the process of the implementation of the National Tumor Bank. The fact that one of the researchers was in charge of INCA´s ICT contributed not only to the identification of these subjects, but also to the scheduling and quality of the interviews. All the interviews were conducted on the premises of INCA and recorded with the consent of the interviewees. All the answers were transcribed for later analysis. The data collected was treated by the thematic or categorical content analysis method, triangulating the frequency in which terms and ideas present in the recorded answers occurred, with the observations and data obtained by the aforementioned researcher, in light of the concepts and constructs selected in the literature (Bardin, 1998). This researcher´s experience in the implementation of SISBNT was also important to the interpretation of the interviewees´ cognitive activity. It is important to highlight the limitations of this method, given the subjectivity inherent to the interpretation of the researchers´ accounts during data analysis. In order to reduce this problem, the researchers´ interpretations, emerging at the data analysis stage, were sent to the interviewees for later corrections. However, no correction requests were received by the team. 4. THE CASE OF INCA´S NATIONAL TUMOR BANK INCA is an organization from the Health Ministry, responsible for the development of activities and their coordination for the prevention and control of JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
556
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
cancer in Brazil. INCA´s hospital units are located in the City of Rio de Janeiro, integrating the Sistema Único de Saúde (SUS) – Unified Health System – and offer a full treatment to people with cancer. Patients with mobility issues, or without clinical conditions to attend outpatient appointments, are visited regularly at their homes by interdisciplinary teams. Today, INCA is a landmark institution in Latin America when it comes to clinical trials for oncology therapeutic class. INCA is an active member of the Rede Brasileira de Pesquisas sobre o Câncer – Brazilian Cancer Research Network – whose strategy is the unification of basic, translational and clinical research on the disease. INCA is also a member of the Rede Nacional de Pesquisa Clínica em Hospitais de Ensino - National Clinical Research Network in School Hospitals – whose purpose is to be an institutional model in clinical studies, based on the best research practices, aimed at the Sistema Único de Saúde (SUS) – Unified Health System. Currently, the network is composed of 20 units associated with university institutions, serving all Brazilian regions, with the purpose of incorporating regional research vocations into development practices, in a decentralized management perspective. 4.1 The Banco Nacional de Tumores (SISBNT) – National Tumor Bank System Over the last few years, INCA has been investing significantly in the implementation of an IT architecture that integrates the organization´s main processes and departments and that provides the exchange of information and cooperation between the institute, clinics and laboratories, distributed in its hospital units. Over the last ten years, the focus of the IT corporate unit has been on the management systems and medical assistance systems, seeking to standardize equipment and software and to unify access codes (single registration). In 2005, INCA developed a project with the purpose of establishing a network for collection and processing of normal and tumor tissue samples, blood and clinical data of the most relevant tumors in Brazil (in relation to their frequency and morbidity). This network is composed of cancer university medical centers and hospitals, including INCA´s hospitals, totaling 20 centers in the five geographic regions of the country. The centers were chosen based on their potential to recruit patients and on the availability of trained personnel for diagnosis, sample collection and data processing. It is important to highlight the fact that such activities are performed in accordance with protocols defined by INCA for collection, identification, storage and transference of samples obtained by the members of the network to the institute’s Research Center. The National Tumor and DNA Bank lies central in the aforementioned project, created with the purpose of supporting studies in the area of markers in diagnosis and therapy, in significant samples of the Brazilian population. INCA´s National Tumor Bank consists of a biobank, with the clinical history data of patients who donated their samples to the institute, and of a physical repository for the cells obtained from such samples, in order to carry out clinical trials, and for use in basic research projects. Its development allows the standardization and computerization of the sample collection procedures, clinical data records and monitoring of patients for prospective studies, which may be used as a model for routine hospital conduct. The Banco Nacional de Tumores (SISBNT) – National Tumor Bank System – is an information system developed by INCA´s corporate IT department, in order to support the National Tumor Bank, depending on the demand of the institution´s JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
The case of Inca´s National Tumor Bank management system in Brazil
557
Research Centre. As it can be seen in Figure 1, the process that SISBNT supports consists of six stages and involves professionals from such areas as Pathology, Surgery and Laboratory.
1
2
3
4
5
6
Sample Collection
Sample Shipping
Sample Receipt
Sample Removal
Sample Processing
Sample Storage
Figure 1 – National Tumor Bank´s Workflow Process Source: by the authors The National Tumor Bank team’s internal workflow process is initiated with the signature of the informed consent document, in which the patient authorizes the collection of their tissue and blood samples during the surgical procedure they are undergoing. Collection procedure is performed directly in the operating theater of the National Tumor Bank´s associated hospitals. In the hospitals, there is a computer where the technician in charge of registering samples can perform a patient search by means of three different options: patients´ registration, number of the informed consent document, or number of the examination done on the pathological anatomy system, which is integrated to the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System. The technician in charge inputs the date and time of the collection (automatically entered with current date and time, but with the possibility of changing them in cases of previous date and time entry on the system). The system enables the sample-adding function where the user can add tissue samples and/or fluids to the same collection. For every new sample, the technician in charge inputs the class type (tissue or fluid) and fills out the fields with the characteristics of the sample, listed in Chart 1. Figure 2 shows the screen of the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System - with which the technician interacts at this stage of the process.
Tissue Class Type Characteristic
Fluid Class Type Characteristics
Type of receiver (tube or microscope slide)
Type of receiver (tube or microscope slide)
Part region (A, B, C...)
Subclass
Subclass
Topography
Pathological state
Type of procedure
Type of procedure
Information on blood transfusion
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
558
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
Tissue Class Type Characteristic
Fluid Class Type Characteristics
Topography
Information on chemotherapy
Side
Information on anticoagulant
Type of preservation
Time of the collection
Observation
Type of preservation Volume Chart 1: Characteristics of the Sample Type per Class Source: by the authors
Figure 2 – Sample Collection At the end of the sample collection, the technician generates a report containing information on the samples they entered on the system. This report is sent to the National Tumor Bank, together with the receiver of the collected samples. After receipt, the condition of the sample is defined; it can be removed (the sample is removed from the bank due to quality issues) or processed, which develops one of the following conditions: restrict use (sample restricted for the National Tumor Bank´s use only), available (sample available for research), unavailable (sample unavailable for research), depleted (sample that originated secondary components), and reserved (reserved for some research). JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
The case of Inca´s National Tumor Bank management system in Brazil
559
The National Tumor Bank´s storage process is initiated by the barcode reading of the primary sample, from which their secondary components are extracted. According to the class and type of preservation of the primary sample, other types of secondary components are obtained, such as: serum, DNA, RNA, proteins, plasma, total leukocytes, mononuclear cells, layers, manipulated tissue and supernatant fluids. In order to store a sample, the system needs to provide a map with the available positions in the National Tumor Bank´s physical storage where they can be stored (Figure 3). The technician in charge informs which batch (it is possible to choose one among all the batches received and not stored, according to the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System), chooses the samples to be positioned and performs their allocation on the system. The samples are allocated the first free positions in a receiver, complying with the criterion established for the storage conditions (for instance, blood can only be stored in the –80º freezer and marrow bone, in the –40º one). After the end of the allocation entered on SISBNT, a report is automatically generated, informing the technician in charge where each sample is going to be stored physically. The Banco Nacional de Tumores (SISBNT) – National Tumor Bank System – also has a search tool that finds the receivers on the system, as well as their storage tree, as seen in Figure 3. It is possible to navigate through its boxes and positions and select one of them in order to obtain a summary of the information on the sample therein stored.
Figure 3 – Storage Map
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
560
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
In addition to the information on the samples, made available by the search in the freezer, the system also provides a sample search by code or donor. By using the sample code or donor´s registration, the technician in charge is able to obtain all the information on the sample, as well as the characteristics of their collection, pathological anatomy, clinical laboratory and storage. Figure 4 shows the screen related to this type of search.
Figure 4 – Sample search by code or donor
The Banco Nacional de Tumores (SISBNT) – National Tumor Bank System – has been implemented successfully in four different hospitals in Rio de Janeiro. The system shows an average of 500 searches, made by 237 registered users with management, operational and search profiles. Up until the date of this research, 26.363 samples had been collected and stored at the National Tumor Bank. In addition, 19.721 informed consent documents had been signed and 19.401 clinical questionnaires had been answered. Due to the nature of storing data and the need to protect the privacy of the patients, the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System cannot be accessed directly by INCA´s researchers. It has its own team for the management of the system, which is also responsible for providing the information requested in the experiments. In fact, in order for the researchers to have data available to their project, they first need to sign the terms and conditions at INCA´s ethics committee. Therefore, the National Tumor Bank can be regarded as the facility for the institute´s basic, translational and clinical research. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
The case of Inca´s National Tumor Bank management system in Brazil
561
4.2 The Banco Nacional de Tumores (SISBNT) – National Tumor Bank System – and INCA´s Innovation Management There was a consensus on INCA´s executive board of directors towards the fact that the institute needed to focus its strategic actions on the advancement of cancer knowledge in Brazil. Aligned with this consensus, the role of R&D has taken shape since the middle of the last decade, seeking to transform INCA´s Research Center into a Technological Development Center. Among all the initiatives regarded as critical for research to move on to the next level, the National Tumor Bank stands out in the eyes of the interviewees. Figure 5 shows the central role that the National Tumor Bank may play in INCA´s scientific research if the efforts towards the development of new compounds continue to advance in the institution.
Basic –Bench
Translational
NTB
Translational
New drugs
Clinical - Bedside
Figure 5 – The role played by the National Tumor Bank in INCA´s research Source: by the authors The National Tumor Bank was considered by the research coordination team as one of the milestones in the change of direction of the R&D strategies and policies at the institute, which is in line with the importance, highlighted in the literature, of creating and managing biobanks that support research in life sciences (McQueen et al, 2010). It was seen as an innovation, a structuring project for the research field, which initiated its automation process with a biobank that relied on an infrastructure for micro dissection and arrays of tissues and DNA, up to the point of implementing the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
562
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
Thus, there was a clear strategic purpose behind the development and implementation of the National Tumor Bank system, which was aligned with the view, as far as innovation is concerned, predominant at that time at INCA´s executive level. This high level of congruence was a determinant for the project to be supported by the institute’s top management, making it a priority at the institution. It is confirmed in this research the idea that the commitment of the main stakeholders of the organization and a strong organizational leadership are highly necessary to the success of the implementation of information systems in healthcare organizations (Cresswell & Sheikh, 2013; Gruber, Cummings, LeBlanc, & Smith, 2009). Currently, INCA is a landmark institution in Latin America when it comes to clinical trials for stages 1, 2 and 3 of oncology therapeutic class. Around 80% of INCA´s clinical studies are sponsored by major global pharmaceutical companies, which use these clinical studies in multicenter tests of new drugs or for new uses for already existing active principles. The remaining 20% of the studies is requested by INCA´s own researchers or by the Rede Nacional de Pesquisa Clínica - National Clinical Research Network. INCA´s basic research areas involve experiments focused on the identification of the genetic base of the disease and on the identification of molecules for the treatment of various cancer types. Five years ago, together with the experiments performed in physical laboratories, INCA, reflecting the change in the R&D profile under development, structured its Bioinformatics and Computational Biology, which carry out in silico analyses of the date generated in experiments in Genomics, Proteomics, molecular modeling and virtual screening. The creation of a translational research laboratory was seen by INCA´s managers as an essential step towards the effective integration of basic research where Bioinformatics is found - and clinical trials focused on drug projects, contributing to reducing the academic characteristic that INCA´s research used to have a short time ago. As a rule, translational research is described in the literature as a link or a linear integration process of basic research into clinical trials (Goldblat & Lee, 2010). At INCA, as seen in Figure 5, the manager of the translational research laboratory manager understands that his projects are going to play an increasingly interactive role. In line with this perspective, some projects carried out at INCA stemmed from problems observed in clinical practice, giving rise to research questions, whose answers made it necessary to resort to basic research in order to develop the hypothesis, retesting it in the translational or clinical context. The cells stored at the National Tumor Bank lie central in the clinical and retro alignment process, whose moving around is managed by the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System. The Research Center managers understood that INCA was qualifying itself, based on the new process and systems of Information and Communication Technologies, on the ongoing efforts for the construction of an institutional/legal landmark cancer research in order to support the network of Brazilian researchers (many of them in the academic community who do not have resources to advance their research towards pre-clinical and clinical study stages). Herein, SISBNT plays a critical role by providing objective conditions for this research to advance up to the point it reaches higher complexity stages that involve a higher need for resources, such as stage 1, 2 and 3 pre-clinical and clinical tests.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
The case of Inca´s National Tumor Bank management system in Brazil
563
It is possible to see the important role of leaderships at the institute regarding the integration of the different areas of the organization, with the support of systems that would interconnect, improve and speed up relevant information flows between these areas. As a matter of fact, efforts to integrate and bring together the various sectors within the organization and its ICTs are usually seen as critical for the successful implementation of computational systems in the area of healthcare (Cresswell & Sheikh, 2013; Gagnon et al., 2010). Actually, it seemed that a consensus existed between the various actors involved in the process of adoption of the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System. This consensus related to the need for development and implementation of a system that properly supported the joint efforts of cancer care providers and researchers. Thus, the investigated case provides additional empirical support to how important it is for users to understand the potential benefits arising from technology and the effective commitment to the project (Yarbrough & Smith, 2007; Yusof, Stergioulas, & Zugic, 2007). The role played by the Information Technology Division (ITD) in the design and implementation of SISBNT showed evidence that good practices in information management can contribute to the consolidation of the biobank in biopharmaceutical organizations, which adopt translational research in the oncology therapeutic class, as highlighted by Goebell & Morente (2010). The ability of the ITD team, in particular its manager, to discuss with the various stakeholders of the project, to understand their expectations and to define an IT solution that respected autonomy needs of the various areas - and at the same time, that promoted its integration - was essential for the success of the initiative. As frequently cited in the literature (Cresswell & Sheikh, 2013; Gagnon et al., 2010; Yarbrough & Smith, 2007), the good relationship between the areas involved in the adoption of the new system was critical for the alignment of roles, responsibilities, activities information flows and functionalities inserted into the scope of the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System. As highlighted by Yusof et al. (2007), “technological, human and organizational factors are equally important [to the success of IT adoption in healthcare organizations], as well as the alignment between them”. At the end of data collection, it was noticed that although the connection between the different research areas of the Research Center was still fragmented, the basic research areas, both in physical laboratories and in Computational Biology, already performed experiments proposed by translational research and they were assessed in clinical trials. Data from SISBNT were already used in basic bench research, in some translational research laboratory projects and in clinical trials. In part, due to the fact that the in silico research still did not focus on the national drug program, the experiments in Bioinformatics had not accessed the data from SISBNT until the end of 2013, although this area had declared its intention to do so shortly. Among the initiatives that contributed for this to happen were the increase in the number of stored samples at SISBNT and the emergence of powerful tools of genetic sequencing and High Performance Computing, acquired in October 2001 and June 2012. It is worthy of mentioning, however, that as Bioinformatics and translational research, and the National Tumor Bank itself, had been recently created in the institution - the adoption of techniques or data mining tools highlighted in the JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
564
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
literature - with a focus on the recognition of standards, structures and rules (KrysiakBaltyn et al, 2014), was not evident at INCA by the time this study was conducted. 5. CONCLUSIONS In response to the previously defined research question, the analysis of INCA´s Banco Nacional de Tumores (SISBNT) – National Tumor Bank System illustrates how a biobank with the support of modern information and communication technologies can contribute to the improvement of scientific research in oncology therapeutic class. The benefits of such an innovation are immediately reflected in the improvement of the access to useful knowledge and in the increase of operational efficiency in R&D management. Other benefits are reflected as an increased focus on patients’ expectations and their satisfaction, as well as on improvements in transference and dissemination of knowledge. It is clear in the analysis of the evidence that the implementation of such an initiative demanded, before anything else, that the involved managers clearly understand the process of use of this information and the meaning of the initiative for the repositioning of INCA as an oncology innovation center. It was also confirmed that SISBNT represented an important innovation in the institute´s IT area, which meant a paradigm shift at INCA´s Research Center. Such an innovation contributed to, according to the interviewees´ own answers, positioning INCA as the only Brazilian organization that boasts technical conditions to perform all the stages of research focused on the development of new drugs in oncology therapeutic class. It was also clear that the Banco Nacional de Tumores (SISBNT) – National Tumor Bank System is regarded by researchers as a critical tool, not only due to the relevance that the data contains, but also due to the fact it was developed in compliance with good practices from Information Science. This fact keeps the organization from resorting to database and technological platforms, which are unsuitable to the objectives of knowledge management, and to the integration of the technological co-development process, as these practices seem to be commonplace in R&D areas, which do not boast a suitable IT support. The explanatory nature of this research imposes some limitations to the scope of the aforementioned conclusions. First, there is no intention to exhaust the discussion about the contributions to a biobank in cancer technological innovation, in particular regarding the organizational mechanisms and processes, which are necessary to its development and management. In addition, as one of the authors of this research is the person in charge of the implementation of SISBNT, the subjectivity in the treatment of the answers given cannot be ruled out. At last, the context of this research, INCA, a public organization associated with the Health Ministry of Brazil, imposes restrictions on the generalization of results for other private companies and for other countries. Despite the aforementioned limitations, this research contributed to theory and practice as it highlights the importance of bringing together of IT and R&D in cancer research, as seen in the case of INCA´s Banco Nacional de Tumores (SISBNT) – National Tumor Bank System. From this finding, a question for further research is raised: what organizational mechanisms and processes can contribute to a better integration of IT into basic, translational and clinical research? Lastly, it is understood that R&D and IT managers of Brazilian biopharmaceutical companies can use the case JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
The case of Inca´s National Tumor Bank management system in Brazil
565
herein described in order to learn important lessons that aim to improve their innovation efforts. REFERENCES Abidi, S.S.R. (1999). Healthcare knowledge management through building and operationalizing healthcare enterprise memory. In: Medical informatics in Europe (MIE’99), Amsterdam: IOS Press. Abraham, C., Nishihara, E., & Akiyama, M. (2011). Transforming healthcare with information technology in Japan: A review of policy, people, and progress. International Journal of Medical Informatics, 80(3), 157–170. Argyris, C., Putnam, R. & Smith, D.M. (1985). Action science: action science concepts, methods and skills for research and intervention. Nova York: Jossey Bass. Barbosa J.G.P., Gonçalves A.A., Simonetti V., & Leitão A.R. (2009). A proposed architecture for implementing a knowledge management system in the Brazilian National Cancer Institute. Brazilian Administration Review-BAR, 6 (3), pp.246-262. Bardhan, I. R., & Thouin, M. F. (2013). Health information technology and its impact on the quality and cost of healthcare delivery. Decision Support Systems, 55(2), 438– 449. Bardin L. (1979). Análise de conteúdo. Lisboa: Edições 70. Bash, E. M., Thaler, H.T., Shi, W., Yakren, S., & Schrag, D. (2004). Use of information resources by patients with cancer and their companions. Cancer, 100 (11), pp.2476–2483. Bell, M., & Figueiredo, P.N (2012). Building innovative capabilities in latecomer emerging market firms: some key issues. In: Amann, E., & Cantwell, J (orgs). Innovative firms in emerging market countries. New York and London. 1ed. Oxford: Oxford University Press, 1, pp. 24-109. Catanho M., Miranda A.B., & Degrave, W. (2007). Comparando genomas: bancos de dados e ferramentas computacionais para a análise comparativa de genomas procarióticos. Revista Eletrônica de Comunicação, Informação & Inovação, 1 (2), pp.335-58. Checkland, P. B. (1991). From framework through experience to learning: The essential nature of action research. In: Eds. Nissen, H., Klein, H. K, & Hirschheim, R. A. Information Systems Research: Contemporary Approaches and Emergent Traditions. Amsterdam: North-Holland, pp.397-403. Chiaroni, D., Chiesa V., & Frattini F. (2008). Patterns of collaboration along the BioPharmaceutical innovation process. Journal of Business Chemistry, 5 (1), pp.7-22. Clauser, S. B., Wagner, E. H., Aiello Bowles, E. J., Tuzzio, L., & Greene, S. M. (2011). Improving modern cancer care through information technology. American Journal of Preventive Medicine, 40(5 Suppl 2), S198–207. Cooper, R. (1993). Winning at new products: accelerating the process from idea to launch. Cambridge: Perseus Books.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
566
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
Côrtes, P.L., & Côrtes, E.G. de P. (2011). Hospital information systems: a study of electronic patient records. Journal of Information Systems and Technology Management - JISTEM, 8 (1), pp.131-154. Cresswell, K., & Sheikh, A. (2013). Organizational issues in the implementation and adoption of health information technology innovations: an interpretative review. International Journal of Medical Informatics, 82(5), e73–86. Figueiredo, P.N. (2009). Gestão da inovação: conceitos, métricas e experiências de empresas no Brasil. Rio de Janeiro: LTC. Fried, B.J., Leatt, P., Deber, R., & Wilson, E. (1998). Multidisciplinary teams in health care: lessons from oncology and renal teams. Healthcare Management Forum, 4, pp.28-34. Gagnon, M. P., Pluye, P., Desmartis, M., Car, J., Pagliari, C., Labrecque, M., … Légaré, F. (2010). A systematic review of interventions promoting clinical information retrieval technology (CIRT) adoption by healthcare professionals. Int. J. Med. Inf., 79, 669. Galligioni, E., Berloffa, F., & Caffo, O. (2009). Development and daily use of an electronic oncological patient record for the total management of cancer patients: 7 years’ experience. Annals of Oncology, 20 (2), pp.349-52. Goebell, P.J. & Morente, M.M. (2010). New concepts of biobanks - strategic chance for uro-oncology. Urologic Oncology, 28, pp.449-457. Goldblatt E.M., & Lee, W-H. (2010). From bench to bedside: the growing use of translational research in cancer medicine. American Journal of Translational Research, 2 (1), pp.1-18. Gruber, D., Cummings, G., LeBlanc, L., & Smith, D. (2009). Factors influencing outcomes of clinical information systems implementation: a systematic review. Comput. Inform. Nurs., 27(151). Hagen, J.B. (2000). The origins of Bioinformatics. Nature Reviews Genetics, 1 (3), pp. 231-236. Hughes, B., & Wareham J. (2010). Knowledge arbitrage in global pharma: a synthetic view of absorptive capacity and open innovation. R&D Management, 40(3), pp.324343. INCA (2014). Instituto Nacional do Câncer. Estimativa 2014, Incidência de Câncer no Brasil. Disponível em: http://www.inca.gov.br Kim, S., & Gilbertson, J. (2007). Information requirements of cancer center researchers focusing on human biological samples and associated data. Information Processing & Management, 43, pp.1383–1401. Krysiak-Baltyn, K., et al. (2014). Compass: a hybrid method for clinical and biobank data mining. Journal of Biomedical Informatics, 47, pp.160–170. Lenoir, T. (1998). Shaping biomedicine as an information science. In: Bowden, M.E., Hahn T.B., & Willians R.V. (eds). Proceedings of the 1998 Conference on the History and Heritage of Science Information Systems. ASIS Monograph Series. Medford, NJ: Information Today, pp. 27-45.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
The case of Inca´s National Tumor Bank management system in Brazil
567
Macmullen, W. J., & Denn, S. (2005). Information problems in molecular biology and Bioinformatics. Journal of the American Society for Information Science and Technology – JASIST, 56 (5), pp.447-456. Malm, J. et al. (2013). Developments in biobanking workflow standardization providing sample integrity and stability. Journal of Proteomics, 95, pp.38-45. McQueen, M.J. (2014) The challenge of establishing, growing and sustaining a large biobank: a personal perspective. Clinical Biochemistry, 47, pp.239-244. Ministério da Saúde, Departamento de Ciência e Tecnologia, Secretaria de Ciências, Tecnologia e Insumos Estratégicos. (2009). Diretrizes nacionais para biorrepositórios e biobancos de materiais humanos em pesquisa. Revista de Saúde Pública [online], 43 (5), pp.898-899. O’Brien M., D., Kaluzny D., A., & Sheps G., C. (2014). The Role of a Public-Private Partnership: Translating Science to Improve Cancer Care in the Community. Journal of Healthcare Management, 59(1), 17–29. Disponível em: http://search.ebscohost.com/login.aspx?direct=true&db=c8h&AN=2012448224&lang =pt-br&site=ehost-live O’leary, D. (1998). Knowledge management systems: converting and connecting. IEEE- Intelligent Systems, 13 (3), pp.30-33. Organização Mundial da Saúde (2014), World Cancer Report, International Agency for Research on Cancer. IARC, ISBN 978928320429 . Organização para a Cooperação e Desenvolvimento Econômico. (2007). Manual de Oslo - Diretrizes para a coleta e interpretação de dados sobre Inovação. 3ª ed., Tradução FINEP, 2007. Disponível em: http://download.finep.gov.br/imprensa/oslo2.pdf. Ouzounis, C.A., & Valencia, A. (2003). Early Bioinformatics: the birth of a discipline - a personal view. Bioinformatics, 19 (17), pp.2176-2190. Peterson, D. E., Bensadoun, R.-J., Lalla, R. V, & McGuire, D. B. (2011). Supportive care treatment guidelines: value, limitations, and opportunities. Seminars in Oncology, 38(3), 367–73. Pitassi, C (2014). Inovação aberta nas estratégias competitivas das empresas brasileiras. REBRAE. Revista Brasileira de Estratégia (Eletrônica), v. 1, pp. 18-36. Pitassi, C., Moreno, V. de A. Jr., & Gonçalves A.A. (2014). Fatores que influenciam a adoção de ferramentas TICs nos experimentos de Bioinformática de organizações biofarmacêuticas: um estudo de caso no Instituto Nacional do Câncer. Revista Ciência e Saúde Coletiva, 19(1), pp.257-268, Pronovost, P. J., & Goeschel, C. A. (2010). Viewing healthcare delivery as science: Challenges, benefits, and policy implications. Health Services Research, 45, pp.1508– 1522. Rastogi, T., Hildesheim, A., & Sinha, R. (2004). Opportunities for cancer epidemiology in developing countries. Naure Reviews Cancer, 4, pp.909-917. RBPC. (n.d.). Rede Brasileira de Pesquisas sobre o Câncer. Disponível em: http://www.rbpc.lncc.br/ Specimen Central. (2014). Global Directory of Biobanks, Tissue Banks and Biorepositories. Disponível em: http://specimencentral.com/biobank-directory.aspx JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
568
Gonçalves, A. A., Pitassi, C., Assis Jr. V., M., de
Turan, A. H., & Palvia, P. C. (2014). Critical information technology issues in Turkish healthcare. Information & Management, 51(1), 57–68. Vergara, S.C. (2005). Projetos e relatórios de pesquisa em administração, 6ª edição. São Paulo: Atlas. Wallace, P.J. (2007). Reshaping cancer learning through the use of health information technology. Health Affairs (Project Hope), 26 (2), pp.169-177. Wickramasinghe, N. (2000). IS/IT as a tool to achieve goal alignment in the health care industry. International Journal of Healthcare Technology and Management, 2 (1), pp.163-180. Yarbrough, A. K., & Smith, T. B. (2007). Technology acceptance among physicians: a new take on TAM. Med. Care Res. Rev., 64, 650. Yin, R.K. (1994). Case study research: Design and methods. London: SAGE Publications. Yusof, M. M., Stergioulas, L., & Zugic, J. (2007). Health information systems adoption: findings from a systematic review. Stud. Health Technol. Inform., 129(262).
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 549-568
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300004
CONTEXT MANAGEMENT: TOWARD ASSESSING QUALITY OF CONTEXT PARAMETERS IN A UBIQUITOUS AMBIENT ASSISTED LIVING ENVIRONMENT Debora Cabral Nazario Federal University of Santa Catarina - UFSC - Florianopolis, Santa Catarina, Brazil Santa Catarina State University – UDESC - Joinville, Santa Catarina, Brazil
Mario Antonio Ribeiro Dantas Federal University of Santa Catarina - UFSC - Florianopolis, Santa Catarina, Brazil
Jose Leomar Todesco Federal University of Santa Catarina - UFSC - Florianopolis, Santa Catarina, Brazil ___________________________________________________________________________________________
ABSTRACT This paper provides an approach to assessing Quality of Context (QoC) parameters in a ubiquitous Ambient Assisted Living (AAL) environment. Initially, the study presents a literature review on QoC, generating taxonomy. Then it introduces the context management architecture used. The proposal is verified with the Siafu simulator in an AAL scenario where the user’s health is monitored with information about blood pressure, heart rate and body temperature. Considering some parameters, the proposed QoC assessment allows verifying the extent to which the context information is up-to-date, valid, accurate, complete and significant. The implementation of this proposal might mean a big social impact and a technological innovation applied to AAL, at the disposal and support of a significant number of individuals such as elderly or sick people, and with a more precise technology. Keywords: Quality of Context, Ubiquitous Computing, Ambient
Assisted Living, Health, Technological Innovation.
___________________________________________________________________________________________ Manuscript first received/Recebido em: 02/12/2013 Manuscript accepted/Aprovado em: 17/09/2014 Address for correspondence / Endereço para correspondência
Débora Cabral Nazario, Federal University of Santa Catarina - UFSC - Florianopolis, Santa Catarina, BrazilSanta Catarina State University – UDESC - Joinville, Santa Catarina, Brazil E-mail: debora.nazario@udesc.br Mário Antônio Ribeiro Dantas, Federal University of Santa Catarina - UFSC - Florianopolis, Santa Catarina, Brazil E-mail:mario.dantas@ufsc.br José Leomar Todesco, Federal University of Santa Catarina - UFSC - Florianopolis, Santa Catarina, Brazil E-mail: tite@egc.ufsc.br Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
570
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
1. INTRODUCTION Ubiquitous computing has increasingly been part of people’s daily activities through the use of mobile and portable devices. These devices have diverse features and interfaces as GPS (Global Positioning System), radio and TV, audio players, digital cameras, etc. This type of computing has strong links with the characteristics of the physical world and the profiles of their users (Loureiro et al., 2009). Such information is called context, and represents the input element for contextaware computing. Context is any information that can be used to characterize the situation of entities such as a person, a place or an object that is considered relevant to the interaction between a user and an application (Dey, 2000). According to Chen and Kotz (2000), context has four dimensions: the computational context refers to the technical aspects related to capacities and computing resources; the physical context is accessed by sensors with features encompassing, for example, location, traffic condition, speed, temperature, lighting, etc. The time context captures information such as time of a day, week, month, season, year, etc. The user context is related to the social dimension of the user, such as the user’s profile, people nearby, current social situation, preferences, etc. A system can thus use such significant context information and then provide more optimized and personalized services, increasing user satisfaction. Through the use of context, it is also possible to minimize the consumption of resources such as energy, processing and communication, providing more accurate and dynamic services (Loureiro et al., 2009). In ubiquitous environments, one of the many important factors is the context sensitivity. But the context information may not be reliable or useful, becoming a problem in terms of quality of the context information. Consequently, an important point about the context sensitivity is that the context information must be reliable; quality must be ensured (Y. Kim & Lee, 2006). Quality of Context (QoC) is any information that describes the quality of information that is used as context information. So QoC refers to the information itself, not the process or the hardware component that provides the information (Buchholz, Küpper, & Schiffers, 2003). QoC does not require perfect context information with the highest possible accuracy and up-to-dateness, but it needs a correct estimation of the data quality (Bellavista, Corradi, Fanelli, & Foschini, 2012). The quality of the context information used in the adaptation of services has a significant impact on users’ experiences with context-sensitive services, which can be positive or negative depending on the QoC. For that reason, QoC can help the user to estimate the behavior of a context-aware service. QoC can also serve as an indicator for the selection of a more appropriate context provider. Lack of quality can lead assisted systems to respond inappropriately, resulting in errors related to assistance or support, or putting the user at risk. QoC assessments can improve these systems and set them to perform specific actions whenever lapses in quality occur, thus proving the importance of a QoC evaluation. The objective of this study is to conduct a review of the literature concerning QoC, and then demonstrate the use of QoC in an Ambient Assisted Living (AAL) JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
571
environment, evaluating some QoC parameters. Through this evaluation of QoC, it is intended to achieve the following objectives: detect anomalies or inconsistencies in sensors, generate alerts, activate backup sensors, discard data with insufficient QoC, choose appropriate providers, and other actions. The paper is organized as follows: Section 2 describes the research method used. Section 3 presents taxonomy of the studies on QoC found in the literature. Section 4 describes the context management architecture adopted and its three layers. Section 5 presents the Ambient Assisted Living scenario selected. Section 6 presents the case study implemented; describing the simulator used the context provider, the context processing, the form of QoC assessment, and the results. Section 7 mentions some related works, and section 8 presents our conclusions and future work. 2. RESEARCH METHOD
Initially, this study conducted a literature review on Quality of Context, comprising: data collection, data analysis and synthesis, and data representation. The data was collected from the databases: Web of Science, Scopus and Google Scholar, with the search term "quality of context", resulting in the selection of 108 papers. For the analysis of this material, an auxiliary chart was created including information like author, title, QoC parameters studied, technique or method used, and observations. The chart helped to classify the papers into categories or subjects, which are represented in the Taxonomy described in the following section. After the literature review, a Context Management Architecture was proposed, with emphasis on the QoC evaluation process, involving two main modules: the QoC Quantifier and the QoC Evaluator. The present study provides an overview of such Architecture, highlighting the QoC Quantifier module. Subsequently, we carried out the simulation of an Ambient Assisted Living scenario for health monitoring using some QoC parameters. This study used the context simulator Siafu (Europe, 2007) to simulate the proposed AAL scenario with the sensor readings: blood pressure, heart rate and body temperature, with emphasis on health-monitoring sensors. After obtaining this data from the simulator, the following QoC parameters were quantified: Up-to-dateness, Coverage, Precision, Completeness, and Significance. An overall quality value was calculated, too. The obtained values can be displayed graphically or through a file in text format for manipulation. Some analyzes can be performed when a QoC problem is detected, helping in the identification of an existing problem, such as: sensor failures, inconsistencies, network communication problems, or warnings about potential health problems. After completing the case study, some related works will be cited. These works encompass scenarios related to Health, Smart Home, Simulation and QoC use.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
572
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
3. SYSTEMATIC REVIEW 3.1.
QoC Taxonomy
The taxonomy developed is represented in Figure 1.
Figure 1. QoC Taxonomy In a more general way, the concept of Information Quality (IQ), used for any type of information, can be found in (Y. Kim & Lee, 2006) that builds a relationship between IQ dimensions and QoC parameters. While QoC describes the quality of contextual information, QoS refers to Quality of Services. QoS is any information that describes how well a service performs. Services are performed in hardware components, and these devices also possess a quality, called Quality of Device (QoD). QoD is any information about a device’s technical properties and capabilities (Buchholz et al., 2003). The literature review was focused on the topic of QoC, initially selecting a total of 108 articles out of which we obtained the following classification: • Definitions and proposals of QoC parameters (24 papers); • Alternatives for quantification of QoC parameters (22 papers); • Context Representation Models with QoC (12 papers); • Other topics (21 papers); • Application of QoC to a scenario (13 papers); Some of the articles discussed concepts related to QoC or suggested the use of QoC in future work, not falling under any category. Thus, a total of 56 articles were considered relevant according to this classification, and were included in the taxonomy. It is noteworthy that some works fit more than one category. This study can be found in full details in (Nazario, Dantas, & Todesco, 2012), and also in all references in each category. The five categories of QoC taxonomy are described more succinctly than in the full article (Nazario, Dantas, & Todesco, 2012), as follows.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
3.2.
573
Definitions and proposals of QoC parameters
Based on a number of twenty-four papers, a set of parameters was defined and/or one or more parameters were proposed. It was observed that there is no standardization of nomenclature and definitions. Several authors have defined a set of parameters, sometimes different names with the same or similar meaning. In some situations the same authors used different nomenclatures, as in (Manzoor, Truong, & Dustdar, 2008) and (Manzoor, Truong, & Dustdar, 2010). Another aspect noticed was the large number of QoC parameters in the literature, over forty parameters. The proposed QoC assessment will be made through the quantification of some QoC parameters. Many parameters have been proposed and defined in the literature. Some of them are described below. Reliability: defines how tolerant the application is in relation to sensor failures (Dey, 2000); Trustworthiness: similarly to Reliability, describes the probability of the information provided being correct. It is used by the context provider to evaluate the quality of the agent from which the context provider originally receives the context information (Buchholz et al., 2003); Coverage: defines the set of all possible values for a context attribute (Dey, 2000); Resolution: is similar to information accuracy, or defined granularity (Dey, 2000) or yet the smallest perceptible element (Gray & Salber, 2001); Up-to-dateness: indicates how old the context information is by using a timestamp (Buchholz et al., 2003); Precision: describes exactly how the context information provided reflects reality (Buchholz et al., 2003); Probability of correctness: indicates the probability of part of the context information being correct or a reflection of the actual situation (Buchholz et al., 2003); Accuracy is also referred to as Probability of corretness, meaning how accurate and reliable the data is; the probability of part of the context information being correct (Y. Kim & Lee, 2006); Completeness: is the extent to which the context information is available, sufficient and not absent (Y. Kim & Lee, 2006); Access security: restricted access in order to maintain security (Y. Kim & Lee, 2006); Access Right: metric that varies depending on who will access the context information (Manzoor, Truong, & Dustdar, 2010), equivalent to Access security; Integrity: refers to the credibility and reliability of the context source; Significance: indicates the importance of the context information, its value is particularly important in life-threatening situations for humans (Manzoor et al., 2008); Priority: aims to allow differentiated traffic when multiple data must be sent (Corradi, Fanelli, & Foschini, 2010).
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
574
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
3.3.
Alternatives for quantification of QoC parameters
Twenty-two papers presented ways of quantifying one or more parameters using various techniques, for example: Biological genetics and genetic algorithms (Zimmer, 2006); fuzzy logic (Giaffreda & Barria, 2007), (Manzoor, Truong, Dorn, & Dustdar, 2010); Bayesian Probability Theory (Brgulja, Kusber, David, & Baumgarten, 2009); other mathematical models (Grossmann, 2009), (Becker et al., 2010), (Hossain, Shirehjini, Alghamdi, & Saddik, 2012). The studies (Manzoor et al., 2008) and (Filho, Miron, Satoh, Gensel, & Martin, 2010) used similar approaches but with different nomenclatures. A more detailed study would be required to obtain an integrated solution. Further studies are needed in order to examine the methods for more accurate conclusions. 3.4.
Context Representation Models with QoC
Context representation models can be classified according to various approaches, for instance: key-value pairs, based on markup scheme models, domain-driven models, graphical models, object-oriented models, entity-relationship model, based on reasoning, topic maps, contextual graphs, based on ontology, as well as hybrid models (Bettini et al., 2010; Santos, 2008). Twelve papers were selected. Among the approaches to context models found in the literature, some of the authors used QoC. These authors emphasized models that use graphical notation (Henricksen, Indulska, & Rakotonirainy, 2002); (Filho & Martin, 2008), XML (Extensible Markup Language) (Manzoor et al., 2008), UML (Unified Modelling Language) (Neisse, Wegdam, & Sinderen, 2008) and especially the use of ontologies and OWL (Ontology Web Language) (Tang, Yang, & Wu, 2007), (Toninelli & Corradi, 2009), (Filho et al., 2010). The use of ontologies for modeling context and QoC allows for reuse and sharing of context information. The difficulties of standardization and quantification of parameters are extended to representation models. 3.5.
Other topics
In a total of twenty-one papers, some other specific topics were highlighted, such as: resolution of conflicts and inconsistencies (Becker et al., 2010), (Xu, Ma, & Cao, 2012), (Zheng, Wang, & Ben, 2012); some aspects related to security (access control, privacy, reliability) (Filho & Martin, 2008), (Neisse et al., 2008), (Toninelli & Corradi, 2009); distribution of context data (Corradi et al., 2010), (Bellavista et al., 2012); and agent and multi-agent approaches (Zheng et al., 2012). Exploring each of these topics would certainly pose many challenges to be investigated. 3.6.
Application of QoC to a scenario
Thirteen papers were selected. Some studies were applied to a scenario for validation. It is worth mentioning intelligent environments such as, smart-home, personal smart space, smart vehicle, vehicular network, (Brgulja et al., 2009), (Hossain et al., 2012), (Roussaki, Liampotis, Kalatzis, Frank, & Hayden, 2009) and health care scenarios such as, Medical Advice/Emergency System, M-health, Health tele monitoring (Widya, Beijnum, & Salden, 2006), (Sheikh, Wegdam, & Sinderen, 2008), JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
575
(Roy, Das, & Julien, 2012). Other examples can still be cited, such as recognition systems, disaster scenarios and restaurant searches.
4. CONTEXT MANAGEMENT ARCHITECTURE
In this section we propose a differentiated context management architecture that takes into account the QoC evaluation during the step of context processing. QoC can be used to improve context management, assisting in decision making as regards its applications. The context management architecture is presented in Figure 2.
Figure 2. Context Management Architecture The bottom layer shows the context providers, which may be room sensors such as for temperature, light; health monitoring sensors such as of heart rate, blood pressure; mobile device sensors such as of location, time, and preferences; or actuators that can be used in intelligent automation. The middle layer shows the context processing, where acquisition of context information, processing and distribution of such information will take place. In order to follow these steps, some modules will be used: â&#x20AC;˘ Context Collector: collects the context data from the sensors;
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
576
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
• QoC Quantifier: performs the quantification (calculations) of QoC parameters and QoC overall value, considering the context for instance space, time, user, etc.; • QoC Evaluator: verifies the QoC associated with the context information by means of ontologies; • Security Policy: checks the security policies adopted for the distribution of context knowledge and QoC among context consumers; It is in this layer that the QoC assessment will be made, comprising the modules QoC Quantifier and QoC Evaluator. For the case study investigated in the present research, details of the QoC Quantifier module will be provided. Still in this layer, data is converted into information and then into knowledge. The context collector obtains data (values that have no meaning when isolated). The QoC Quantifier both makes the necessary calculations and develops relationships with the context involved, hence the information is generated. The Evaluator, in turn, assesses the QoC through inferences in the ontology(s), so this module deals with context knowledge. Finally, the top layer displays context knowledge and QoC consumers, such as healthcare applications, home or intelligent environment, in addition to other services where the context is considered. Among the possible scenarios for applying the model, the following can be cited: leisure, tourism, traffic, industry, commerce, health, entertainment, smart environments, disasters, and others. Since the proposed study focuses on the context-processing layer, it could be understood that this applies to any type of scenario previously mentioned. For the purpose of verifying this proposal, an Ambient Assisted Living (AAL) scenario was selected. 5. THE SCENARIO
No universal definition of Ambient Assisted Living (AAL) has been adopted, but it can be described as information and communication technology based products, services and systems to provide older and vulnerable people with a secure environment, improve their quality of life and reduce the costs of health and social care (Cardinaux, Bhowmik, Abhayaratne, & Hawley, 2011). In a different definition, AAL is the term given to the provision of care to people either in their own homes or in supported housing, underpinned by technology. The provision of care, augmented by assisted living technologies, is growing because of the increasing demand and also due to the maturing of many of the underlying technologies that make assisted living possible (McNaull, Augusto, Mulvenna, & McCullagh, 2012). As for the scope of use of AAL (van den Broek, Cavallo, & Wehrmann, 2010), the following can be mentioned: • AAL for persons: AAL for health, rehabilitation and care; coping with impairments and disabilities; personal and home safety and security; • AAL in the community: Social inclusion; entertainment and leisure; mobility; JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
577
• AAL at work: Needs of older workers; access to working space; support for working; safety and health regulations; Our proposed AAL scenario, in the ‘AAL for persons’ category, is a house consisting of a kitchen, a laundry room, a bathroom, a TV room, a bedroom and a studio/office, as illustrated in Figure 3.
Figure 3: AAL Scenario The house is occupied by an old person (henceforth referred to as resident). This person takes daily medication for health control. Some of the resident’s daily activities are: waking up around 8:00 a.m.; having breakfast; walking the dogs; taking medicines; doing health monitoring (blood pressure, heart rate, body temperature); having lunch at home or at a nearby restaurant; doing some housework and handicraft; reading; having dinner; watching TV; using the bathroom; sleeping. The simulation used sensors of blood pressure, heart rate and body temperature, with emphasis on health monitoring sensors. 6. CASE STUDY Testing, assessing or validating a context-sensitive or distributed application involves costs with people, time and equipment. For that reason, a simulation can be the first step to check the consistency of a given investigation. This study used the context simulator Siafu, to simulate both context provider and context processing. This simulator has been chosen because it allows the creation of new scenarios, obtaining context information as needed, and it enables inclusion of QoC assessment during simulation. Due to its characteristics, some of the previously mentioned studies dealing with QoC also used this simulator, for instance (Brgulja et al., 2009), (Chabridon, Abid, & Taconet, 2011), (Xu et al., 2012). Other simulators and emulators for ubiquitous scenarios are discussed in (Knappmeyer, Kiani, Reetz, Baker, & Tonjes, 2013).
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
578
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
6.1 Siafu Simulator This case study used Siafu – an open-source context simulator developed in Java language at the NEC European Research Lab (Europe, 2007). This simulator is aimed at generating context information in a given scenario. Some of the scenarios developed are available for simulations, for instance: some cities, a university and an office. In addition to graphic visualization and simulation of the context information, the data output is via listener or CSV file. This tool enables the development of new scenarios in three steps. The first step is defining the place, which involves the creation of the scenario map (a graph), the definition of circulation areas for the agents (in the color black; obstacles are white), the creation of context variables and identification of locations on the map, thus generating multiple layers with different information. The second step is programming the behavior, where three classes are programmed: BaseWorldModel – behavior of the place, BaseContextModel – context data, and BaseAgentModel – behavior of each agent. Finally, the third step is data bundling (Martin & Nurmi, 2006). After these steps, the simulation can be performed in the application Siafu, allowing real-time visualization of the agents. It is possible to change the agents’ behavior at runtime, or change runtime. 6.2. Context Provider A graphic scenario was created with Siafu, with an agent representing the resident. The simulated sensors are those related to the monitoring of the resident's health: blood pressure, heart rate and body temperature, in the bottom layer of the proposed architecture: Context Provider. 6.3. Context Processing The main layer of the proposed architecture is the context processing layer, which is characterized by the modules of quantification and QoC evaluation. The first step of the context processing is data acquisition. The data is obtained from the sensors through a context collector module implemented in the simulation. Subsequently, the QoC quantification is done using the QoC Quantifier module, as described below. 6.4. QoC Quantifier At this point, an algorithm will quantify the QoC parameters through the QoC Quantifier module. Based on the study of the parameters found in the literature, the following parameters were selected: Up dating, Coverage, Precision, Completeness, and Significance. These parameters were chosen for being more significant, that is, their values can help more effectively in diagnosing possible problems QoC. For example: failures in sensors and communication networks, outdated information, warnings about health issues, among others, additionally not requiring much processing capability. Other parameters may be included in future work.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
579
All parameters must have values between 0 and 1, according to the form of use proposed by most of the authors under consideration. Up-to-dateness (U): The quantification of this parameter is based on (Manzoor et al., 2008), where:
The variable lifetime is set to a value at which the information becomes "old", outdated. The parameter Up-to-dateness is calculated for each unit of context information (sensor), so its implementation includes: U (temperature), U (pulse), U (pressure). Coverage (C): According to the definition of Dey (2000), the value range for each sensor (upper_limit, lower_limit) is identified and then tested, as follows:
The parameter Coverage is calculated for each unit of context information (sensor): C (temperature), C (pulse), C (pressure). Precision (P): It is the difference between the actual value and the value measured by the sensor, divided by the actual value; the two values (actual and measured) are in the simulation, as shown below:
Each unit of context information (sensor) will have the value of the parameter Precision as: P (temperature); P (pulse); P (pressure) â&#x20AC;&#x201C; in this case, precision will be the same for diastolic and systolic pressure. Completeness (Cm): According to Manzoor et al. (2008), this measurement of quality indicates the amount of information provided by a context object. It is the ratio between the number of available attributes and the total attributes of a context object, in this case, a sensor. The calculation takes into account the available attributes and weight of each attribute, as shown below:
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
580
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
Whereas context attributes (information from a sensor) can have different weights, the parameter completeness is the sum of weights of the available attributes divided by the sum of weights of all attributes of the sensor. In this case study, the temperature and pulse sensors have only one attribute. The sensor that measures pressure, in turn, has two attributes: value of diastolic and systolic pressure, which in this study will have the same weight. In the literature it is not clear what an available attribute is. This study considered an attribute as available if a measured value is within the prescribed lifetime in the calculation of the parameter Up-to-dateness. Significance (S): This QoC parameter was proposed by Manzoor et al. (2008) and is related to the importance of context information, especially in emergencies, health issues, etc. For the calculation of S, it is taken into account the critical value (CV) and the maximum critical value (CVmax):
Therefore, it is understood that the information with more significance will have value of S=1, and will decrease for other information. Approach to using the parameter Significance Considering that the present case study deals with health monitoring, the parameter Significance is proposed to be used for alerting towards situations that require more attention. The parameter Coverage indicates whether the value is in a valid range. But values can be critical. For instance, if temperature is 39, the patient has a fever. The same happens to unexpected values of pressure and pulse. Thus, the implementation shows: S=1 when the values are valid, but not expected; S=0 for other values within the range considered normal; Overall QoC Value According to Yasar, Paridel, Preuveneers and Berbers (2011), an overall quality value can be calculated taking into account the QoC parameters of a given weight for each parameter. These weights need to be defined and this value is calculated for each sensor or context source. Considering the parameters assessed in this study, it can be established that:
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
581
Considering equal weights, the illustration is as follows:
It is observed that in this approach proposed by Yasar et al. (2011), the fact that the information is less significant (less priority) makes the sensor QoC value decrease. This author also uses the parameter Priority, similar to that of Significance. Proposed calculation of QoC: In this case study, the calculation of QoC was made for each sensor, and took into account the parameters Up-to-dateness (U), Coverage (C), Precision (P) and Completeness (Cm), with equal weights (which can be revised):
The parameter Significance (S) is available as additional QoC information. If the value is 1, priority is given to evaluating the information, and when it is 0 it can be said that there is no reason for concern, and it will not decrease the QoC value. It serves only to alert to certain situations, when necessary. This is a point where the present study differs from the approach proposed by Yasar et al. (2011). 6.5. Results As a result of the implementation, the graphic displayed below shows the simulation with real-time QoC and context information, as illustrated in Figure 4.
Figure 4. QoC and Context Information during Simulation
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
582
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
Each unit of context information for Diastolic Pressure, Systolic Pressure, Pulse and Temperature includes: actual values (Ac), read values (R), calculated precision (P) and age (A). Subsequently, QoC information includes: Up dating (U), Coverage (C), Precision (P), Completeness (Cm), Significance (S) and the overall QoC value (QoC). In addition to the graphic display, a history of information recorded at every instant of time is shown below in Table 1, for time (T). Table 1. Output data of the simulation T
Tp
Ac
R
LR
U
C
P
Cm
S
QoC
56
T
37.5
-
34.5
0
1
0.93
0
1
0.48
57
T
37.6
36.6
36.6
1
1
0.97
1
0
0.99
101
T
38.7
37.9
37,9
1
1
0.98
1
1
0.99
105
P
120
104
104
1
1
0.87
1
0
0,97
138
DP
90
86
86
1
1
0.95
1
0
0.99
138
SP
136
129
129
1
1
0.95
1
0
0.99
150
DP
76
48
48
1
0
0.63
1
0
0.66
150
SP
114
72
72
1
0
0.63
1
0
0.66
The column type (TP) includes Temperature (T), Diastolic Pressure (DP), Systolic Pressure (SP) and Pulse (P). The column LR is the last read value, and the remaining columns follow the same nomenclature of Figure 4. Several tests can be performed with the output data of the simulation. Table 1 illustrates some situations. The first line shows that at time 56 the temperature has low QoC. There is a big difference between the last reading and the true value, moreover the information is outdated. Next, time 57 shows a good QoC, the reading has been updated, the values are valid and accurate, and S equals zero indicating that the values are within the expected range. At time 101, S changed to 1, indicating that the temperature is higher than expected; QoC remained adequate but it is a situation that deserves attention. Time 105 illustrates the pulse reading, with good QoC. The subsequent times concern pressure readings. At time 138, the QoC value is appropriate as well as other parameters, with S equaling zero, indicating that the values are in line with the expectations. At time 150, in turn, the QoC value is low, and so is the precision value, and the value of C is zero (outside the expected value range). These values indicate a possible problem with the pressure gauge. It is worth noting that multiple values described in the QoC assessment can be configured as: information lifetime (in U), upper and lower limits (in C), weights of attributes (in Cm), critical limits (in S), and weights of the parameters in the QoC calculation. In short, it can be said that the sensor QoC information represents the extent to which the information provided is: • Up-to-date – as from Up-to-dateness (U); • Valid – Coverage (C); • Accurate – Precision (P); • Complete – Completeness (Cm); JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
583
• Significant – Significance (S); • In addition to its general QoC value, which uses U, C, P and Cm. 6.6. QoC Evaluator The overall QoC value quantified should indicate whether the quality of the information obtained is adequate. In this case, context is used, providing a more precise adaptation. When a quality problem is detected, that is, when the QoC value is not appropriate, it is expected that the set of parameters used will enable an analysis towards identification of the problem by means of the QoC Evaluator module. For example: • If the values are outside the expected range (the parameter Coverage) and/or are not accurate (the parameter Precision), possibly there is a problem with the sensor; • Sensors with different QoC values indicate the existence of inconsistencies that need to be addressed; • Unavailable (the parameter Completeness) or outdated (the parameter Up dating) information may indicate a problem in the communication network; • The parameter Significance can help raise alerts in situations that pose risks to the user, when the information from the health monitoring provides values that may indicate a health problem; It is expected that the ontology in the QoC Evaluator module can help identify QoC problems by means of context information values, QoC parameters, and rules created in the ontology, in addition to integration with other ontologies such as those related to health. 6.7. Security Policy After the QoC assessment in the step of context processing, the security policies adopted are verified prior to the context and QoC distribution to context consumers. This study will not cover this topic, which will be saved for future work. 7. RELATED WORKS Some studies found in the literature are cited in Table 2, involving scenarios related to Health, Smart Home, Simulation and QoC use. The assessment proposed by the present study is different from the studies cited in what concerns the set of QoC parameters used and how some of the parameters were quantified, for instance: Coverage, Precision and Significance, as well as the calculation of the overall QoC value of the context source. The implementation of this proposal in an Ambient Assisted Living (AAL) scenario with health monitoring through sensors of heartbeat, blood pressure and body temperature demonstrates how this approach can support situations involving risk of life for sick or elderly people, or with some disability.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
584
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
There was a concern to demonstrate, in a didactic manner, the use of QoC and its parameters, considering that most of the studies under consideration did not apply or did not clearly detail this use. Table 2: Related works Smart Home
Reference M. C. Huebscher and J. A. McCann, (Huebscher & McCann, 2004)
Description
Note
The study defines some QoC QoC is not the focus parameters, and illustrates of the study; this with a smart home scenario;
E. Kim and J. Choi, Presents a context model This model does not (E. Kim & Choi, based on ontology in a comprise QoC; 2006) ubiquitous computing environment, in the domain of a home;
Health
J. Park, M. Moon, S. Hwang, and K. Yeom, (Park, Moon, Hwang, & Yeom, 2007)
Presents a context-sensitive Does not use QoC; simulation system called CASS which generates the context information associated with virtual sensors and virtual devices in a smart home domain;
N. Brgulja, R. Kusber, K. David, and M. Baumgarten, (Brgulja et al., 2009)
Applies the method CPM Simulates a smart (Context Pattern Method) to home environment calculate the probability of with Siafu; correctness (QoC dimension);
I. Roussaki, N. Liampotis, N. Kalatzis, K. Frank, and P. Hayden, (Roussaki et al., 2009)
Uses the captured context Does not provide for personalized service of a details for QoC; smart home environment;
M. A. Hossain, A. A. N. Shirehjini, A. S. Alghamdi, and A. Saddik, (Hossain et al., 2012)
Proposes a novel interaction Simulates a smart mechanism that considers home environment; quality of context information in order to dynamically adjust the level of implicit interaction in the context of an ambient multimedia system;
H. Hegering and C. Linnhoff-Popien, (Hegering & Linnhoff-Popien, 2003)
Introduces the application Suggests QoC scenario Medical Advice further research; and Emergency System, focusing on challenges;
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
as
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
GPS
585
I. Widya, B. Beijnum, and A. Salden, (Widya et al., 2006)
Develops a QoC algebraic model with dimensions of newness, availability and cost, and illustrates with a mobile healthcare service;
K. Sheikh, M. Wegdam, and M. Van Sinderen, (Sheikh et al., 2008)
Describes the quantification Does not of some QoC parameters ontology; and proposes a framework with privacy policies based on QoC applied to a health telemonitoring scenario;
H. M. P. Teixeira, C. C. da Rocha, J. L. Todesco, M. A. R. Dantas, and M. A. Bauer, (Teixeira, Rocha, Todesco, Dantas, & Bauer, 2009)
Describes the use of Does not use QoC; ontology techniques and semantic cache for a mobile emergency medical assistance system;
J. McNaull, J. C. Augusto, M. Mulvenna, and P. McCullagh, (McNaull et al., 2012)
Develops a conceptual It is only a model of AAL system layers conceptual model; and an example of AAL system architecture, discussing the importance of QoC in this domain;
N. Roy, S. K. Das, and C. Julien, (Roy et al., 2012)
Presents a framework to Uses support ambiguous context sensors; based on dynamic Bayesian networks; uses the QoC parameter accuracy, and addresses health care;
C. Silva and M. A. R. Dantas, (Silva & Dantas, 2013)
Proposes an approach that Does not eliminates redundancies and ontology; inconsistencies based on the QoC policy adopted, assessing accuracy, distance and time. GPS devices are used, and reduction of battery consumption is verified;
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
This model does not use ontology, and offers no details on its implementation;
www.jistem.fea.usp.br
use
sunspot
use
586
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
8. CONCLUSIONS AND FURTHER RESEARCH
The initial contribution of this study was to present a literature review of QoC in an attempt to identify taxonomies, and contribute to future research on this topic. This study stands out for its approach to evaluating QoC information used in a ubiquitous assisted environment, supporting the care of people with special needs (the elderly or people with health problems), thus improving their quality of life. In order to conduct the proposed case study, the simulator Siafu was used, since it provides tools for obtaining the necessary context information, and allows the implementation of the proposed QoC assessment in an AAL scenario. Whereas life expectancy has been increasing, the population has been aging. For that reason, AAL systems can provide not only a more effective adaptation by increasing user satisfaction, but also support and care for elderly or disabled people, improving their well-being and quality of life. Thus, it is believed that the implementation of this proposal might make a big social impact and a technological innovation applied to AAL, at the disposal and support of a significant number of people such as elderly or sick people, and with a more precise technology. The primary limitation of this research is the use of a simulation to obtain the data, instead of using a real scenario. However, after conducting the case study described, with the Siafu simulator, the research will proceed with the use of the eHealth Sensor Platform (Cooking-hacks, 2014). The application will thus use a realworld scenario with data collected from users through the e-Health Sensor Platform. The e-Health Sensor Shield V2.0 allows Arduino and Raspberry Pi users to perform biometric and medical applications where body monitoring is needed by using 10 different sensors: pulse, oxygen in blood (SPO2), airflow (breathing), body temperature, electrocardiogram (ECG), glucometer, galvanic skin response (GSR sweating), blood pressure (sphygmomanometer), patient position (accelerometer) and muscle/electromyography sensor (EMG) (Cooking-hacks, 2014). In future works, we also intend to include environment sensors and mobile devices, evaluate other QoC parameters, and use ontology in the development of the QoC Evaluator module in order to identify potential QoC problems. ACKNOWLEDGMENTS This research was funded by the program FUMDES (Support Funding for Maintenance and Development of Higher Education).
REFERENCES Becker, S., Blessing, A., Dürr, F., Geiger, L., Großmann, M., Gutscher, A., … Rothermel, K. (2010). Reference Model for the Quality of Context Information (p. 128).
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
587
Bellavista, P., Corradi, A., Fanelli, M., & Foschini, L. (2012). A Survey of Context Data Distribution for Mobile Ubiquitous Systems. ACM Computing Surveys, 44(4), 1– 45. Bettini, C., Brdiczka, O., Henricksen, K., Indulska, J., Nicklas, D., Ranganathan, A., & Riboni, D. (2010). A survey of context modelling and reasoning techniques. Pervasive and Mobile Computing, 6(2), 161–180. Brgulja, N., Kusber, R., David, K., & Baumgarten, M. (2009). Measuring the Probability of Correctness of Contextual Information in Context Aware Systems. In Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing (pp. 246–253). IEEE. Buchholz, T., Küpper, A., & Schiffers, M. (2003). Quality of Context : What It Is And Why We Need It. In 10th International Workshop of the HP OpenView University Association(HPOVUA) (pp. 1–14). Cardinaux, F., Bhowmik, D., Abhayaratne, C., & Hawley, M. S. (2011). Video based technology for ambient assisted living: A review of the literature. Journal of Ambient Intelligence and Smart Environments, 3(3), 253–269. R Chabridon, S., Abid, Z., & Taconet, C. (2011). A Model-driven Approach for the QoC-Awareness of Ubiquitous Applications. In 5th International Symposium on Ubiquitous Computing and Ambient Intelligence (UCAmI 2011) (pp. 1–8). Riviera Maya, Mexico. Chen, G., & Kotz, D. (2000). A survey of context-aware mobile computing research (pp. 1–16). Hanover, NH, USA. Cooking-hacks. (2014). e-Health Sensor Platform V2.0 for Arduino and Raspberry Pi [Biometric / Medical Applications]. Retrieved from http://www.cookinghacks.com/documentation/tutorials/ehealth-biometric-sensor-platform-arduinoraspberry-pi-medical Corradi, A., Fanelli, M., & Foschini, L. (2010). Adaptive context data distribution with guaranteed quality for mobile environments. In IEEE 5th International Symposium on Wireless Pervasive Computing (pp. 373–380). Ieee. Dey, A. K. (2000). Providing Architectural Support for Building Context-Aware Applications. Georgia Institute of Technology. Europe, N. (2007). Siafu: An Open Source Context Simulator. Retrieved from http://siafusimulator.org/ Filho, J. B., & Martin, H. (2008). QACBAC : An owner-centric QoC-Aware ContextBased Access Control Model for Pervasive Environments. In SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS (pp. 30–38). Filho, J. B., Miron, A. D., Satoh, I., Gensel, J., & Martin, H. (2010). Modeling and Measuring Quality of Context Information in Pervasive Environments. In 24th IEEE International Conference on Advanced Information Networking and Applications (pp. 690–697). Ieee.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
588
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
Giaffreda, R., & Barria, J. (2007). Service Delivery in Collaborative Context-Aware Environments Using Fuzzy Logic. In IEEE International Conference on Communications (pp. 2045–2049). Ieee. Gray, P. D., & Salber, D. (2001). Modelling and using sensed context information in the design of interactive applications. Engineering for Human-Computer Interaction, 2254(1), 317–335. Grossmann, M. (2009). An abstract processing model for the quality of context data. Quality of Context: Lecture Notes in Computer Science, 5786, 132–143. Hegering, H., & Linnhoff-Popien, C. (2003). Management challenges of context-aware services in ubiquitous environments. Self-Managing Distributed Systems: Lecture Notes in Computer Science, 2867, 321–339. Henricksen, K., Indulska, J., & Rakotonirainy, A. (2002). Modeling context information in pervasive computing systems. Pervasive Computing: Lecture Notes in Computer Science, 2414, 79–117. Hossain, M. A., Shirehjini, A. A. N., Alghamdi, A. S., & Saddik, A. (2012). Adaptive interaction support in ambient-aware environments based on quality of context information. In Multimedia Tools and Applications (pp. 1–24). Huebscher, M. C., & McCann, J. A. (2004). Adaptive middleware for context-aware applications in smart-homes. In Workshop on Middleware for Pervasive and Ad-Hoc Computing (pp. 111–116). Toronto, Canada: ACM. Kim, E., & Choi, J. (2006). An ontology-based context model in a smart home. Computational Science and Its Applications-ICCSA: LNCS, 3983, 11–20. Kim, Y., & Lee, K. (2006). A Quality Measurement Method of Context Information in Ubiquitous Environments. In International Conference on Hybrid Information Technology (pp. 576–581). IEEE. Knappmeyer, M., Kiani, S. L., Reetz, E. S., Baker, N., & Tonjes, R. (2013). Survey of Context Provisioning Middleware. IEEE Communications Surveys & Tutorials, 1–28. Loureiro, A. A. F., Augusto, R., Oliveira, R., Moura, R. De, Silva, B., Ribeiro, W., … Siqueira, R. G. (2009). Context-Awareness in Ubiquitous Computing: Challenges and Trends. In 27th Brazilian Symposium on Computer Networks and Distributed Systems (pp. 99–149). Manzoor, A., Truong, H., & Dustdar, S. (2008). On the Evaluation of Quality of Context. In 3rd European Conference on Smart Sensing and Context (pp. 140–153). Manzoor, A., Truong, H., & Dustdar, S. (2010). Quality of Context : Models and Applications for Context-aware Systems in Pervasive Environments. In Knowledge Engineering Review Special Issue on Web and Mobile Information Services (Vol. 00, pp. 1–15). Manzoor, A., Truong, H.-L., Dorn, C., & Dustdar, S. (2010). Service-centric Inference and Utilization of Confidence on Context. In IEEE Asia-Pacific Services Computing Conference (pp. 11–18). Ieee.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
Context management: toward assessing quality of context parameters in a ubiquitous ambient assisted living environment
589
Martin, M., & Nurmi, P. (2006). A Generic Large Scale Simulator for Ubiquitous Computing. In 2006 3rd Annual International Conference on Mobile and Ubiquitous Systems - Workshops (pp. 1–3). Ieee. McNaull, J., Augusto, J. C., Mulvenna, M., & McCullagh, P. (2012). Data and Information Quality Issues in Ambient Assisted Living Systems. Journal of Data and Information Quality, 4(1), 1–15. Nazário, D. C., Dantas, M. A. R., & Todesco, J. L. (2012). Taxonomy of publications on Quality of Context. Sustainable Business International Journal, 20, 1–28. Neisse, R., Wegdam, M., & Sinderen, M. Van. (2008). Trustworthiness and Quality of Context Information. In 9th International Conference for Young Computer Scientists (pp. 1925–1931). Ieee. Park, J., Moon, M., Hwang, S., & Yeom, K. (2007). CASS: A Context-Aware Simulation System for Smart Home. In 5th ACIS International Conference on Software Engineering Research, Management & Applications (SERA 2007) (pp. 461– 467). Ieee. Roussaki, I., Liampotis, N., Kalatzis, N., Frank, K., & Hayden, P. (2009). How to make Personal Smart Spaces Context-aware. In PERSIST Workshop on Intelligent Pervasive Environments (pp. 26–32). Roy, N., Das, S. K., & Julien, C. (2012). Resource-Optimized Quality-Assured Ambiguous Context Mediation Framework in Pervasive Environments. IEEE Transactions on Mobile Computing, 11(2), 218–229. Santos, V. V. dos. (2008). CEManTIKA: A Domain-Independent Framework for Designing Context-Sensitive Systems. Universidade Federal de Pernambuco. Sheikh, K., Wegdam, M., & Sinderen, M. Van. (2008). Quality-of-Context and its use for Protecting Privacy in Context Aware Systems. Journal of Software, 3(3), 83–93. Silva, C., & Dantas, M. A. R. (2013). A context-aware approach on semantic trajectories. In The 25th International Conference on Software Engineering and Knowledge Engineering (pp. 435–440). Boston - USA. Tang, S., Yang, J., & Wu, Z. (2007). A Context Quality Model for Ubiquitous Applications. In 2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007) (pp. 282–287). Ieee. Teixeira, H. M. P., Rocha, C. C. da, Todesco, J. L., Dantas, M. A. R., & Bauer, M. A. (2009). Toward Developing Knowledge Representation in Emergency Medical Assistance through a Ontology-based Semantic Cache Model. In International Conference on Software Engineering & Knowledge Engineering (SEKE) (pp. 592– 596). Boston, Massachusetts. Toninelli, A., & Corradi, A. (2009). A Quality of Context-Aware Approach to Access Control in Pervasive Environments. MobileWireless Middleware, Operating Systems, and Applications: LNCS, 7, 236–251. Van den Broek, G., Cavallo, F., & Wehrmann, C. (2010). AALIANCE ambient assisted living roadmap. Ios Press. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
590
Nazario, D. C., Dantas, M. A. R., Todesco, J. L.
Widya, I., Beijnum, B., & Salden, A. (2006). QoC-based Optimization of End-to-End M-Health Data Delivery Services. In 14th IEEE International Workshop on Quality of Service (pp. 252–260). Ieee. Xu, C., Ma, X., & Cao, C. (2012). Minimizing the Side Effect of Context Inconsistency Resolution for Ubiquitous Computing. Mobile and Ubiquitous Systems: Computing, Networking and Services, 104, 285–297. Yasar, A.-U.-H., Paridel, K., Preuveneers, D., & Berbers, Y. (2011). When efficiency matters: Towards quality of context-aware peers for adaptive communication in VANETs. In IEEE Intelligent Vehicles Symposium (IV) (pp. 1006–1012). Ieee. Zheng, D., Wang, J., & Ben, K. (2012). Agent Based Quality Management Middleware for Context-Aware Pervasive Applications. Advances in Grid and Pervasive Computing, 7296(61100041), 221–230. Zimmer, T. (2006). Qoc: Quality of context-improving the performance of contextaware applications. Advances in Pervasive Computing, 207, 7–10.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 569-590
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300005
PROPOSITION OF AN ALUMNI PORTAL BASED ON BENCHMARKING AND INNOVATIVE PROCESS PROPOSIÇÃO DE UM PORTAL DE EGRESSO (ALUMNI) BASEADO EM BENCHMARKING E PROCESSO INOVADOR Gislaine Cristina dos Santos Teixeira Emerson Antonio Maccari UNINOVE - Nove de Julho University, São Paulo, SP, Brazil ___________________________________________________________________________________________
ABSTRACT A common concern in institutions of higher education is to keep its former students involved with academic activities. It is a consensus that one of the most valuable assets of universities is their alumni, given that their accomplishments ensure more exposure for the university. In recent years, universities have encouraged a movement toward the establishment of alumni associations, as they provide networking opportunities and contact between the university and the alumni or among the alumni. An association that seeks membership and participation of its alumni should invest in the development of an attractive portal. In this sense, this research aims to analyze the portal of alumni associations of well-ranked universities, using a benchmarking process and a creative technique called SCAMPER. We also present a portal prototype that meets the current needs of the market. Keywords: Alumni, Alumni Association, Benchmarking, SCAMPER
RESUMO Uma preocupação comum em Instituições de Ensino Superior (IES) é manter o aluno formado ligado às atividades acadêmicas, pois é consenso que um dos ativos mais valiosos das universidades é o seu egresso (alumni), já que suas ações práticas garantem mais visibilidade à universidade. Nos últimos anos, percebe-se um movimento das IES no sentido de incentivar a criação de associações de alumni, pois elas propiciam oportunidades de networking e manutenção do contato entre IES e alumni ou alumni entre si. Uma associação que busque adesão e participação de seus alumni deve investir no desenvolvimento de portal atrativo, contemplando informações que despertem o interesse do público-alvo. Esta pesquisa se propõe a ___________________________________________________________________________________________ Manuscript first received/Recebido em: 15/01/2014 Manuscript accepted/Aprovado em: 30/06/2014 * Fast Track – 11th CONTECSI International Conference on Information Systems and Technology Management Address for correspondence / Endereço para correspondência
Gislaine Cristina dos Santos Teixeira, Mestranda do Programa de Mestrado Profissional em Administração - Gestão de Projetos da Universidade Nove de Julho - UNINOVE Emerson Antonio Maccari, Doutor em Administração pela Universidade de São Paulo - FEA/USP. Diretor do Programa de Pós-Graduação em Administração - PPGA da Universidade Nove de Julho UNINOVE. Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
592
Teixeira, G., Maccari, E.
analisar o portal de associações de alumni de universidades bem avaliadas, por meio de benchmarking e de um processo inovador denominado SCAMPER. Ao final, apresenta-se a um protótipo de portal de egresso que atenda as atuais necessidades do mercado. Palavras-chave: Egresso, Associação de Egressos, Alumni, Benchmarking, SCAMPER
1. INTRODUCTION Globalization and advances in information technology have transformed the traditional business models in networks of relationships, so much so that the way people think and relate to one another is currently affected by the creative use of the media and information provision. Technology plays an important role by providing opportunities to develop resources and networking services that benefit both the company and its stakeholders (Kandampully, 2003). In addition, the new technology of the Internet offers innovative and effective ways to connect customers and companies, creating new sources of strategic positioning (Hax & Wilde II, 2002). Primo (1997) states that the Internet revolutionized human communication as it allows the interactive exchange of information, synchronous or asynchronous, without physical proximity. The author also highlights that virtual communities, created by the technological society, are based on intellectual proximity and favor relationships, approaching people with common interests, and allow data sharing, regardless of geographical position, physical contact or time. Among other purposes, virtual communities are used for entertainment, business, and education. Examples of the use of these communities include corporate portals, libraries, teaching/learning portals, alumni associations, among others. This type of virtual space allows people to extend contact beyond physical proximity or ordinary time. In terms of promoting extended contact in the educational field, a common concern is to keep alumni connected to their educational institutions, given that it is a consensus that the alumni are some of the most valuable assets of universities. The effective contribution of education to the society is observed based on the alumni’s experiences during the university course, proving the university name. Chia, Jonesa, and Grandhama (2012) state that alumni are people who represent the university in the real world. Alumnus, plural alumni, is the term used to designate a graduated student (former student) of a university. The term originates from the Latin verb “alere”, which means to nurture, develop and maintain (Wikipedia, 2013). For Barnard (2007), a grouping of alumni has great potential to contribute financially, socially and strategically to enhance credibility of an educational institution that aspires to thrive in a rapidly changing and competitive market. The author adds that an integrated network of relationships could give the institution the opportunity to create a win-win situation. In the United States and Europe, the culture of maintaining a link between alumni and educational institutions is stronger, but in Brazil, only in recent years, there has been a movement for the creation of alumni associations. This movement is more evident in some Brazilian business schools, which, with this kind of association, seek to consolidate the relationship between alumni and the educational institution. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
Proposition of an Alumni Portal Based on benchmarking and innovative process
593
However, the lack of updated data of alumni hinders the effective development of an alumni association. Existing associations are thinking of ways to increase the rapprochement with the alumni, such as the creation of specific areas to favor the relationship with the alumni, in order to transcend the mere dissemination of employment opportunities (Arcoverde, 2013). Cunha et al. (2007) state that the alumni show no interest in keeping their data up-to-date even on the Lattes platform (database of résumés, research groups and institutions maintained by the Conselho Nacional de Desenvolvimento Científico e Tecnológico – CNPq – in Brazil), which gathers data from Brazilian researchers. The authors also emphasize that there is a clear lack of communication between the alumnus and the advisor and with the program/course as a whole. The lack of data updating can be tied to disinterest or ignorance of the alumnus about the potential of an alumni association to promote a professional network, academic and even personal relationships. One of the ways to consolidate the relationship between alumni and educational institutions is to create a virtual and interactive portal to provide useful information to the alumni to help extend the contact between the alumni and the university to beyond the period of course completion, regardless of geographic location or time. For an educational institution that aims to create an alumni association and deploy an online attractive portal, it is important to analyze how the best Brazilian educational institutions ranked by the Coordenação de Aperfeiçoamento de Pessoal de Nível Superior [CAPES], and international ones, classified in rankings, create their portals. For Porter (1996), companies have to compare themselves with rivals to obtain greater efficiency and continuously evolve; therefore, the development of a portal based on benchmarking has a greater chance of success. More important than creating something completely new or seeking an unprecedented response to common problems is to create new possibilities or solutions using different sets of knowledge that may result from experiences or from search processes (Tidd, Bessant, & Pavitt, 2008). In this sense, creative and innovative processes can favor the creation of an attractive portal for the alumni that allows them to keep contact with the university and their colleagues. Considering the difficulties related to the relationship between the alumni and universities and the variety of features that can aggregate or pollute an online portal of an alumni association, it is necessary to plan the project properly in order to obtain better results. Thus, this study seeks to answer the following question: analyzing the online portals of alumni of high-ranking associations, what characteristics should be considered to create a new attractive portal? In order to minimize the efforts spent in developing a portal of an alumni association, we propose to study the composition of online portals of alumni associations of high-ranking business schools in Brazil and in the world. We also propose, based on the creative technique called SCAMPER, a prototype portal of an alumni association that encourages the construction of a network of relationships among alumni and institutions of higher education. It is expected that the literature review serve as a basis for the planning and proposal of an online portal of an alumni association, contributing to academic reflections on this subject and, in practical terms, collaborating with educational projects benefiting the alumni and educational institutions. The methodology used in
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
594
Teixeira, G., Maccari, E.
this study involves qualitative research based on a literature review and a proposal of plans to solve organizational problems that have been diagnosed. In addition to this section, this article includes other four sections, namely bibliographical review about alumni associations, social networks and innovative processes, methodology, analysis of the results with a proposal for a portal and the conclusion. 2. BIBLIOGRAPHICAL REVIEW According to Teixeira, Maccari and Kniess (2012), in the scientific literature, studies related to educational projects focus on aspects that transcend administrative operations, such as training and teaching practices, program quality, social inclusion, legal regulation models, among others, with no reference in the specific literature for smaller projects that emerge from the difficulties of everyday operations. In this sense, the theoretical framework of this study is focused on alumni associations, social networks and innovative processes with emphasis on the creative technique SCAMPER. 2.1.
ALUMNI ASSOCIATIONS AND SOCIAL NETWORKS
For the Council for Advancement and Support of Education (2005), the relationship programs for the alumni and educational institutions aim to build and strengthen long-term relationships and facilitate communication between both. For the institution, the alumnus is a representative who helps preserve its history and traditions, ensuring the future of the organization. The council also posits some principles that could help the professionals that work closely with alumni to strengthen ties: I. Provide a wide range of communication devices, including electronic mail. II. Involve all the institution staff in the engagement of students. III. Ensure that the mission, objective and programs of the alumni association are consistent with the objectives of the educational institution. IV. Inform students and alumni about the institutional mission, objectives and programs of the association. V. Obtain feedback from alumni to align services with existing and emerging needs. Involve them to think of ideas and have opinions in any planning process to define or modify the mission of the association. VI. Ensure that the personal data provided by the alumni are treated professionally and confidentially. VII. Encourage the alumni to support and participate in programs, services and events of the association.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
Proposition of an Alumni Portal Based on benchmarking and innovative process
595
Also about the role of this type of professional, Brant and Regan (2002) state that they are in the connections business and through these connections they promote the advancement of the institution, but it is often difficult to measure the impact of the work, requiring additional effort to asses and quantify the points of contact with the alumni. The authors add that benchmarking, regarding the alumni relationships and universities, has historically been difficult, since this type of program reflects unique histories, cultures, customs, structures and environments of their campuses in a way that every institution seems to want to introduce something different. There is a great potential to raise funds from the alumni, in addition to the large capacity to build a network of knowledge that can be shared, providing lifelong learning, making a difference in the way the institution is perceived by potential external and internal clients, and even by competitors. Therefore, it is vital for an educational institution to establish and maintain a good relationship with its students and alumni by involving them in the decision-making process and building a relationship network, contributing to the global advancement of the institution. However, this requires the establishment of an open and direct channel of communication with students to ensure that relevant information can be continuously disseminated (Barnard, 2007). Studies on alumni associations show that there are several challenges related to their implementation, success or even interest in this type of organization. For Barnard (2007), keeping valuable relationships with the alumni is a challenge, but the dissemination of information on online portals of alumni associations is even more challenging, because it is necessary to provide information generic enough to be understood and customized enough to generate interest in the target audience. Newman and Petrosko (2011) clarify that there are few published studies on the registering of alumni to associations, most research in this area examines indicators related to donations. The authors have determined that the experiences the students undergo after graduation have an impact on the motivation to become a member of the association and, therefore, the work of professionals of these associations can help improve the alumniâ&#x20AC;&#x2122;s perceptions, reflecting on the increase in the number of members. The results indicate that the alumni more likely to become members of the association are those who: (a) were donors, (b) had a phone number stored in the files, (c) are relatively older, (d) had positive experiences while students, (e) have a positive perception of the alumni association, (f) were more often involved with the university and (g) were acquainted with other members of the association. For Chia et al. (2012), a major challenge to promote the relationship between alumni and universities is to improve mentoring between the alumni and current students. For the authors, incorporating social network features and data mining to the alumni system can favor the orientation. According to Brant and Regan (2002), there are two stages to be followed by associations to increase alumni commitment: I.
Strive to know the alumnus or increase the knowledge about him/her by obtaining a comprehensive profile involving their names, addresses, telephone numbers and e-mails.
II.
Learn how the alumni are involved with the institution. The commitment can take many forms such as the use of e-mails to keep in contact with the institution, participation in annual events, credit cards, volunteering or traveling programs. An aggressive way to promote the interaction would be the
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
596
Teixeira, G., Maccari, E.
hosting of events and services through the site, the release of regional bulletins or the cross-promotion of events. Still about the dissemination of information, Barnard (2007) highlights that we should be concerned with the message content and with the channel used to disseminate it to reach the audience. Amidst the various challenges listed, there are other concerns related to the operation of an online portal and especially how this portal should be designed to become attractive enough to draw interest when compared with many other social media to which, possibly, the alumnus is already linked. Chia et al. (2012) claim that social networks are a powerful tool for people to meet and interact based on common interests and also that data mining can be used to understand the social interactions in order to increase the effectiveness of the services provided. The activity of a social network can be described as the act of sharing business or social relationships with the purpose of exploring the needs, interests or common goals. Relationship networks have been facilitated by the development of technology in a way that people can interact with each other, sharing ideas, discussing their personal or professional lives, without the need of traveling. According to Chia et al. (2012), data from alumni networks can be used to enhance mentoring programs, to develop online networking and above all, they could be key components of maintaining students and strengthening university programs. The authors clarify that initially alumni networks emerged as regional groups to raise funds, however, they gained importance for their potential to promote the name of the university, which benefits the career of all the alumni as well as current students. In recent years, the development of the Internet and social networks have led the alumni associations to undergo major changes. The existing systems are usually developed to facilitate networking between students and their institutions of higher education, but students, for many reasons, do not use most of the current systems significantly, for example: the systems are static, they provide information only about the university through one-way communication, and they have little room for future activities and interaction between the members. In addition, traditionally, these systems are only available for the alumni and do not identify the current students or professors as potential users. Therefore, it is important for universities to find modern ways to develop networks for their alumni, in order to increase the interactions between the various categories of people associated with the university. The authors propose separated fields for general, personal and professional information and interaction (Chia et al., 2012). The little use of existing systems require reorganization or re-engineering of the existing alumni portals. Innovation is necessary in light of new demands, otherwise this important relationship tool will run the risk of becoming useless. 2.2.
INNOVATIVE PROCESSES AND CREATIVE TECHNIQUES
The concept of innovation is in continuous evolution and can take different forms, depending on their dimensions, frequency, processing and outputs. Many studies on the subject have been developed and, currently, the criteria to classify
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
Proposition of an Alumni Portal Based on benchmarking and innovative process
597
innovation and environments to ensure the development of innovation are increasingly clear (Cagnazzo, Taticchi, & Botarelli, 2008). For Tidd et al. (2008), Joseph Schumpeter is considered the creator of the subject. He describes innovation and creative destruction associated with the theory of economic innovation. However, for this research, the most suitable line of thought is described by the authors as incremental innovation, because although innovation sometimes involves a discontinuous change starting from something completely new, most of the time the products are not new to the world and innovation can be understood as creating new possibilities through the combination of different sets of knowledge in response to an articulated or latent need. The knowledge can be previously based on own experiences or result from the search process of technology, market or competitorsâ&#x20AC;&#x2122; actions. According to Khandwalla (2006), one must keep in mind the principles of creativity to be innovative. In addition, it is necessary to consider three common features in most innovations: they are performed amidst uncertainties, they have economic implications and a political dimension that makes the management of innovations a challenge. The challenge can be minimized using management tools and an organizational design that allows a continuous flow of innovations at all levels and functions. The author adds that creativity does not necessarily originate within the organization, often the idea comes from an external environment. This study introduces 16 management tools to stimulate innovation and, among the tools designed to stimulate intelligence enhancement are: creative research, creative experiences, creative benchmarking and reverse brainstorming. Two of these techniques are especially considered in this research. I.
Creative research: it refers to studies that request information that is rarely collected and the data is used in an innovative way.
II.
Creative benchmarking: it seeks a standard of excellence, even though the standards come from an external environment. The data produced is used to reflect on new ways to fill gaps.
Corroborating the subject, Hidalgo and Albors (2008) highlight that innovation does not mean using cutting-edge technology; on the contrary, it is more a way of thinking and finding creative solutions within the company instead of it being a matter of technology. The authors present several techniques of management innovations, among the techniques available on the market, the study selected those that meet the following parameters: systematic and standardized methods that have an application; methods aimed at improving competitiveness of enterprises having knowledge as the greatest benefit; methods that have free access. SCAMPER and benchmarking are among the cited techniques that develop creativity and improve processes. Such techniques and methods support the innovation process, helping companies to meet the new challenges of the market. Still on this subject, Santos (2012, p. 2) highlights that it is important to use creative processes to stimulate the production of ideas, to produce new combinations, to obtain unexpected, original and useful answers and, thus, to generate innovation for information systems and the way they are used. Creativity techniques aim to help change the mental state of the people and stimulate their creativity, helping in the generation of ideas for the reformulation of problems. Among the various techniques, the author highlights the focus techniques, that is, those that help focus on the issues, avoiding the dispersion caused by random techniques. Examples of these techniques include SCAMPER, Ideabox, Phoenix. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
598
Teixeira, G., Maccari, E.
According to Michalko (2006), SCAMPER is a checklist of ideas stimulated by issues. The first issues were suggested by Alex Osborn, professor of creativity, and later transformed into mnemonics by Bob Eberle: S – Substitute something C – Combine with something else A – Adapt something M – Modify or magnify P – Put to other uses E – Eliminate something R – Rearrange or revert something According to Serrat (2010), the SCAMPER technique uses a set of directed questions to solve a problem (or find an opportunity). The aim is to generate creative ideas to specific problems or indicate creative ways to improve a current process or procedure. The technique is also recognized as a learning tool that promotes awareness, unity, fluency, flexibility and originality. Stimulation arises from questions that would not be normally formulated and answered otherwise. Santos (2012) adds that the SCAMPER technique is particularly suitable to examine the possible transformations to be applied to a product or process and, perceive the problem from different perspectives, enabling approaches of the “outside-the-box” thought. The use of the SCAMPER technique to redefine a process or product is made from a checklist of questions, exemplified in Figure 1: Figure 1: Examples of questions in the checklist of the SCAMPER technique Transformations
Typical Questions What can I replace to improve? S – Substitute What happens if I change X to Y? How can I replace the place, time, materials or people? What materials, features, processes, people, products or components can we C – Combine combine within the problem area? Where can I create synergy with other products/processes or areas? What other products/processes are similar to our problem? A – Adapt What could we change in order to adapt them to our problem? How can we change the product/process entirely? Can the product/process be improved making it stronger, bigger, more M – Modify or exaggerated or more frequent? Magnify or Minimize Can the product/process be improved making it smaller, lighter, shorter, less important or less frequent? What other products/processes could do what we want? P – Put to other uses How can we reuse other products/processes that are happening? What would happen if we removed a part of the product/process? E – Eliminate What would happen if we removed everything? How can we achieve the same objective, if we were not able to do it this way? What if we revert the process? R – Rearrange or What if we do step B before step A? Revert What if A becomes the last step and Z becomes the first? What if we perform the two steps together? SOURCE: (SANTOS, 2012, P.102)
3. METHODOLOGY This study uses as research strategy the proposition of plans and programs based on a literature review about alumni associations, social networks and innovative JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
Proposition of an Alumni Portal Based on benchmarking and innovative process
599
processes. Data collection involved research on documentary sites and social networks of alumni associations for a basis of benchmarking and implementation of the SCAMPER technique. Therefore, based on this sequence, we propose a portal prototype of an alumni association in order to achieve maximum membership provided by the appropriate approach and planning. Following the recommendations of Marconi and Lakatos (2010), we started the study from a bibliographical review, which involved surveying the theoretical framework about the topics. The purpose of this step is to place the researcher in direct contact with everything that was published about a particular subject. The bibliographical review serves as a first step to identify how the problem is addressed by the literature, the works that have already been carried out and the prevailing opinions on the matter. The second step allows for establishing an initial theoretical model of reference. Martins and Theophilo (2009) corroborate this view by stating that the literature review is a strategy required to conduct any scientific research, once it is aimed at the construction of a theoretical platform of the subject. Also according to Martins and Theophilo (2009), the proposition of plans and programs is a strategy that provides solutions to organizational problems already diagnosed, sought, by means of empirical-analytical research, a study on the viability of alternative plans for the solution of problems. The author should, preferably, propose the use of models in practical situations, valuing ingenuity and creativity as the adjustments of the theoretical model to a specific situation. As for data collection, the documentary research seeks unedited material, and can be a source of data and auxiliary information that subsidizes a better understanding of the findings. In the first phase, we defined the guiding questions of the literature review that served as support for the analysis of the results and subsequent proposal of a prototype. The second phase involved choosing the units of benchmarking analysis. According to Melo, Carpinetti and Silva (2000), benchmarking is a powerful instrument of improvement that seeks to achieve competitive advantage through learning from best practices in the industry, leading to better performance. Among the possible classifications of benchmarking, the present study uses the functional/generic approach, because it identifies best practices in any type of organization that has established a reputation for excellence in a specific area. The authors also state that, in general, the benchmarking process involves five basic steps: determining the object of benchmarking, identifying partners, collecting and analyzing data, establishing goals, implementing actions and monitoring results. Brazilian educational institutions were selected based on the triennial evaluation comparative worksheets from CAPES (2010) in the field of Business Management, Accounting and Tourism. We decided to analyze the portals of alumni associations of the institutions that had the highest scores (6 and 7) in academic programs, which culminated in four institutions: Federal University of Rio Grande do Sul (UFRGS), University of São Paulo (USP), Getulio Vargas Foundation – São Paulo (FGV-SP) and Federal University of Minas Gerais (UFMG). International institutions were selected from the Global Ranking MBA 2013 published by the Financial Times newspaper (2013), the first three of the ranking are: Harvard Business School, Stanford Graduate School of Business and University of Pennsylvania – Wharton. The third and last phase included the discussion of the authors based on the SCAMPER technique to propose a prototype of an alumni portal.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
600
Teixeira, G., Maccari, E.
4. ANALYSIS OF RESULTS The analysis of the results is composed of three stages, namely benchmarking results that considered the points in common and the particularities of the portals of the institutions selected, application of the SCAMPER technique to propose an innovative portal and finally the prototype design. 4.1. BENCHMARKING OF ALUMNI
PORTALS
As defined in the methodology, we proceeded to the stage of benchmarking completion. The study evaluated 18 items, usually displayed in the portals of alumni associations. Seven universities, four in Brazil and three in the United States, had their portals examined based on these items, the percentage of positive response, that is, the items are disclosed in the portals (Table 1). Table 1: Items evaluated in the portals of alumni associations Items evaluated in the portals of alumni associations
Dissemination of data related to the association:
National
International
Institutions
Institutions
1
History
75%
33%
2
Mission
50%
0%
3
Vision
50%
0%
4
Values
25%
0%
5
Objectives
100%
100%
6
Target audience
100%
100%
7
Benefits
75%
100%
8
Partnerships
75%
0%
9
Online form for membership
100%
100%
0%
100%
11 Has pages on social networks
50%
100%
12 Ways of alumni interaction
75%
100%
13 Special projects of the association
50%
100%
0%
100%
15 News related to or written by alumni
25%
100%
16 Professional opportunities
50%
100%
17 Statute and guidelines of the association
25%
33%
75%
100%
10 Number of associates
Dissemination of data related to services or features:
14 Periodicals, journals or bulletins
18
Restricted password)
area
(access
with
login
and
Source: Elaborated by the authors
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
Proposition of an Alumni Portal Based on benchmarking and innovative process
601
The objective, through the analysis of the frequency of disclosure items, was to understand the importance of each item for higher education institutions nationally and internationally, having as evidence the fact that they have a space in the portal to disseminate such information. The answers were analyzed separately, because international institutions have their consolidated associations while in Brazil, they are still seeking space. The analysis in Table 1 shows that the portals of international institutions are similar because of the 18 items examined, 12 are present in 100% of the universities (5-7, 9-16 and 18). The other four do not appear in any of them (2-4 and 8) and only two items are found in only one institution (1 and 17). In the national institutions, the display of items varies, only three of them occur in 100% of the institutions (5, 6 and 9), and these same three items are displayed in all international institutions. Still about the national institutions of higher education, only one item does not appear in any of them (14). The results in Table 1 indicate the market practice of the selected institutions, but they can also give rise to trends regarding the use of best practices to achieve superior performance. In addition, a more specific analysis of some items corroborates largely with the development of a portal for alumni. Regarding item 6, target audience, 100% of the institutions have established alumni associations involving students of all levels of higher education with no specific association for undergraduates or graduates. About item 7 (Table 2), benefits, it was found that national institutions do not disclose them. Only one national institution cites virtual library access and has a program of discounts on products or services, while 100% of international institutions allow access to the virtual library and databases and offer discount programs for alumni. Table 2: Benefits of alumni associations
Benefits of alumni associations
National
International Institutions
Institutions
Events
75%
33%
Dissemination of professional opportunities
50%
100%
Discount on products or services
25%
100%
Access to the virtual library
25%
100%
Discount on other courses
0%
33%
Free courses
0%
33%
Access to periodicals of the institution
0%
66%
Access to the fitness center of the institution
0%
66%
Travel programs
0%
66%
Access to the chapel of the institution
0%
33%
Source: Elaborated by the authors JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
602
Teixeira, G., Maccari, E.
Concerning item 9, online form for membership, it was found that 100% of the institutions request registration validation of the alumni. International institutions use the alumni ID number, while the national institutions request data on the year of completion and course name, to manually search in the files and subsequent approval. With respect to item 11, pages on social networks, it was found that all international institutions have at least two pages on social media, while only two national institutions of higher education have pages on social media. The distribution is shown in Table 3. Table 3: Pages on social network National Institutions
Social network
International Institutions
50%
100%
50%
66%
25%
100%
Flickr
25%
33%
Source: Elaborated by the authors Regarding ways of interaction (item 12), the prevalence is of encounters at annual events. Only one national institution does not disseminate events. International institutions offer virtual environments for discussion of topics of common interest (virtual communities) as well as links to lectures and virtual courses (learning environment). The special projects (item 13) involve volunteering, diversity groups or mentoring and are more common in international institutions. About item 15, only one national institution releases news, while 100% of the international institutions disseminate news and matters related to alumni. Regarding the features of the restricted area (item 18), Table 4 shows that 100% of international institutions provide access to the profile of their members and to employment vacancies, but the events are usually available in the public area of the site. Table 4: Features of the restricted area Restricted Area
National Institutions
International Institutions
Profile of the alumni members
25%
100%
Professional opportunities
50%
100%
Timetable of events
25%
33%
Library and database
0%
33%
Discussion forum
0%
33%
Story reports
0%
33%
News
0%
33%
Source: Elaborated by the authors
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
Proposition of an Alumni Portal Based on benchmarking and innovative process
603
This study does not encompass the analysis of the strategy or the operation of alumni associations; still, some data about the functioning of associations have emerged from empirical observation and deserve to be reported in order to assist academic managers in the design of the portal (Table 5). Table 5: Items of the analysis of the strategy observed in alumni associations
Items of the analysis of the strategy The institution name is cited by the association
National
International
Institutions
Institutions
100%
100%
The word alumni is cited by the association
50%
100%
Compulsory contribution (registration and annual fees)
25%
33%
No information
100%
Accepts donations Source: Elaborated by the authors
The data interpretation makes one believe that the term alumni is not as publicized in Brazil, as well as the culture of accepting donations, present in 100% of the international institutions. The culture of maintaining a link between the alumni and the university in Brazil does not follow the same pace of the international institutions, which could be a hindrance to deploy an association, however, it poses as a business opportunity as observed with the success of the international entities. The analysis of the portals allows for the identification of particularities and findings that may assist in the innovative process, among which we highlight: I.
National Institutions
a) The social network Facebook was used for massive dissemination of the first alumni meeting, which featured the presentation of alumni who have become major executives. b) Provision of an electronic form for the donation of missing books in the university library. c) An area named Nostalgia for the alumni to write their stories. d) All information is available in the restricted area of the site. In the public area, only two videos are offered on YouTube. One is a welcome video and the other features the importance of being a member of the institutions community. e) Because email addresses were stored only from 2007 onwards, stakeholders who graduated before this period and wish to join the association have to update their files in an online form. II.
International Institutions
a) Provision of an online form for financial donation to innovative projects of the institution. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
604
Teixeira, G., Maccari, E.
b) Clubs throughout the country for local interactions among alumni geographically near. c) A lifelong email address connected to the institution. d) Event photos for sale at cost price. e) Online form for feedback about the site. f) Disclosure of some statistics about alumni: programs, the alumni’s gender, location, type of participation in the association and types of employment. g) Permission for visitors to register to the site to have access to some restricted areas. h) Displays suggestions for reading books written by alumni. i) A lifelong email addresses managed by Google. It includes the following features at no charge to the alumni: POP and IMAP email, 25 GB of storage, Google Calendar and Google Docs. j) Disclosure of data of alumni classes in the space “find my class”, some classes have unique pages on social media sites such as Facebook, LinkedIn or Twitter. k) Lectures around the world, with differentiated prices for the alumni. l) It offers related institutions dedicated to facilitating relations between future students, current students and alumni. Online stores to sell products, such as t-shirts and souvenirs. 4.2.
THE USE OF THE SCAMPER TECHNIQUE
In order to create new opportunities from the combination of different sets of information in response to the need to create an attractive alumni portal, the authors discussed the checklist of questions using the SCAMPER technique and found business opportunities, as described in Figure 2. Figure 2: The use of the SCAMPER technique to develop an alumni portal S – Substitute
Substitute traditional features with Google apps for education. Replace the disclosure of events for a page on the social media Facebook. Combine the alumni portal with the Alumni Monitoring System to ensure that the data is always up to date.
C – Combine
Invite alumni of stricto sensu graduate programs in Business Management or even alumni from other fields as visitors, in order to increase the networking base. Perform annual meetings combined with scientific events at the university to enhance membership due to the convergent interests.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
Proposition of an Alumni Portal Based on benchmarking and innovative process
605
Adapt the LinkedIn profile to the profile of the alumni portal using a plug-in that updates automatically.
A – Adapt
M – Modify or Magnify or Diminish
Change the training area to area of interest, in this case, all dissemination of events or studies will be customized according to interest and not only to the field of study. Allow the dissemination of professional opportunities not only through companies, but also through the alumni. Include space for dissemination of research or developing studies linking them to the area of interest.
P – Put to other uses
Disseminate in the space “Events”, symposia or scientific congresses held by entities other than the university. Currently, each student or alumnus is responsible for identifying scientific events by themselves and in different channels. Disseminate corporate events in the area, even if they do not occur in institutions of higher education.
E – Eliminate
Remove documentary information, such as history, mission, and vision to avoid polluting the site. Register all students and alumni and email them a login and a password rather than request registration.
R – Rearrange or Revert
Create space for reporting of personal stories or articles on topics of interest and communicate them by email when new stories are published, not depending only on the alumni’s initiative to check on news on the portal.
Source: Elaborated by the authors Understanding innovation as the action of finding creative solutions, the answers obtained from the checklist of questions help educational institutions to deal differently with the challenges concerning alumni participation in alumni associations. 4.3.
PROPOSITION OF AN ALUMNI PORTAL PROTOTYPE
Based on the benchmarking result and the use of the SCAMPER technique, the authors suggested an alumni portal prototype to serve the interests of the target audience and at the same time innovate what is already practiced in the market, in order to increase membership and alumni participation. Figure 3 suggests the design of the public area of the portal. Aiming to increase the number of accesses by both the alumni and visitors, the menus “The Association”, “News” and “Events” do not require a login or password for access. In addition, there is a pre-restricted area available to registered visitors, where they can register vacancies and have access to the journals of the institutions of higher education. The JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
606
Teixeira, G., Maccari, E.
objective of this area is to increase the database for possible dissemination. Three other menus are presented: “Alumni Restricted Area”, “Contact us” and shortcut to “Social Network”. Figure 3: Prototype of an Alumni Portal – Public Area
Source: Elaborated by the authors Figure 4 illustrates that the area restricted to current students and alumni of the educational institution include the following features: “Google Apps” for e-mail and other benefits; “Virtual Community” for discussions on topics of common interest; “Research in development” for registration or consultation of areas of interest; “Follow-up of Alumni” for the university to follow the professional and academic career of its alumni; “Virtual Library” to access databases; “Consultation Profile” localizable from class, courses or area of interest; “Profile” imported from LinkedIn with the option for editing and finally “Professional Opportunities” to register and consult employment opportunities. Figure 4: Prototype of an Alumni Portal – Restricted Area
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
Proposition of an Alumni Portal Based on benchmarking and innovative process
607
Source: Elaborated by the authors This is a study based on creative technique, whose aim is to obtain the largest number of possible ideas, meaning that not all the ideas that have emerged will be implemented, because their implementation requires a complementary study on the technical and operational feasibility. 5. CONCLUSIONS Admittedly, the alumni are some of the most valuable assets of the institutions of higher educations, because from their actions, the universityâ&#x20AC;&#x2122;s name is evidenced in the society. Thus, the more extended the contact between the institution and its alumni, the greater opportunities for feedback and knowledge development. An alumni portal facilitates the promotion of research, the exchange of experience, in addition to providing personal, professional and academic networking. In view of the spread of Internet use, managers need to consider it as an important tool in their business strategy. The Internet is widespread for synchronous or asynchronous meetings regardless of time or geographic location, however, the amount of information that it offers can be confusing and users may use their time unduly. In this sense, a portal of relationships should have at its core the following premise: to be attractive and reach the target audience. It should consider the content for the target audience you want to reach, targeting the information for this purpose; otherwise, it runs the risk of having an alumni portal so generic that does not interest the institution or the target audience.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
608
Teixeira, G., Maccari, E.
An alumni association portal should be designed to attract the alumni to the institution’s current activities, a fact that hardly occurs when the student completes the course and no longer has the obligation to be physically involved in academic activities. It is necessary to consider that the alumni have their practical actions affected by experiences during the university course and that it transcends the issuing of the diploma. It is important that the relationships between students/institutions or students/students perpetuate beyond the course completion, as they contribute to the personal, professional and academic careers of the alumni from the networking generated. A portal of an alumni association should be intuitive and interesting in order to assist in enhancing the sense of belonging of the alumni to the educational institution. The innovations arising from this study combine frequent elements at renowned educational institutions with demands of the target audience. Main innovations encompass the inclusion not only of the alumni, but also the current students to the alumni portal, therefore, the link with the university is strengthened from the beginning with a tendency to bolster the bond between the students (current and alumni) and the educational institution. The portal should also include all students of the programs regardless of the student’s initiative to register and use the LinkedIn profile, which is a current networking tool and already used by most students and alumni. All innovations seek to establish a portal of an alumni association that facilitates interaction and information sharing about issues that transcend academic graduation, greatly contributing to the development of society. A limiting factor of the study refers to the absence of a study on the operational and technical feasibility for the development of the alumni portal; therefore, the prototype is just a reference, with no purpose to be deterministic. Further studies could involve a bibliographical review and action research to support the development of the portal, or even with the strategic and cultural aspects of the alumni association.
REFERENCES Arcoverde, L. (24 de Outubro de 2013). Valor Econômico. Acesso em 24 de Outubro de 2013, disponível em Valor Econômico: http://www.valor.com.br/carreira/3314624/ex-alunos-e-universidades-buscam-maioraproximacao# Barnard, Z. (2007). UJDigispace. Online Community Portals for Enhanced Alumni Networking, Tese de Doutorado, University of Johannesburg. Johannesburg, South Africa. Brant, K. E., & Regan, P. J. (Fevereiro de 2002). The Spectrum of Alumni Involvement. Acesso em 29 de Outubro de 2013, disponível em University at Albany : http://www.albany.edu/alumni/images/D5_spectrum_involvement.pdf Cagnazzo, L., Taticchi, P., & Botarelli, M. (2008). A literature review on innovation management tools. Revista de Administração da UFSM, 1(3), 316-330. CAPES. (2010). Coordenação de Aperfeiçoamento de Pessoal de Nível Superior. Acesso em 27 de Maio de 2013, disponível em Planilhas comparativas da Avaliação JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
Proposition of an Alumni Portal Based on benchmarking and innovative process
609
Trienal 2010: http://www.capes.gov.br/component/content/article/44-avaliacao/4355planilhas-comparativas-da-avaliacao-trienal-2010 Chia, H., Jonesa, E. L., & Grandhama, L. P. (2012). Enhancing Mentoring between Alumni and Students via Smart Alumni System. Procedia Computer Science, 13901399. Council for Advancement and Support of Education. (Março de 2005). Principles of Practice for Alumni Relations Professionals at Educational Institutions. Acesso em 24 de Outubro de 2013, disponível em Case - Council for Advancement and Support of Education: http://www.case.org/About_CASE/About_Advancement/About_the_Disciplines.html Cunha, I. C., Freitas, M. A., Yázigi, L., Junior, L. K., Pietro, M. S., Poz, M. E., et al. (set./dez. de 2007). Construindo Instrumentos de Avaliação para os Cursos de PósGraduação Lato Sensu da Unifesp: relato de experiência. Estudos em Avaliação Educacional, pp. 29-40. Financial Times. (2013). Business Educacion. Acesso em 15 de Outubro de 2013, disponível em Financial Times: http://rankings.ft.com/businessschoolrankings/globalmba-ranking-2013 Hax, A. C., & Wilde II, D. L. (Setembro de 2002). The Delta Model - Toward a Unified Framework of Strategy. Working Paper. Hidalgo, A., & Albors, J. (2008). Innovation management techniques and tools: a review from theory and practice. R&d Management, 38(2), 113-127. Kandampully, J. (2003). B2B relationships and networks in the Internet age. Management Decision, Vl. 41(5), 443-451. Khandwalla, P. N. (2006). Tools for Enhancing Innovativeness in Enterprises. VIKALPA, 31(1), 1-16. Marconi, M. d., & Lakatos, E. M. (2010). Fundamentos de Metotologia Científica. São Paulo: Atlas. Martins, G. d., & Theóphilo, C. R. (2009). Metodologia da Investigação Científica para Ciências Sociais Aplicadas. São Paulo: Atlas. Melo, A. M., Carpinetti, L. C., & Silva, W. T. (2000). Proposta de Metodologia para Identificação de Objeto de Estudo de Benchmarking. ENEGEP. Michalko, M. (2006). Thinkertoys - A Handbook of Creative-Thinking Techniques. Berkeley: Ten Speed Press. Newman, M. D., & Petrosko, J. M. (25 de January de 2011). Predictors of Alumni Association Membership. Research in Higher Education, pp. 52:738–759. Porter, M. E. (1996). What is Strategy? Harvard Business Review, 61-78. Primo, A. F. (1997). A emergência das comunidades virtuais. Intercom 1997 - XX Congresso Brasileiro de Ciências da Comunicação, (pp. 1-17). Santos. Santos, V. M. (Janeiro de 2012). Criatividade e Inovação no Processo de Planeamento de Sistemas de Informação, Tese de Doutorado, Universidade do Minho Escola de Engenharia. Minho, Portugal. Serrat, O. (2010). The SCAMPER Technique. Acesso em 29 de Outubro de 2013, disponível em DigitalCommons@ILR - Cornell University ILR School: http://digitalcommons.ilr.cornell.edu/intl/192 JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
610
Teixeira, G., Maccari, E.
Teixeira, G. C., Maccari, E. A., & Kniess, C. T. (jul./dez. de 2012). Impactos do uso de técnicas de gerenciamento de projetos na realização de um evento educacional. Revista de Gestão e Secretariado - GeSec, pp. 67-86. Tidd, J., Bessant, J., & Pavitt, K. (2008). Gestão da Inovação. Porto Alegre: Bookman. Wikipedia. (Outubro de 2013). Wikipedia. Acesso em 22 de Outubro de 2013, disponível em Wikipedia: http://en.wikipedia.org/wiki/Alumnus
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 591-610
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300006
ENVIRONMENTAL SCANNING, STRATEGIC BEHAVIOR AND PERFORMANCE IN SMALL COMPANIES Éverton Luís Pellizzaro de Lorenzi Cancellier Universidade do Estado de Santa Catarina, Florianópolis/SC, Brazil Elton José Blageski Junior Universidade do Vale do Itajaí, Biguaçu/SC, Brazil Carlos Ricardo Rossetto Universidade do Vale do Itajaí, Biguaçu/SC, Brazil ___________________________________________________________________________________________
ABSTRACT This paper’s theme lies in the interaction between the organizational strategy and the environment of small companies and aims to analyze the relation between the scanning of environmental information, strategic behavior and performance. As a research method, the survey-type quantitative approach was used. The application of questionnaires and data analysis were also used alongside this method, using correlations and analysis of variance to verify the differences among companies classified as prospector, analyzer and defender, in their scanning efforts and use of information sources. The main results show that prospectors scan data from the competition as well as technological aspects and access written sources of information and internal sources of information more frequently than those that adopt another type of strategic behavior. Overall, the scanning of information sources was more associated with the performance than with the strategy measured by the strategic behavior typology.
Keywords: Environmental Scanning; Strategic Behavior; Performance;
Small Companies 1. INTRODUCTION Organizations operate in an information economy in which their success depends more on knowledge than on the resources they own. In this context, competitiveness is based on the ability to acquire, treat and use information efficiently in order to make decisions (Mcgee; Prusak, 1994). ___________________________________________________________________________________________ Manuscript first received/Recebido em: 17/09/2013 Manuscript accepted/Aprovado em: 12/08/2014 Address for correspondence / Endereço para correspondência Éverton Luís Pellizzaro de Lorenzi Cancellier, Doutor em Administração pela FEA/USP, professor do Programa de Pós-Graduação em Administração da Universidade do Estado de Santa Catarina – ESAG/UDESC, Av. Madre Benvenuta, 2037 - Itacorubí - Florianópolis – SC, Brazil, 88.035-001. E-mail: everton.cancellier@udesc.br Elton José Blageski Junior, Mestre em Administração pela Universidade do Vale do Itajaí, Rua João Coan, n. 400 Centro, Biguaçu - SC, Brazil, CEP 88160-000. E-mail: elton@univali.br Carlos Ricardo Rossetto, Doutor em Engenharia de Produção pela Universidade Federal de Santa Catarina, professor do Programa de Pós-Graduação em Administração da Universidade do Vale do Itajaí - UNIVALI, Rua João Coan, n. 400 - Centro, Biguaçu - SC, Brazil, CEP 88160-000. E-mail: rossetto@univali.br Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
612
Cancellier, E. L. P., Blageski Junior, E. J., Rossetto, C. R.
Competitiveness of an organization depends on their business strategy. However, in order to develop an efficient strategy, it is necessary to understand what makes the organization more competitive. Therefore, the organization needs to know the environment in which it operates before it develops its competitive strategy. Henderson (1998) states that the riskier the environment, the higher the number of competitors and the fiercer the competition will be. The environments, to the extent that they cause problems and create opportunities in the organizations, increase the level of uncertainty and lead to a process of acquiring information, as the managers need to detect and interpret challenging areas, and identify opportunities. For Hambrick (1983) and Hagen and Amim (1995), a way to avoid being taken by surprise by environmental changes is the environmental scanning, which consists in an essential process of organizational management, enabling managers to spot environmental changes and the strategies adopted by their competitors. McGee and Prusak (1994) argue that the process of defining a strategy is the process in which information is highly involved as an efficient definition process requires accurate and diverse information in a timely fashion and in high volumes. The need for organizational adjustment to the environment by means of a strategy requires that companies understand what happens around them: their consumers’ needs, competitors’ achievements, suppliers’ conditions and governmental regulations, among the potentially relevant factors (Davenport, 1998). As such, information collected from the environment is a resource used for the success of the organization. According to McGee and Sawyerr (2003), effective environmental scanning is an essential practice in business management, where the collection of accurate information is necessary. This scanning is important so that organizations operate as open systems, searching for resources and legitimacy in their environment. Through the scanning process, it is possible for managers to define strategies adjusted to the market’s conditions. Environmental scanning has been regarded as the first stage in the process of associating the organization´s strategy with the environment (Hambrick, 1983; Daft; Sormunen; Parks, 1988; Beal, 2000). Understanding that environmental scanning enables the company to learn about opportunities of which it can take advantage, and about the events or problems that may threaten its performance, allows defining strategies aligned with environmental conditions. Analoui and Karami (2002) state that the importance of scanning information in such an alignment in small and medium-sized companies has gained more importance and has been more influential in achieving maximum performance. Although research connecting strategies and organizational characteristics (Aragón-Sanches, A.; Sánches-Marín, G., 2005) and relating environmental scanning and organizational characteristics (Haase, H.; Franco, M., 2011) has been done, the connection between scanning and strategy in small companies is worthy of more attention as managers’ scanning activities have been prioritized over the last decades. However, not much has been researched about the relationship between the environmental scanning and strategy (Hagen; Haile; Maghrabi, 2003). Notably, studies performed in small companies tend to be descriptive and focused on the use of information sources. Whereas the ones performed in big companies may not be generalized to the entrepreneurs - as their answers and cognitions prove to be different from each other (Stewart JR.; May; Kalia, 2008). Due
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
Environmental scanning, strategic behavior and performance in small companies.
613
to the close relationship between information and strategy, companies that use different strategies and behaviors must adopt different scanning practices. Thus, this studyâ&#x20AC;&#x2122;s theme regards the relationship between environmental scanning and strategy adopted by small companies, in an attempt to contribute to filling this gap in the studies performed in the pertinent area. In order to achieve this, the purpose of analyzing the scanning practices of small companies that adopt different strategic behaviors was set. More specifically, it is verified whether small companies with different strategic behaviors vary the frequency in which they scan external environmental aspects as well as varying the frequency in which they use information sources, relating these variables to performance. As a method of control, it was investigated whether the companies vary their scanning practices and strategic behavior due to their size and age. 2. ENVIRONMENTAL SCANNING One of the authors to address this theme was Aguillar (1967), who defines scanning as a manner through which managers acquire relevant information about what happens outside the company so that future courses of action are taken. According to McGee and Sawyerr (2003), environmental scanning is a present and essential practice in business management, where the collection of accurate information is necessary. This scanning is important so that organizations operate as open systems, searching for resources and legitimacy in their environment. In addition, scanning makes it easy to obtain signals or information and, whenever effectively taken into account, it describes the conditions reflected in the environment, shows advancements, opportunities and the conditions related to existence or nonexistence of problems (Yasai-Ardekani; Nystrom, 1996). Effective scanning of the environment has been necessary for the competitive success of strategies - environmental scanning being the first stage of the process, associating strategy with the environment (Beal, 2000). May, Stewart and Sweo (2000) and Yunggar (2005) also make it clear that environmental scanning provides the organization with important information, thus, keeping it from becoming stagnant due to the lack of information given to their executives about environmental changes. Based on this information, proper adjustments are made between the internal structure and the environment. Therefore, organizations need to keep attuned to what is happening in the environment so that managers may respond to the market changes. Two important aspects in the scanning process are related to the frequency in which information about the external environment is acquired and how it is acquired. Frequency (Daft; Sormunen; Parks, 1988; Beal, 2000) refers to the number of times a manager scans the environment, while how the manager acquires information refers to the type of source. Companies may acquire a large or small amount of data about the environment. The frequency in which data is acquired may vary according to the nature of the external aspects under observation, as the environment may be regarded as having a variety of components. Daft, Sormunen and Parks (1988) subdivide these components into clients, competitors, technological aspects, economic aspects, regulatory aspects, and social and cultural aspects, and the results of their studies showed that the scanning frequency JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
614
Cancellier, E. L. P., Blageski Junior, E. J., Rossetto, C. R.
varied according to these areas - a fact substantiated by previous studies such as the ones by Lang, Calatone and Gudmundson (1997), Raymond, Julien and Ramangalaby (2001), Analoui and Karami (2002) and Sund (2013). Environmental information can be acquired by methods that vary from personal to impersonal sources and from external to internal sources related to the organization (Aguilar, 1967). Personal sources refer to conversations face-to-face or by telephone and they provide multiple suggestions and quick feedback, while impersonal sources refer to the written or documental ones and they enable to condense a large amount of data. Internal sources are found within the organization and enable data directly related to their reality, while external sources are found outside the organization and they lose less data as they do not go through intermediary parties (Daft; Sormunen; Parks, 1988). Due to its distinctive nature, access frequency may vary according to the type of source referred to, as seen in the studies by Daft, Sormunen and Parks (1988), Beal (2000), May, Stewart and Sweo (2000), Stewart Jr., May and Kalia (2008) and Haase and Franco (2011). 3. STRATEGY AND STRATEGIC BEHAVIOR The word strategy has a number of definitions. Ansoff (1977) regards strategy as a set of decision rules for the company to enjoy profitable growth. Strategies, according to Bourgeois (1980), are the means by which the management of a company sets goals and pursues them through the alignment of the organizational resources with the environment’s opportunities and threats. According to Porter (1986), strategy is associated with the positioning of the company in the environment it is part of, with the aim of achieving a favorable position. In the concept developed by Ohmae (1991), strategy is the way through which the company tries to distinguish itself from the competition in a positive manner, using its relatively strong points to meet customer needs better. Although, there are variations in descriptions of strategy, the above-stated definitions highlight the role of strategy and its connection between organizations and the environment in which they are part of. The adjustment between an organization and its environment may take place in a number of ways and a significant effort in the scope of strategies lies in classifying general ways of adjustment which may explain organizations’ behavior. Thus, among the various authors who have proposed strategic typologies, one can mention Ansoff’s Matrix (1977), strategic behaviors by Miles and Snow (1978) and generic strategies by Porter (1986) and by Mintzberg (1988). The typology by Miles and Snow (1978) has, over the years, drawn the attention of strategic management researchers as it is regarded as a comprehensive classification “and as possible to be applied to small companies, enabling the analysis of organizational behavior regardless of the size of the organization” (Vasconcelos; Cândido, 2005:02). This notion is shared by Rossetto (1998) and Gimenez et. al. (1999), as the classification by Porter (1986) is not very suitable to the study of small companies, for they would fall into the focus strategy category. What Miles and Snow (1978) propose lies in the different responses the companies give to the three problems that compose the organizational adaptive cycle: (a) the entrepreneurial problem: a definition of the product/market domain; (b) the JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
Environmental scanning, strategic behavior and performance in small companies.
615
engineering problem: the choice of technical systems; and (c) the administrative problem: relating structure to organizational processes. The model proposes that companies develop relatively stable strategic behavior patterns in order to align them with environmental conditions, following defender, prospector, analyzer and reactor strategies. According to Miles and Snow (1978), in companies that follow a defender strategy, managers are limited to an area in their organization and do not seek opportunities beyond their domain. The strategy lies in keeping their aggressive notoriety in their industry, not paying attention to developments beyond their domain, and in seeking more penetration in their current markets, so their growth takes place with caution. Defenders are conservative and concentrate their innovation activities on existing products (Pleshko, 2006). Consequently, whenever they are faced with a threat or an opportunity, defenders are going to choose renewal in a certain industry (Zubaedah et al. 2013).Companies that follow a prospector strategy usually respond to their chosen environment contrary to the way companies that follow a defender strategy do. They create change and uncertainty to which their competitors should respond. The strategy of these companies is that of continuous development, with the scanning of environmental circumstances, trends and events, having their first growth stages in new markets and products. It is necessary to believe that companies that follow defender and prospector strategies evolve around a continuous process of strategic adjustment (Miles; Snow, 1978). Prospectors are aggressive in their search for new opportunities and, therefore, are going to resort to replication and/or recombination. In addition, due to their nature as new market pursuers, they are going to exclude cost considerations associated with these developments (Zubaedah et al. 2013). Differently, according to Miles and Snow (1978), companies that follow an analyzer strategy operate in two types of product-market domains, a stable one and a dynamic one. In their stable areas, they operate routinely and efficiently with the aid of structures and formal processes. In their dynamic areas, managers pay attention to their competitors and look for new ideas, adopting the most promising ones. According to analyzers, costs are a determining factor in deciding which direction to take. Whenever faced with a threat or an opportunity, analyzers are going to evaluate which direction they see as the most appropriate to take due to specific conditions, instead of choosing consistently one certain direction, which is what defenders and prospectors do (Zubaedah et al. 2013).. This strategy is a combination of products and markets, some are stable, some others dynamic, having susceptible limitations of extensive marketing, and eagerly seeking change. In this approach, growth usually takes places by further looking into the market; it may also take place through the development of products and markets (Miles; Snow, 1978). The fourth approach by Miles and Snow (1978) regards companies that follow a reactor strategy, which make environmental adjustment unstable and inconsistent. According to the authors, reactors are unstable due to the unavailability of consistent mechanisms with which it is possible to make an environmental change. It is possible to state that companies that follow a reactor strategy are organizations in which managers are aware of the change, and of the uncertainty that takes place in their JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
616
Cancellier, E. L. P., Blageski Junior, E. J., Rossetto, C. R.
organizational environments. However, they are not capable of responding efficiently and adjustments in the strategy are hardly ever made to the point when companies are then forced to make them - this usually happens due to high environmental pressure. To sum up, defenders gain a competitive advantage and become more successful in existing markets with existing products, with a lower level of uncertainty in comparison with other strategic types. The company keeps an internal focus, concentrating on a product-market domain, closely defined by a loss of corresponding adaptation to changes in the environment. A prospector gains a competitive advantage entering its markets with new products, for it is innovative and adopts new technologies quickly. The company also keeps an external focus on the continuous adaptation to market changes, with a potentially significant loss in operational efficiency. The company that follows an analyzer strategy is a combination of the two first strategy types. Lastly, the reactor does not gain a competitive advantage due to the lack of a clear connection between the structure and the strategy (GnjidiÄ&#x2021;, 2014). Chart 1, below, summarizes the characteristics of each type of strategic behavior. STRATEGIC TYPOLOGY
Defender Strategy
Prospector Strategy
Analyzer Strategy
Reactor Strategy
CHARACTERISTICS A company that follows this type of strategy: - maintains a line of relatively stable products or services. - has a tight control over product and market. - does not tend to search for new opportunities beyond its domain. - managers are highly specialized in their area of work - control and decision making are centralized - strategic actions are geared towards gaining market share based on the offer of better quality products, improved services and/or lower prices. A company that follows this strategy: - seeks new business opportunities aiming to continuously increase its line of products/services - its managers are highly flexible regarding change and innovation - business activities are decentralized A company that follows this strategy: - aims to keep a relatively limited line of products/services stable while it tries to add one or more product(s)/service(s) that were successful in other companies in the same industry - protects its stable market share. - control and decision making are centralized; however, it is possible to identify flexibility in its actions. A company that follows this strategy: - is not qualified to effectively respond to the implications of changes that take place in the environment. - it does not take risks with new products/services unless it is threatened by competitors. - control and decision-making are highly centralized. - organization structure is rigid.
Chart 1 â&#x20AC;&#x201C; Strategic Typologies and their Characteristics Source: Miles and Snow (1978)
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
Environmental scanning, strategic behavior and performance in small companies.
617
4. METHODOLOGICAL PROCEDURES The study has a quantitative and descriptive nature. Quantification was employed for both collection and analysis of data in order to enable the detection of significant differences between the types of strategic behavior of the companies in the sample. Descriptive research is used to measure specific characteristics with the purpose of getting to know and interpreting reality without interfering with it (Malhotra, 2001). The characteristics described in this study are strategic behavior, environmental scanning, performance, size and age. One hundred and twenty three car dealers composed the study, from the city of Itajaí in the State of Santa Catarina, identified by cross-checking the Secretaria de Receita da Prefeitura Municipal’s database (City Council’s Department of Revenue) and the car company’s database from the junior company of the city’s university. The application of questionnaires took place through the researcher’s visit to the studied company and a sample of 61 companies was extracted by the accurate and full completion of the data collection instrument. The data collection instrument was structured into four parts and preceded by a presentation letter explaining the purpose of the research, the confidentiality of the information gathered and the completion of the questionnaire by the main manager. A pre-test of the questionnaire was performed by the business managers and by an expert who studies the industry so that the language use was suitable and to assure the respondents’ understanding of the questions. The first part consists of an adapted question by Henderson (1998), previously used in the studies by Segev (1987), which aims to identify the type of strategic behavior within organizations in accordance with the typology proposed by Miles and Snow (1978). The question requests a choice, among four alternatives, which best describes the organization in comparison with its competitors. The second part was adapted from the studies by Daft, Sormunen and Parks (1988) and by Beal (2000) and it identifies the environmental scanning and frequency of use of information sources employing a five-point scale, from 1 (low frequency) to 5 (high frequency). The environment was subdivided into 6 sections: competitors, clients, technology, politics/regulations, economy and social and cultural aspects. Information sources were subdivided into external written, internal written, personal external and personal internal. The third part addressed the companies’ performance through subjective measures adapted to the study by Beal (2000) and to the researched industry by means of interviews with the managers who took part in the questionnaire pre-test. In these interviews, the manner in which the indicators were composed was adjusted and the indicators regarded as more representative to measure the industry’s performance of the companies. These measures have shown a stronger connection with objective measures and are especially useful when objective data is not available or hard to access, something typical of small companies (Beal, 2000). A question about the satisfaction and a question about the importance perceived by the managers in relation to the five indicators were made: profitability JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
618
Cancellier, E. L. P., Blageski Junior, E. J., Rossetto, C. R.
rate related to the percentage of net profits over revenues, sales growth rate, client retention success rate, profit growth rate and profit absolute value by the time period considered. The answers were given based on a five-point scale (1-less important/satisfied to 5 - very important/satisfied) and performance in each indicator was obtained by multiplying its importance score by satisfaction. The company’s general performance was obtained by the arithmetic mean of the performance in the five established indicators. Thus, the performance subjective scale varied between 1 and 25, if all company indicators scored at the minimum or maximum values respectively for importance and for satisfaction. A similiar measure of performance can be found in studies such as the ones by Slater and Narver (1993) and Kumar, Subramanian and Yunger (1997) and nationwide the most similar studies to these are the ones by Perin and Sampaio (1999) and Gulini (2005). In the fourth and last part, the questionnaire has questions that describe the company’s size and age. As for the company´s age, the number of years the company had been operating was used and as for the size of the company, two measures were used: number of employees and the monthly car inventory over the last year. 5.
RESULTS
The companies studied were described in accordance with the classification by SEBRAE (2007), which takes the number of employees into account in order to determine company size. Based on this classification, the sample is characterized as being mostly composed of micro-enterprises or small companies for this industry´s companies show less than 49 employees: 38 of them with 5 employees, 13 with between 6 and 16 employees and 10 of them with more than 15, and the small ones with 49 employees. The average number of employees in these companies is 9.98, with a standard deviation of 12.91, as seen in Table 1 below. Table 1 – Companies’ characteristics Variables Mean Number of employees 9.98 Age 8.98 Average inventory 48.03 Performance 13.99
s.d. 12.91 10.90 52.14 5.93
s.d = standard deviation The average inventory has around 48 cars by company, with a standard deviation of 52.14. As far as the inventory is concerned, it is possible to find 14 companies with up to 20 cars, 27 with an inventory of 20 to 40 cars and 20 companies with an inventory of more than 40 cars. The number of years the company had been operating was close to nine years, with a standard deviation of 10.90. Twenty eight companies were five years old or younger; 16 of them were between six and 15 years old and 12 companies were over 15 years old. Although the average age shows they are mature, there is a group of younger companies; 33 of them younger than five years old, and they are going through a time period in which they are being absorbed by the market. According to Sebrae (2007), 56% of micro enterprises and small companies in the country do not JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
Environmental scanning, strategic behavior and performance in small companies.
619
reach the age of five (SEBRAE 2007); however most companies in the sample still seek maturity and stability. Out of the total number in the sample, 38 are non-authorized car/motorcycle dealers, without an exclusive contract with a manufacturer. Among them, the performance results of 30 companies are achieved predominantly from car sales, six of them achieve their performance results from motorcycle sales and two of them achieve them from car and motorcycle sales. On the other hand, twenty three car/motorcycle dealers were found; that is, companies with an exclusive contract with manufacturers. Out of this total, 16 of them achieve their sales results predominantly from cars, five of them predominantly from motorcycles and two of them from car and motorcycle sales. However, out of the 38 non-authorized dealers, only two of them show more than 10 employees on their payroll, and this number is very different when we compare it with authorized dealers, as 57% of them show more than 10 employees on their payroll. Through this data, it was noticed that the sample is predominantly characterized by car dealers (46), being most of them composed of non-authorized dealers (30), showing that authorized dealers are the most mature in this industry, they are bigger and their years of operations are longer than those of the non-authorized dealers. 5.1 Strategic behavior The four strategic behavior types defined by Miles and Snow (1978) were found, as described in Table 2 below. Table 2 â&#x20AC;&#x201C; Strategic behavior of the companies in the sample Strategic Behavior N % Defender 19 31.15 Prospector 22 36.06 Analyzer 18 29.51 Reactor 02 3.28 Total 61 100.00 It is possible to see that prospectors are the majority, with 36.06%, followed by defenders with 31.15%, then analyzers with 29.51% and, lastly, reactors with 3.28%. Standard deviation for this data is 8.99, which is high due to the low number of companies that follow the reactor strategy. By excluding this strategic type, standard deviation is 2.08, suitable to the analysis herein performed. These results show differences from other analyses performed in Brazil. The one performed by Gulini (2005), the predominant strategy was the defender for Internet providers, followed by analyzer and then prospectors. The one performed by Gimenez et al. (1998), for small companies from different types of industry, the analyzer strategy was the most adopted, followed by the prospector strategy. For Vasconcelos and Cândido (2005), companies in Information and Communication Technologies (ICT) in Capina Grande, State of Paraiba, the defender strategy was the most predominant within the companies. Analysis of the data above shows that the conclusion reached is that the group of respondents of the companies that describe themselves as reactors remained at a lower percentage, reinforcing the model suggested by Miles and Snow (1978), and that organizations that follow the reactor strategy would survive less in competitive markets. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
620
Cancellier, E. L. P., Blageski Junior, E. J., Rossetto, C. R.
5.2 Environmental scanning Regarding the scanning of environmental aspects (Table 3), it is possible to state that companies in the sample analyze economic aspects and their clients more frequently, placing more emphasis on social and cultural aspects. A possible interpretation of these results can be found in the fact that this industry is very much influenced by interest rates in financing or loans , which may lead to a more frequent scanning of economic aspects. The results of this research, compared with the ones by Daft, Sormunen, Parks (1988) and Cancellier, Alberton and Silva (2007), show correspondence, as the client variable was described with a high frequency of scanning. Results by McGee and Sawyerr (2003), however, are different, as the technological aspect was the most scanned, an analysis that did not coincide with the one in this research. This difference, however, may occur due to the differences in the profile of the samples, for McGee and Sawyerr (2003) analyzed high technology manufacturing companies. Table 3 â&#x20AC;&#x201C; Scanning frequency Variables
Mean
s.d
Competitors
3.78
1.27
Clients
3.95
0.99
Technological Aspects
3.54
1.35
Regulatory aspects
3.50
1.35
Economic aspects
4.52
0.79
Social and cultural aspects
3.33
1.46
External written
3,88
1,30
Internal written
2,64
1,49
External personal
2,84
1,37
Internal personal
3,98
1,19
Environmental aspects
Information sources
s.d â&#x20AC;&#x201C; standard deviation Regarding the use of information sources, it is seen that a higher frequency occurs in internal personal sources, followed by external written ones, than external personal source, with a lower average, and the use of internal written sources. It is possible that managers, due to the fact they frequently scan economic aspects, will finally use more external written sources. On the other hand, it is possible to see that the companies in the sample use internal written sources less frequently, not creating much information from documents and reports, showing that the companies in this industry of the sample show to be little structured in the structuring and filing of information internally. In order to verify the differences between the types of strategic behaviors regarding characteristics of the organization, an analysis of variance was performed in JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
Environmental scanning, strategic behavior and performance in small companies.
621
order to identify statistically significant differences among means, based on the Fischer’s least significant difference (LSD). As just two companies in the sample show the reactor behavior, the option was to exclude them from the analysis, as the reduced size would prevent the detection of significant differences. Thus, the calculations were performed in order to identify different characteristics among the groups composed of prospectors, analyzers and defenders, whose results are shown in Table 4 below. Table 4 – ANOVA – Strategic behavior and organizational characteristics Comparison among groups
Strategic behavior Variable
Number employees
Prospector Analyzer (1) (2)
p
(3)
1-2
1-3
2-3
16.3
5.2
6.7
0.01
0.01
0.01
0.71
Age
13.9
7.3
5.2
0.02
0.04
0.01
0.52
Average Inventory
57.3
52
31.7
0.24
0.72
0.10
0.22
Performance
14.6
12.2
15.3
0.24
0.21
0.66
0.10
22
18
19
N
of
Defender
In bold = statistic significance on the Fischer’s LSD test Among organizational characteristics, differences between strategic types regarding size and age were found. Size, measured by the number of employees, proved to be different between prospectors and the other companies analyzed; prospectors are bigger compared with analyzers and compared with defenders at α of 0.01. Regarding age, prospectors proved to be older than other strategic types, almost twice the age of analyzers and a little more than twice and half the age of the defenders. Although they are more mature, it is not possible to identify whether the strategic behavior was adopted due to the growth of the companies or whether the companies that follow the prospector strategy grow more than those that adopt other types of behavior. Despite the fact that some studies have shown that companies may vary their performance according to their adopted strategic behavior, the results herein obtained do not allow this conclusion to be reached in the researched sample. Even if the direction of performance shows higher means for the defender behavior, followed by prospectors and by analyzers in this sequence, the differences analyzed were not statistically significant. Thus, the results do not disprove research, such as the one by Judge Jr and Fowler (1996), which found prospectors and analyzers as having better performance in comparison with reactors, and by Aragon-Sanches and Sanches-Marín (2005), Gulini (2005), Teixeira, Rossetto and Carvalho (2009), Rossetto, Rossetto, Verdinelli and Carvalho (2012) and Gnjidić (2014), which found better performance in small companies that follow the prospector strategy, despite the fact they operate in different industries.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
622
Cancellier, E. L. P., Blageski Junior, E. J., Rossetto, C. R.
It is important to highlight that the absence of companies that follow the reactor strategy can be attributed to this finding as they are attributed a lower performance. In order to verify differences between environmental scanning and organizational characteristics, a correlation analysis was performed between scanning frequencies and organizational characteristics related to size, age and performance (Table 5). Table 5: Correlation between Scanning and Organizational Characteristics Scanning Organizational Variable Environmental Aspect Information Sources Number of Employees .186 .359 p=.150 p=.004** Age .018 .269 p=.407 p=,036* Average Inventory ,070 .129 p=.591 p=.320 Performance .097 .458 p=0.342 p=.007** * p< .05
** p< .01
Data shows a positively moderate and very significant correlation (p< .01) between the frequency of access to information sources and the size measures by the number of employees, suggesting that bigger companies access information sources more frequently than small ones - a fact that is supported in the study by Franco et al. (2011), in Portuguese companies from different industries. Regarding age, there is a slightly positive and significant correlation with the frequency of scanning of the external environment, suggesting that older companies seek information about the environment they operate in more frequently, a fact that is supported in the study by Mohan-Neil (1995), in companies from different industries. The performance of the companies in the sample showed a positive association with the scanning of information sources, presenting a moderate to strong and highly significant coefficient (p< .01). This relation proved to be stronger than the one verified concerning strategic behavior and performance, suggesting that the scanning effort may represent a greater influence on performance than the type of strategic behavior adopted. When the differences between strategic behaviors is observed in the present scanning, (Table 6), it is seen that the general mean of the scanning effort in relation to technological aspects, prospectors keep a higher and statistically significant frequency. The most significant difference lies in the scanning of the technological environment, with prospectors showing a higher frequency both in relation to analyzers and to defenders. Another significant difference found was the general scanning effort between prospectors and defenders.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
Environmental scanning, strategic behavior and performance in small companies.
623
Table 6: ANOVA â&#x20AC;&#x201C; Environmental scanning and strategic behaviour Comparison among groups
Strategic Behavior Variable
Prospector Analyzer (1) (2)
Defender
P
(3)
1-2
1-3
2-3
Competitors
4.1
3.5
3.7
0.23
0.09
0.26
0.57
Clients
3.9
3.8
4.1
0.81
0.72
0.75
0.52
Technological Aspects
4.1
3.1
3.2
0.03
0.02
0.03
0.82
Regulatory Aspects
3.7
3
3.7
0.20
0.11
0.94
0.13
Economic Aspects
4.6
4.6
4.3
0.48
0.87
0.32
0.27
Social and Cultural Aspects
3.4
3.1
3.4
0.72
0.45
0.90
0.53
All variables
4.0
3.5
3.7
0.10
0.04
0.21
0.740
In bold = statistic significance on the Fischerâ&#x20AC;&#x2122;s LSD test A complementary analysis shows that, out of the six studied aspects, five of them present the prospector behavior with higher scanning means, and the variable client alone presents a lower mean compared with defenders. Although the differences are not statistically significant in these aspects of the environment, the means contribute to reinforce the fact that the prospectors in the sample scan their environment more frequently. The use of information sources between strategic behaviors (Table 7) shows differences with higher means achieved by prospectors in four types of sources and, in the general mean, the use of information sources. Regarding the use of internal personal sources alone, the prospector behavior did not achieve the highest mean among the groups. When the results are concentrated in such sources as internal, external, personal, and written form and all the sources, the prospector behavior shows higher mean in all variables. The obtained results show that prospectors achieved higher means in the frequency of access to information sources in relation to defenders and analyzers. The exception lies in internal personal sources, in which defenders showed a slightly higher means. When the means by type of sources are considered, once again prospectors show higher means in internal, external and written sources and in the mean of all sources, achieving the same score as defenders when it comes to the use of personal sources.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
624
Cancellier, E. L. P., Blageski Junior, E. J., Rossetto, C. R.
7: ANOVA – Sources of information and strategic behavior Comparison among groups
Strategic Behavior Variable
External written sources Internal written sources External personal sources Internal personal sources Mean of internal sources Mean of external sources Mean of personal sources Mean of written sources Mean of all the sources N
Prospector Analyzer (1) (2)
p
4
3.7
Defender (3) 3.8
3.3
2
2.5
0.02
0.01
0.07
0.38
2.9
2.7
2.8
0.86
0.60
0.71
0.89
4.1
3.2
4.2
0.11
0.09
0.73
0.05
0.03
0.01
0.29
0.10
0.67
0.37
0.70
0.62
0.37
0.20
0.95
0.24
0.09
0.03
0.20
0.36
0.15
0.05
0.44
0.25
3.7 3.5
2.6 3.2
1-2
1-3
2-3
0.65
0.37
0.81
0.52
3.3 3.3
3.5
2.9
3.5
3.7 3.6
2.8 2.9
3.1 3.3
22
18
19
Fischer In bold = statistic significance on the Fischer’s LSD test Statistically significant differences among the groups were found in the frequency of use of internal written sources (α=0.02), in the mean of the internal sources (α=0,03) and in the mean of written sources (α=0.09). Prospectors were ahead of analyzers and defenders in the frequency of use of internal written sources and ahead of analyzers in internal personal sources, in the mean of internal sources and in the mean of written sources.. No differences with statistical significance were found regarding the use of external sources, either written or personal, and no differences at α=0.10 were found in the mean of use of external sources and personal sources. Considering the comparison between pairs of groups alone, without the effect of the interaction between them, it is possible to see differences between prospectors and analyzers at α=0.10 regarding the mean of use of internal personal sources and α=0.05 for the mean of all sources. Therefore, higher differences in means are found in sources with internal and written characteristics and lower differences in means are found in the sources with external and personal characteristics. The use of internal written sources is usually associated with the presence of information systems and the generation of reports in the organization, something that usually happens in bigger companies. The fact that prospectors present the highest number of employees shows that variables related to size and strategic behavior may interact with one another in order to result in a higher frequency of access to internal sources. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
Environmental scanning, strategic behavior and performance in small companies.
625
6. CONCLUSION Environmental scanning, regarded as the activity of acquiring and using information about the organization´s external environment (Choo, 1999), refers to the activity that may play an important role in the process of adjusting the organization and its strategy to the environment. This research aimed to analyze the relation between strategy and scanning in this area. Differences were found between strategic types regarding scanning of the environment and organizational characteristics. By adopting the strategic behavior typology by Miles and Snow (1978), a balanced sample was obtained for three out of their four types of behavior, which enabled the analysis of the differences among the groups within a sample of small companies. This taxonomy’s priority of use in the sample analyzed reinforces the argument by Gimenez et. al. (1999), of its application to small companies. Miles and Snow (1978) state that some differences must be noted in the company’s success, according to their strategic behavior: prospectors, analyzers and defenders have similar chances of success, but they have to be better than reactors, a fact that was found by Segev (1987) and Conant, Mokwa and Varadarajan (1990). The evidence herein found, regarding the fact that performance of prospectors, analyzers and defenders are very similar to one another, is partially aligned with this initial proposition, and distant from the evidence analyzed by Slater and Narver (1993) and Aragon-Sánchez and Sánchez-Marin (2005), which shows that prospectors are superior companies in comparison with the other types of behavior. If they do not show significant differences between types of strategic behavior and scanning of information, the correlations obtained between access to information sources and performance suggest that activities in the management of information impact on the reach of performance of the small companies in the sample. Thus, in this research, scanning of information sources related more to organizational performance than to the strategy measured by the strategic behavior typology. This result highlights the suggestions found in studies on scanning and information management in the context of small companies. Another highlight in the results is found in the differences of information scanning between companies, according to their strategic behavior. If, in relation to clients, the effort seems to be very similar between strategic types, the mean of frequency of information scanning in prospectors is higher in the other five aspects analyzed in the environment, with statistically significant differences in technological aspects and in relation to competitors. Overall, prospectors reported higher frequency both in the scanning of their external environment and in their access of information sources. Such findings show that the relation with the environmental changes according to the type of strategic behavior and some environmental areas can be more significant than others for the alignment with behavior. Regarding information sources, in the external sources alone the effort seems to be very similar, and prospectors show a higher mean of frequency in the other three types of analyzed sources, with statistically significant differences to internal sources and written sources. Due to the fact that the results refer to a limited set of small companies – car and motorcycle dealers of a city in the State of Santa Catarina – they suggest that new research be done in other industrial contexts so this relation is further understood. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
626
Cancellier, E. L. P., Blageski Junior, E. J., Rossetto, C. R.
Another research that may be suggested from the results obtained is the analysis of strategic behavior, growth and maturing of small companies. . Entrepreneurs usually have growth as their goal and the death rate of these companies is high in the first years; therefore, the further analysis of the relation between strategic behavior, size and age of a company may help to understand the reality of this important organizational classification, A desirable element in further research is going beyond the frequency of information scanning, herein addressed, and including the analysis and use of the information obtained. A small company that uses sales support information may achieve maximum performance depending on how it uses this type of information to sell more, and not only because it accesses it more frequently. REFERENCES Aguilar, F. (1967). Scanning the Business Environment. New York: MacMillan. Ansoff, I. (1977). Estratégia Empresarial. São Paulo: Atlas. Analoui, F.; Karami, A. (2002). How chief executives’ perception of the environment impacts on company performance. The Journal of Management Development, v. 21, n. 4, p. 290-305. Aragón-Sanches, A.; Sánches-Marín, G. (2005). Strategic Orientation, Management Characteristics, and Performance: A Study of Spanish SMEs. Journal of Small Business Management; v. 43, n. 3. pp. 287-308. Beal, R. (2000). Competing Effectively: Environmental Scanning, Competitive Strategy, and Organizational Performance in Small Manufacturing Firms. Journal of Small Business Management. v. 38, n. 1. Bourgeois, L. J.III. (1980). Strategy and environment: a conceptual integration, Academy of Management Review, v. 5, n. 1, p. 25-39. Cancellier, E.L. P. de L; Alberton, A; Silva, A. B. (2007). Diferenças na Atividade de Monitoramento de Informações do Ambiente Externo em Pequenas e Médias Empresas: a Influência do Porte e da Idade. ENANPAD - 2007. Choo, C. W. (1999). The art of scanning the environment. Bulletin of the American Society for Information Science, v. 25, n. 3, p. 21-24, Feb./Mar. Conant, J.; Mokwa, M.P.; Varadarajan, R. (1990). Strategic Types, Distinctive Marketing Competencies and Organizational Performance: A Multiple MeasuresBased Study. Strategic Management Journal. v. 11, n.5, p. 365-383. Daft, R. L.; Sormunen, J.; Parks, D. (1988). Chief Executive Scanning, environmental characteristics and company performance: an empirical study. Strategic Management Journal, v. 9, n. 2, p. 23-140. Davenport, T. H. (1998). Ecologia da Informação. São Paulo: Futura. Franco, M; Haase, H; Magrinho, A.; Silva, J. R. (2011). Scanning practices and information sources: an empirical study of firm size. Journal of Information Enterprise Management, v. 24, n. 3, p. 268-287. Gimenez, F. A. P. (1998). Escolhas estratégicas e estilo cognitivo: um estudo de caso com pequenas empresas. Revista de Administração Contemporânea, v. 2, n. 1, p. 27-45, jan./abr.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
Environmental scanning, strategic behavior and performance in small companies.
627
Gimenez, F.A. P. et al. (1999). Estratégia em Pequenas Empresas: uma Aplicação do Modelo de Miles e Snow. RAC, v. 3, n. 2, Mai/Ago. p. 53-74. Gnjidić, V. (2014). Researching the dynamics of Miles and Snow's strategic typology. Management, v. 19, n. 1, pp. 93-117. Gulini, P. L. (2005). Ambiente organizacional, comportamento estratégico e desempenho empresarial: um estudo no setor de provedores de internet de Santa Catarina. Dissertação de Mestrado da Universidade do Vale do Itajaí. Biguaçu. Haase, H.; Franco, M., (2011). Information sources for environmental scanning: do industry and firm size matter? Management Decision, v. 49, n. 10, p. 1642-1657. Hagen, A. F.; Amin, S. G. (1995). Corporate executive and environmental scanning activities: an empirical investigation. San advanced management journal. Hagen, A. F.; Haile, S.; Maghrabi, A. (2003). The impact of the type of strategy on environmental scanning activities in the banking industry: an international perspective. International Journal of Commerce & Management, vol. 13, n. 2, p. 122-143. Hambrick, D. C. (1983). High profit strategies in mature capital goods industries: a contingency approach. Academy of Management Journal, v. 24, n. 4. Henderson, B. D. (1998). As Origens da Estratégia. In MONTGOMERY, Cynthia A. Estratégia: a busca da vantagem competitiva. 2.ed. Rio de Janeiro: Campus, p. 3-11. Judge, JR. W. Q.; Fowler, D. M. (1996). Organizational Responses to Strategic Issues Posed by the Natural Environment: An Application of Miles and Snow’s Strategic Types. Industrial & Environmental Crisis Quaterly. v. 9, n. 4. Lang, J. R.; Calatone, R. J.; Gudmundson, D. (1997). Small firm information seeking as a response to environmental threats and opportunities. Journal of Small Business Management, v. 35, n. 1, p. 11-23. Malhotra, N. K. (2001). Pesquisa de marketing: uma orientação aplicada. Porto Alegre: Bookman. May. R. C.; Stewart, JR. W. H.; Sweo, R. (2000). Environmental Scanning Behavior In a Transitional Economy: Evidence from Russia. Academy of Management Journal, v. 43, n. 3, p. 403-427. Mcgee, J. E.; Prusak, L. (1994). Gerenciamento estratégico da informação. Rio de Janeiro: Campus. Mcgee, J. E.; Sawyerr O. O. (2003). Uncertainty and information Search Activities: A study of Owner-Managers of Small High-Technology Manufacturing Firms. Journal of Small Business Management, p. 385-401. Miles, R. E.; Snow, C. C. (1978). Organizational strategy, structure and process. New York : McGraw-Hill. Mintzberg, H. (1988). Generic strategies: toward a comprehensive framework. In: Advances in Strategic Management, Greenwich, v. 5. p. 1-67. Mohan-Neil, S. I. (1995). The influence of firm’s age and size on its environmental scanning activities. Journal of Small Business Management, v. 33, n. 4, p. 10-21. Ohmae, K. (1991). Mundo sem fronteiras: poder e estratégia em uma economia global. São Paulo: Makron Books. Perin, M. G. Sampaio, C. H. (1999). Performance Empresarial: uma comparação entre indicadores subjetivos e objetivos. IN: Encontro Anual da ANPAD, 23., 1999, Foz do JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
628
Cancellier, E. L. P., Blageski Junior, E. J., Rossetto, C. R.
Iguaçu. Anais eletrônicos... Foz do Iguaçu: ANPAD, 1999. Disponível em http://www.anpad.org.br/. Acesso em: 20 agosto de 2008. Porter, M. E. (1986). Estratégia Competitiva: Técnicas para Análise de Indústrias e da Concorrência. Rio de Janeiro: Campus. Rossetto, C. R. (1998). Adaptação estratégica organizacional: Um estudo multi-caso na indústria da construção civil - setor de edificações. Doutorado em Engenharia de Produção - Universidade Federal de Santa Catarina, UFSC, Brasil. Rossetto, C. R. ; Rossetto, A. M. ; Verdinelli, M. A. ; Carvalho, C. E. (2012). Novas evidências na relação ambiente organizacional, comportamento estratégico e desempenho: um estudo multi-caso em agências de viagens da grande Florianópolis (SC). Revista Turismo & Desenvolvimento (Online), v. 2, p. 717-728. Sebrae. (2007). Estudos da Pequena Empresa. Disponível em www.sebrae.com.br. Acesso em: 28 dez. 2007. Segev, E. (1987). Strategy, strategy making and performance in a business game. Strategic Management Journal, vol. 8, n. 6, p. 565-577. Slater, S; Narver, J. (1993). Product-market strategy and performance: an analysis of the Miles & Snow Strategy Types. European journal of marketing, v.27, n10, p. 3351. Stewart JR., W. H.; May, R. C.; Kalia, A. (2008). Environmental perceptions and scanning in the United States and India: convergence in entrepreneurial information seeking? Entrepreneurship: theory and practice, vol. 32, n. 1, p. 83-106. Sund, K. J. (2013). Scanning, perceived uncertainty, and the interpretation of trends: a study of hotel director`s interpretation of demographic change. International Journal of Hospitality Management, vol. 33, p. 294-303. Teixeira, O. R. de P.; Rossetto, C. R. ; Carvalho, C. E. (2009). A Relação entre o Ambiente Organizacional e o Comportamento Estratégico no Setor Hoteleiro de Florianópolis Sc. Turismo. Visão e Ação (Itajaí), v. 11, p. 157-174, Vasconcelos, A. F. de; Cândido, G. A. (2005). Estratégia em Pequenas e Médias Empresas: uma aplicação dos Modelos de Miles e Snow e Kirton em um Arranjo Produtivo Local. XXV Encontro Nac. de Eng. de Produção – Porto Alegre, RS, Brasil, 29 out a 01 de nov de 2005. p.3289 a 3295. Disponível em: http://www.abepro.org.br/biblioteca/ENEGEP2005_Enegep0702_0487.pdf. Acesso em 18 jan. 2008. Zubaedah, Y.; Fontana, A.; Afiff, A.Z. (2013). Revisiting the Miles and Snow Typology Strategic Path Mediating Business Strategy and Resource Configuration for Innovation. The South East Asian Journal of management. April, v.7, n, 1. Yasai-Ardekani, M., Nystrom, P. C. (1996). Designs for environmental scanning systems: tests of a contingency theory. Management Science, vol. 42, n. 2, p. 187204. Yunggar, M. (2005). Environmental scanning for strategic information: content analysis from Malaysia. The Journal of American Academy of Business, v. 6, n. 2, p. 324-331.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 611-628
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300007
ARCHITECTURE D’UN SYSTEME D’INFORMATION DECISIONNEL ORIENTEE VERS LE PROCESSUS ELECTORAL ARCHITECTURE OF AN ELECTION-ORIENTED BUSINESS INTELLIGENCE SYSTEM Youssef Taher Centre d'Orientation et de Planification de l'Education- Rue Azzaitoune, RABAT. Morocco ________________________________________________________________________________________________
ABSTRACT The election decision-making process is very complex, whether to voters or to political parties. The integration of business intelligence into this process may become one of the key elements that support and improve the election decision-making process. This research paid special attention to the integration of business intelligence into such a process. It is inspired by the IMC model and based on cloud computing. This structural concept offers a definition to the four important levels of decision. These levels take into account the maximum number of factors that may influence the success of an election process. Keywords: Business Intelligence System, election process, Cloud
RESUMÉE Le processus de prise de décision électorale est un processus complexe. Que ce soit pour les électeurs, ou bien pour les partis politiques. L’intégration de l’informatique décisionnelle dans ce processus peut devenir une des clés importantes, qui peut offrir un appui et apporter une amélioration dans les prises de décisions électorales. La présente investigation a porté une attention particulière sur l’intégration de l’informatique décisionnelle dans le processus électoral, en s’inspirant du modèle IMC, et sur la base de l’informatique nuageuse. La présente conception architecturale propose la définition de quatre importants niveaux décisionnels. Ces niveaux prennent en compte le maximum de facteurs qui peuvent influencer la réussite du processus décisionnel électoral. Keywords: Système d'information décisionnel, Processus électoral, Cloud
___________________________________________________________________________________________ Manuscript first received/Recebido em: 03/10/2013 Manuscript accepted/Aprovado em: 21/09/2014 Address for correspondence / Endereço para correspondência
Youssef Taher, Docteur de l'Ecole Mohammedia d'Ingéneurs -Rabat – Maroc, Centre d'Orientation et de Planification de l'Education- Rue Azzaitoune, Hay Ryad, BP 6222, RABAT. Morocco, E-mail: youssef.taher@laposte.net Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
630
Taher, Y.
1. INTRODUCTION Depuis le début des années 1990, le processus électoral a connu une modernisation d’une grande importance et d’une valeur ajoutée considérable. L’intérêt accordé à cette modernisation est justifié, d’une part, par ses nombreux avantages (simplification du processus électoral, diminution considérable des coûts associés au vote, résolution efficace des problèmes d'accessibilité des personnes handicapées ou malades (Rodríguez et al., 2008),…) et, d’autre part, par une immense bibliographie de travaux de recherche scientifique ou technologique qui s’intéressent à l’élection informatisée. Ces travaux ont comme objectifs l’étude (Powell et al, 2012), la conception (Ghassan et al., 2007), l’innovation (Chen et al., 2011) des outils de cette modernisation, et l’étude des problèmes liés à la sécurité des techniques utilisées (Gritzalis, 2002), entre autres intérêts. Par contre, et outre les difficultés apportées par le manque de démocratie dans certains pays (Åström et al (2012), Shirazi et al (2010)) et les arguments présentés par ceux qui s'opposent à cette modernisation, ou qui s'en méfient à cause de certains inconvénients et risques perçus, liés aux différentes méthodes de l’élection informatisée (les problèmes de sécurité, la confidentialité du vote électronique, les problèmes d'accès…). Cette modernisation n’a pas suffisamment répondu à un besoin clé et inévitable d’une opération électorale. Il s’agit de l’aide à la rationalité des décisions prises dans le cadre d’un processus électoral. Que ce soit pour les partis politiques, les candidats, ou bien pour les électeurs. Jusqu'à présent, et à titre d’exemple, cette modernisation du processus électoral n’a pas convenablement profité des importants bénéfices offerts par les systèmes informatiques d’aide à la prise de décision (SIAD). L’intégration de ces systèmes dans ce processus aura pour objectifs, d’une part, d’aider les partis politiques et les candidats à élaborer des stratégies et des programmes électoraux, à partir des informations et des connaissances informatisées utiles et éclairées. D’autre part, elle mettra à la disposition des électeurs des outils informatisés et simples pour analyser des informations électorales de bonne qualité, qui peuvent soutenir la décision électorale pendant un scrutin (choix d’un candidat par exemple), et faire face à l’intoxication médiatique pendant la période des élections. Dans le but de porter une attention particulière sur ce besoin important et inévitable, cette investigation propose une nouvelle conception d’une infrastructure décisionnelle, intégrée et orientée vers le processus électoral. Cette conception prend en compte tous les acteurs de ce processus (électeur, parti politique, candidat). Inspiré du modèle IMC (Intelligence, Modélisation, Choix) (Simon, 1997), et basé sur les technologies de cloud, ce modèle propose la mise en œuvre de quatre niveaux décisionnels. Un premier niveau d’intelligence est destiné aux électeurs et fondé, principalement, sur la collecte des besoins des électeurs dans le temps et l’espace. Un deuxième niveau décisionnel est destiné aux partis politiques et aux candidats, et a comme mission la conception des programmes électoraux. Pour une période avant le scrutin, un troisième niveau décisionnel offre un support informatisé aux électeurs, afin qu’ils choississent un parti politique ou un candidat. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
Architecture d’un systeme d’information decisionnel orientee vers le processus electoral
631
Dans une période de sondage, un quatrième niveau décisionnel soutient les électeurs dans un processus d’évaluation des candidats et des programmes électoraux. Cette étude est structurée en deux parties importantes. Une première partie résume les facteurs humains importants qui peuvent influencer la prise de décision électorale, ainsi que les avantages qui peuvent être obtenus par l’exploitation des systèmes informatiques de l’aide à la prise de décision (SIAD), dans le cadre d’un processus électoral. La deuxième partie discute les quatre niveaux décisionnels proposés par cette conception architecturale décisionnelle. 2. L’INFORMATISATION DU PROCESSUS DECISIONNEL ELECTORAL 2.1.
Prise de décision électorale : Les facteurs humains
Pour un nombre considérable de chercheurs scientifiques, l’étude des facteurs humains qui influencent la décision électorale présente, actuellement, un centre d’intérêt particulier et de grande importance. À titre d’exemple, on cite l’importante recherche menée par Francesco et Navarra (2010). Suite à une analyse empirique de la participation électorale et le vote dans 14 pays européens, ces derniers ont estimé l’existence de plusieurs niveaux de décision dans un processus électoral (décision de voter ou de s'abstenir, décision de voter stratégiquement pour un probable parti vainqueur, ou de communiquer pour un parti perdant…). Cette étude a montré que les électeurs indépendants ou mal informés sont moins susceptibles de participer à une opération électorale. Cependant, quand ils sont à la fois indépendant et non averti, cela n'a pas d'effet significatif sur la décision de participer aux élections. Ce dernier a également montré que les préférences politiques, les caractéristiques institutionnelles, et le marché des médias ont un effet significatif à la fois sur la décision de participer et de voter dans un scrutin. Une des questions importantes qui concernent également la prise de décision dans le cadre d’un processus électoral, se rapporte à quel moment exact un électeur prend la décision de voter. Par exemple, suite à une étude de cas effectuée au Canada, et menée par McGregor (2012), il a été montré que les électeurs sincères ont toujours tendance à prendre une décision de voter relativement tard. Il faut noter, également, qu’il existe d’autres facteurs humains déterminants qui peuvent influencer la décision finale prise par un électeur. À titre d’exemple, Caruso et Paolo (2005) ont montré que la décision finale dépend fortement des effets globaux, tels que la notation des gouvernements, et que le processus de la prise de décision individuelle est déterminé par les intérêts et les problèmes personnels les plus pertinents. Par l’utilisation d’un test empirique basé sur les données d'une enquête des élections en 1995, Jankowski (2007) a montré aussi que la faiblesse de l'altruisme est le déterminant le plus important de la décision de voter. Outre les importants facteurs humains résumés ci-dessus et qui influencent la prise de la décision électorale. Aujourd’hui, la majorité des pays démocratiques sont entrés dans l’ère de la prise de décisions axée sur les données. Les infrastructures décisionnelles peuvent aider l’ensemble des acteurs électoraux (parti politique, candidat, électeur) à JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
632
Taher, Y.
collecter et à analyser des données importantes en relation avec le processus électoral, afin d’élaborer des décisions électorales s’appuyant sur des informations concrètes. Le paragraphe ci-dessous présente une discussion des bénéfices qui peuvent être obtenus par un support informatisé aux facteurs humains mentionnés ci-dessus. 2.2.
Support informatisé à la prise de la décision électorale
Les facteurs humains influençant la prise de décision électorale résumés ci-dessus sont souvent non suffisamment rationnels pour décider, à titre d’exemple, du choix d’un parti politique ou bien d’un candidat, qui ont une réelle capacité à trouver des solutions efficaces en réponse aux attentes des électeurs. Ces facteurs humains sont influencés par des campagnes électorales, qui sont souvent réduites à des campagnes de désinformation, d'intoxication par les médias (Francesco et Navarra (2010)), et les réseaux sociaux interposés (trop de sondages, trop de commentaires, trop de débats à défaut d’être contradictoires, trop d’intoxications…). Ce qui justifie, actuellement, la nécessité inévitable d’accompagner la modernisation du système électoral par l’intégration d’un système informatisé de support à la prise de décision électorale. Par la collecte, la visualisation et l’analyse des données, des informations et des connaissances réelles et de qualité, en relation avec le processus électoral. La mission principale de ce support informatisé est de rationaliser, au maximum possible, les décisions électorales prises par les électeurs et les candidats. Ce qui permet, par conséquent, de réduire au maximum les effets négatifs liés aux problèmes de désinformation et d’intoxication médiatique mentionnés ci-dessus. Grâce à l’importante couverture géographique du réseau internet à l’échelle mondiale, et le développement croissant des outils informatisés, simples et orientés vers l’utilisateur final, pour créer et visualiser des rapports d’analyse,l’intégration d’un système SIAD dans un processus décisionnel électoral peut apporter une grande souplesse aux électeurs et aux candidats, pour éditer, grâce à un navigateur internet, des rapports et des tableaux de bord simples et à partir de n’importe quel poste de travail connecté à internet. Les rapports élaborés par ces outils seront basés sur des informations suffisamment utiles et concernent les points sur lesquels il faut prendre une décision électorale (choisir un candidat, concevoir un programme électoral par candidat ou bien par parti politique…). Le sujet d’intégration des outils décisionnels informatisés dans le cadre d’un processus électoral reste trop peu documenté relativement à l’utilisation de l’informatique décisionnelle dans les autres domaines (marketing, commerce, santé, …). Malgré ce manque de documentation, ce sujet reçoit de plus en plus d’attention particulière à travers un ensemble considérable de projets de recherche scientifique ou technologique. On cite, à titre d’exemple, dans le contexte de l’aide à la prise de décision collective (GDSS) et la démocratie électronique, le travail réalisé par (French, 2007), dans lequel il a montré que le rôle des technologies web est d’apporter une possibilité de soutenir géographiquement et temporellement la prise de décision. Cette étude présente une importante voie à suivre pour la conception et l'utilisation du web GDSS, dans une approche plus participative à la démocratie électronique.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
Architecture d’un systeme d’information decisionnel orientee vers le processus electoral
633
3. DISCUSSION DE LA CONCEPTION ARCHITECTURALE PROPOSEE 3.1.
Présentation
Dans cette nouvelle ère, où la majorité des décisions est axée sur les données, les acteurs électoraux dans les pays démocratiques ont souvent besoin d’une quantité importante de données électorales, diversifiées et de grande qualité et ceci, afin de soutenir les décisions prises dans le cadre d’un processus électoral. Dans ce cadre, la présente conception architecturale propose un modèle de support informatisé à la prise de décision électorale. Cette conception inspirée du modèle IMC (Intelligence, Modélisation, Choix) (Simon, 1997), est basée sur la définition de quatre niveaux décisionnels. Ces niveaux tiennent compte du maximum de facteurs basés sur des données informatisées, qui peuvent soutenir un parti politique, un candidat, ou bien un électeur dans un processus décisionnel électoral. Pour chaque niveau décisionnel, ce présent modèle propose des couches applicatives et physiques basées sur l’exploitation des technologies de cloud. D’après l’importante investigation menée par Dimitrios et Lekkas (2011), l’exploitation de cette technologie, dans le cadre d’un processus électoral, promet d’offrir de belles perspectives. Malgré quelques interrogations portant sur la souveraineté des données électorales et le conflit des lois (Gray (2013), et al (2012)), la nouvelle application de cette technologie, proposée par le présent modèle, est justifiée, d’une part, par ces amples bénéfices qui peuvent être obtenus dans le cadre d’un processus électoral. À titre d’exemple, les autorités chargées des élections informatisées peuvent réduire les coûts des investissements liés aux élections, généraliser les accès aux services de vote en ligne, disposer de la puissance de serveurs en cloud seulement lors des périodes de charge (période de vote par exemple), gagner en rapidité de déploiement des infrastructures informatisées pour une opération électorale. D’autre part, et d'après les importantes investigations menées par Paquette et al (2010), et Stéphane (2000), diverses expériences gouvernementales dans le monde ont réussi récemment l’exploitation des architectures, des plateformes et des applications en cloud, pour fournir des services en relation avec le processus électoral, et profiter des avantages mentionnés ci-dessus. Une discussion des quatre niveaux décisionnels proposés par le présent modèle est présentée par les paragraphes ci-dessous. 3.2.
Les niveaux de la conception architecturale
Le niveau d’intelligence orienté vers les électeurs Afin de soutenir les stratégies et les décisions prises par les partis politiques et les candidats dans le cadre d’un processus électoral. La présente conception architecturale propose un premier niveau d’intelligence décisionnelle, orienté vers les électeurs. Ce niveau est basé sur une permanente collecte des besoins et des données sur les électeurs (Figure. 1). La couche applicative de ce premier niveau est composée de quatre modules, communiquant entre eux au sein d’une première infrastructure communautaire en cloud. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
634
Taher, Y.
Figure 1 : Architecture du premier niveau décisionnel de collecte des besoins. La durée qui sépare deux élections successives est relativement longue (élection présidentielle sur 5 ans au moyen, élection législative sur 5 ans au moyen, élection sénatoriale sur 3 ans en moyenne…). Par conséquent, la collecte des données de qualité en relation avec le quotidien des électeurs, pendant toute cette longue durée, offre un moyen d’analyser autant d’informations que possible sur les préoccupations des électeurs, de suivre l’évolution de ces besoins dans le temps et l’espace, et de comprendre les paysages politique, social, et économique dans lesquels les futurs candidats vont opérer. Ceci contribue à l’élaboration d’une stratégie électorale axée sur des connaissances de grande importance. Afin de mettre cette importante source d’information décisionnelle à la disposition des partis politiques et des candidats, ce niveau intègre un premier service de collecte des besoins exprimés par les électeurs dans l’espace et le temps (module d’accès et de collecte, Figure. 1). Grâce à l’importante couverture mondiale du réseau internet, ce module définit une première interface web de communication avec les électeurs locaux, ou bien des immigrés. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
Architecture d’un systeme d’information decisionnel orientee vers le processus electoral
635
À partir de cette interface, les électeurs peuvent saisir, visualiser, partager leurs besoins dans différents centres d’intérêt. Le partage de ces préoccupations peut être effectué d’une façon permanente, pendant et hors les périodes des élections. Ceci, sans attendre les campagnes électorales, qui sont souvent insuffisantes pour collecter des informations décisionnelles en relation avec les électeurs. Ce premier module assure également deux processus importants. Il s’agit de l'anonymat et de la confidentialité des données partagées par les électeurs. Ces processus sont assurés par l’utilisation d’une procédure de chiffrement MD5. Les données collectées par ce premier module sont réparties sur une multitude de dimensions d’analyse (dimension économique, dimension santé, dimension éducation, dimension sociale,…). La répartition de ces données est assurée par un deuxième module de gestion et d’homogénéisation (module de gestion, Figure. 1). Une modélisation particulière est accordée pour chaque dimension d’analyse, afin de tenir compte du maximum de ces particularités. Les processus de collecte et d’homogénéisation des données électorales, assurés par ces deux premiers modules, représentent donc une première importante source d’information multidimensionnelle. Cette importante source d’information est exploitée par un troisième module décisionnel (Figure. 1). Ce module décisionnel est basé sur la mise en œuvre d’une base de données électorale multidimensionnelle, et d’une chaîne d’éléments décisionnels (extracteur de données, serveur OLAP, serveur SOLAP). Les données chargées par l’extracteur de données seront organisées au sein de la base de données électorale autour des sujets majeurs, qui intéressent les électeurs (emploi, chômage, santé,…). Ces données électorales volumineuses sont rationalisées au sein de plusieurs tables de faits. Ces tables présentent les clés de voûte de ce module décisionnel électoral. L’ensemble des indicateurs pertinents (taux chômage, taux de scolarité, les dépenses familiales …), qui peuvent soutenir la conception d’un programme électoral eststocké dans ces tables. L’exploitation de ce premier niveau d’intelligence par un parti politique ou bien un candidat est assurée par un quatrième important module. Il s’agit du module inter-niveau (Figure. 1). Ce quatrième module a comme mission la création d’un espace de partage entre les trois autres niveaux décisionnels, qui seront présentés dans les paragraphes ci-dessous (le niveau de modélisation, le niveau de choix et le niveau d’évaluation). Grâce à l’efficacité croissante des outils informatisés de conception simple et de présentation des rapports, et de tableaux de bord, le service décisionnel assuré par ce premier niveau offre la possibilité de s'adresser à deux typologies de candidats : Les candidats électoraux de base, consommateurs des indicateurs prédéfinis. Ces candidats exploitent directement une conception prédéfinie d’une base de données électorales. Cette base met à la disposition des candidats de base un modèle multidimensionnel, capable d’assurer des processus simples d’analyse et de synthèse des besoins exprimés par les électeurs. Ce service décisionnel peut s’adresser également aux candidats électoraux avancés, qui ont besoin des outils d'analyse et d'exploration avancés. Ces derniers candidats
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
636
Taher, Y.
peuvent contribuer eux même à la conception de la base de données électorales, définir d’autres dimensions d’analyse et proposer le calcul des mesures plus avancées. En résumé, grâce à ces quatre modules, qui composent ce premier niveau d’intelligence, il s’agit donc d’un important premier espace décisionnel, qui peut soutenir les décisions prises par un candidat ou bien un parti politique, pendant la phase de conception d’un projet de programme électoral. Le niveau de modélisation orienté vers les partis politiques et les candidats Dans les pays démocratiques, les projets de programmes électoraux présentent souvent un point de départ déterminant pour décider et planifier les stratégies de développement d’un pays. Afin de soutenir les partis politiques et les candidats et pour rationaliser au maximum possible ces programmes, et de les concevoir à partir de données, d’informations et de connaissances réelles, précises et de qualité. La présente conception définit un deuxième niveau décisionnel orienté vers la modélisation des programmes électoraux (Figure. 2). D’après la figure 2, ce niveau est basé sur la définition d’une couche applicative composée de trois modules essentiels. Un premier module assure l’accès aux sources de données nationales stratégiques. Un deuxième module inter-niveaux a comme mission le partage des données avec les autres niveaux décisionnels proposés par le présent modèle. Un troisième module décisionnel pour soutenir la conception d’un projet électoral. Justifié par l’indépendance organisationnelle et financière, qui peut exister entre le premier niveau d’intelligence et ce deuxième niveau décisionnel. Ces trois derniers modules sont intégrés dans une couche physique basée sur une deuxième nouvelle infrastructure communautaire en cloud.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
Architecture d’un systeme d’information decisionnel orientee vers le processus electoral
637
Figure 2 : Architecture du deuxième niveau de modélisation orienté vers les partis politiques et les candidats. Grâce à l’intégration des modules inter-niveaux au sein des deux premiers niveaux décisionnels, cet espace de modélisation peut accéder aux données collectées par le premier niveau d’intelligence. Par conséquent, un candidat électoral peut procéder à la conception d’un programme électoral par deux importantes procédures. Une première démarche consiste à exploiter directement le module décisionnel du premier niveau. Une deuxième démarche consiste à intégrer les données d’intelligence du premier niveau, à d’autres importantes sources d’information. En effet, et en plus de la collecte des données en relation avec le quotidien des électeurs, un deuxième accès aux différentes sources de données stratégiques du pays est assuré par un module d’accès (Figure. 2). Ce module JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
638
Taher, Y.
d’accès a comme mission de charger et d’organiser des données stratégiques récupérées de plusieurs sources de données nationales ou internationales (ministères, banque mondiale, organisation non gouvernementale…). Ce processus de collecte est assuré généralement dans chaque pays par la loi relative au droit d’accès à l’information. Etant donné que l’environnement informationnel national et international se caractérise généralement par des données fortement distribuées et hétérogènes, ce module d’accès assure également les opérations de transformation et d’homogénéisation. Ces opérations donnent naissance à un nouveau processus de répartition de ces données nationales récupérées, sur plusieurs dimensions d’analyse préconfigurées (dimensions en relation avec la situation géographique, la situation démographique, les activités économiques, les ressources naturelles…). Grâce à cette multitude de dimensions obtenues par les deux premiers niveaux, et l’intégration d’une deuxième base de données, orienté vers des candidats de base et avancés (Figure. 2). Ce deuxième niveau décisionnel, représente donc une des clés importantes pour concevoir un programme électoral axé sur le calcul et l’analyse des mesures déterminantes de grande importance (taux de croissance prévu, taux de développement économique prévu par région,…). Ces mesures permettent de soutenir, à titre d’exemple, la gestion stratégique de l'information économique. Cette gestion stratégique est devenue aujourd’hui un des moteurs essentiels de la performance globale des partis politiques. En résumé, grâce à ces trois modules, et l’alimentation des dimensions du deuxième entrepôt de modélisation par les deux importantes sources d’informations présentées ci-dessus. Ce deuxième niveau décisionnel offre un important support aux candidats pour concevoir et inventer des projets électoraux suffisamment rationnels. Analyser les différentes formes d’action possibles, et anticiper les projets à venir et les stratégies des partis politiques concurrents.
Le niveau de choix oriente électeur et parti politique Dans les différentes étapes d’un processus électoral, les acteurs de ce processus se trouvent souvent dans une situation de choix compliquée et déterminante. Il s’agit, pour les électeurs, de choisir un candidat, ou bien un parti politique. De choisir un programme électoral par un candidat, et de choisir des candidats pour les prochaines élections par un parti politique. Ces importantes situations de choix justifient donc l’intérêt de la mise en œuvre par le présent modèle d’un troisième niveau décisionnel, orienté vers le soutient de ces dernières situations. D’après la figure 3, la conception de ce troisième niveau de choix est basée sur une couche applicative, composée de trois importants modules. Ces modules communiquent entre eux au sein d’une nouvelle troisième infrastructure communautaire en cloud. Un premier module gère des indicateurs de choix. Un deuxième module décisionnel a comme mission le soutient des électeurs dans un processus de choix d’un candidat, ou bien d’un parti politique. Un troisième module inter-niveaux assure le partage des services de ce troisième niveau, avec les deux premiers niveaux décisionnels proposés par le présent modèle (les niveaux d’intelligence et de modélisation), (Figure. 3). JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
Architecture d’un systeme d’information decisionnel orientee vers le processus electoral
639
Après chaque processus de modélisation d’un projet électoral assuré par le deuxième niveau, le premier module de gestion des indicateurs de choix aura après comme rôle la gestion des processus de publication, de stockage et d’archivage dans le temps et dans l’espace, des anciens et des futurs programmes électoraux. Ce dernier module assure également une gestion complète des données de qualité en relation avec les partis politiques et les candidats (projets réalisés, projets non réalisés, des indicateurs chiffrés d’un programme électoral,…). Ce dernier module de gestion donne donc naissance à une importante source d’information décisionnelle et tridimensionnelle (dimension programme électoral, dimension parti politique, dimension candidat), (Figure. 3). Cette importante source de données sera exploitée par un troisième nouveau module décisionnel intégré dans cet espace de choix. Par conséquent, ces deux derniers modules offrent un important support décisionnel pour choisir un parti politique ou bien un candidat électoral par les électeurs. En effet, grâce aux modules décisionnel et inter-niveaux intégrés dans le premier espace d’intelligence (voir l’espace d’échange inter niveaux, (Figure. 3)), les électeurs peuvent accéder à cet espace de choix, et procéder à la création des rapports comparatifs entre les données archivées par le premier niveau d’intelligence, et le rendement des programmes électoraux. À titre d’exemple, et par l’utilisation d’un simple outil de création d’un rapport préconfiguré et personnalisé, ce rapport comparatif peut lister par domaine de préoccupation des électeurs (emploi, santé, économie,...), pour chaque période électorale précédente, et pour chaque région, le taux d’une réelle réalisation d’un programme électoral,
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
640
Taher, Y.
Figure 3 : Architecture du troisième niveau décisionnel orienté vers les processus de choix.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
Architecture d’un systeme d’information decisionnel orientee vers le processus electoral
641
dans l’objectif d’éviter de passer des dizaines d'heures à synthétiser dans la désinformation des sondages et la profusion d’informations. Les modules de gestion des indicateurs de choix et décisionnel intégrés peuvent soutenir également les électeurs dans un processus de choix d’un candidat électoral. Ce support informatisé est basé sur l’édition et l’analyse des rapports comparatifs simples, entre les futurs candidats, et selon différentes dimensions d’analyse (dimension politique, dimension professionnelle, dimension scientifique...). Ce troisième niveau décisionnel peut soutenir également une décision électorale de grande importance. Il s’agit des processus décisionnels internes, selon lesquels un parti politique décide le choix des candidats pour une prochaine élection. Bien que les modalités de ce dernier choix dépendent du cadre juridique, des règles internes d’un parti politique et des pratiques non officielles, la nécessité de rationaliser cet important choix devient inévitable dans ce processus. Grâce à une troisième base de données intégrée dans ce dernier niveau, l’exploitation de la dimension candidat, peut soutenir un parti politique afin de sélectionner les candidats les plus susceptibles de remporter un futur scrutin. Ce support à la décision est obtenu par la création et l’analyse des rapports comparatifs entre les futurs candidats d’un même parti politique. Ces rapports sont alimentés par des données diversifiées en relation avec les candidats (données politiques, données sociales, données professionnelles,…). Ces dernières données sont gérées par le module de gestion des indicateurs de choix. Le niveau d’évaluation et de sondage Après chaque récent scrutin, la décision prise pendant le processus d’évaluation des candidats ou bien des programmes électoraux présente une des importantes décisions dans le cadre d’un processus électoral. Afin d’apporter un support informatisé à cette mission d’évaluation électorale, le présent modèle propose la définition d’un quatrième niveau décisionnel. D’après la figure 4, et grâce à son module inter-niveau, ce niveau décisionnel offre aux électeurs un double accès vers les niveaux d’intelligence et de choix. Ces accès assurent un important soutien à la prise de décision par les électeurs, afin de rationnaliser les processus de sondage raisonné ou bien aléatoire. Cet important support à la décision obtenu par ce quatrième niveau est basé sur la mise en œuvre d’une quatrième base de données multidimensionnelle dans ce dernier niveau décisionnel (Figure. 4). Grâce aux modules inter-niveaux, les dimensions de cette base sont alimentées par les données d’intelligence du premier niveau, et les programmes électoraux archivés et publiés par le troisième niveau. Grâce aux données chargées dans ces dimensions par le module décisionnel, cette quatrième base de données influera plusieurs tables de faits. Les mesures prédéfinies dans ces tables permettent de calculer les taux de progression dans le temps et l’espace des programmes électoraux publiés par le troisième niveau de choix. La publication de ces mesures par internet permet donc aux électeurs de procéder à une opération de sondage, axée sur des informations décisionnelles et utiles, obtenues à partir de l’analyse de ces dernières mesures. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
642
Taher, Y.
Figure 4 : Architecture du quatrième niveau d’évaluation et de sondage.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
Architecture d’un systeme d’information decisionnel orientee vers le processus electoral
643
4. CONCLUSION Dans les pays démocratiques, le processus électoral est le processus le plus déterminant de l’avenir d’un pays, et de la qualité de vie de ses citoyens. Aujourd’hui, la récente situation économique mondiale défavorable a renforcé la nécessité de porter une attention particulière sur l’ensemble des méthodes décisionnelles conventionnelles, qui sont souvent utilisées dans le cadre d’un processus électoral. Actuellement, cette période de crise économique et financière exige de rationaliser au maximum possible les décisions prises par les électeurs, les partis politiques et les candidats, et de soutenir ces décisions par l’exploitation des données, des informations et des connaissances réelles, précises et de qualité liées aux scrutins. Dans ce cadre, la présente conception propose un exemple d’un nouveau modèle décisionnel électoral intégré, économique et orienté vers l’ensemble des acteurs électoraux. Ce modèle est basé sur la définition de quatre importants niveaux décisionnels, qui tiennent compte du maximum de facteurs qui peuvent soutenir les décisions prises dans le cadre d’un processus électoral. Grâce à l’importante accélération du développement et de l’adoption du décisionnel par l’exploitation des technologies en cloud. Le présent modèle propose une nouvelle application de cette technologie, dans le cadre de la mise en œuvre d’un processus décisionnel électoral. Le principe d’intégration de cette technologie, dans la présente conception, est basé sur la définition de quatre infrastructures communautaires en cloud. La mise en place des couches applicatives et physiques de chaque niveau décisionnel est assurée par ces quatre infrastructures. REFERENCES Åström, J., Karlsson, M., Linde, J., & Pirannejad, A. (2012). Understanding the rise of eparticipation in non-democracies: Domestic and international factors. Government Information Quarter, 29(2), 142-150. Caruso, F., & Paolo, C. (2005). Opinion Dynamics and Decision of Vote in Bipolar Political Systems. International Journal of Modern Physics C, 16(9), 1473-1487. Chen, X., Wu, Q., Zhang, F., Tian, H., Wei, B., Lee, B., Lee, H., & Kim, K. (2011). New receipt-free voting scheme using double-trapdoor commitment. Information Sciences, 181(8), 1493-1502. Dimitrios, Z., & Lekkas, D. (2011). Securing e-Government and e-Voting with an open cloud computing architecture. Government Information Quarter, 28(2), 239-251. Francesco, S., & Navarra, P. (2010). Electoral participation and communicative voting in Europe. European Journal of Political Economy, 26(2), 185-207. French, S. (2007). Web-enabled strategic GDSS, e-democracy and Arrow's theorem: A Bayesian perspective. Decision Support Systems, 43(4), 1476-1484. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
644
Taher, Y.
Ghassan, Q., & Taha, R. (2007). Electronic voting systems: Requirements, design, and implementation. Computer Standards & Interfaces, 29(3), 376-386. Gray, A. (2013). Conflict of laws and the cloud. Computer Law & Security Review, 29(1), 58-65. Gritzalis, D. (2002). Principles and requirements for a secure e-voting system. Computers & Security, 21(6), 539–556. Jankowski, R. (2007). Altruism and the Decision to Vote Explaining and Testing High Voter Turnout. Rationality and Society February, 19(1), 5-34. McGregor, R.M. (2012). Voter sincerity and the time of voting decision. Electoral Studies, 31(4), 715-725. Paquette, S., Jaeger, P.T., & Wilson, S.C. (2010). Identifying the security risks associated with governmental use of cloud computing. Government Information Quarte, 27(3), 245253. Powell, A., Williams, C.K., Bock, D.B., Doellman, T., & Allen, J. (2012). e-Voting intent: A comparison of young and elderly voters. Government Information Quarterly, 29(3), 361372. Rodríguez, C.C., & Pérez, J.M. (2008). Multiple voting location problems. European Journal of Operational Research, 191(2), 437-453. Shin, D. (2013). User centric cloud service model in public sectors: Policy implications of cloud services. Government Information Quarter, 30(2), 194-203. Shirazi, F., Ngwenyama, O., & Morawczynski, O. (2010). ICT expansion and the digital divide in democratic freedoms: An analysis of the impact of ICT expansion, education and ICT filtering on democracy. Telematics and Informatics, 27(1), 21-31. Simon, H. (1997). The future of Information systems. Annals of the Operation research, (71), 3-14. Stéphane, J. (2013). Comprendre enfin les enjeux du cloud computing, c’estpossible. Retrieved from : HYPERLINK "http://www.journaldunet.com/solutions/expert/50482/comprendre---enfin--les-enjeux-ducloud-computing--c-est-possible.shtml" http://www.journaldunet.com/solutions/expert/50482/comprendre---enfin--les-enjeux-ducloud-computing--c-est-possible.shtml . Varadi, S., Kertesz, A., & Parkin, P. (2012). The necessity of legally compliant data management in European cloud architectures. Computer Law & Security Review, 28(5), 577–586.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 629-644
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300008
L’INFORMATION BREVET AU SERVICE DE L’INDUSTRIE PÉTROLIÈRE : CAS DE CONCEPTION ET D’OPTIMISATION DES TRÉPANS PAR INGÉNIERIE INVERSEE THE PATENT INFORMATION FOR THE OIL & GAS INDUSTRY: CASE STUDY OF DRILL BITS DESIGN AND OPTIMIZATION BY REVERSE ENGINEERING Abdelkader BAAZIZ IRSIC Laboratory, Aix-Marseille Université, Marseille, France Luc QUONIAM University of Sud Toulon-Var, France Abdenacer KHOUDI ENSP - Direction Fabrication & Travaux, Alger, Algeria ___________________________________________________________________________________________
ABSTRACT The aim of this paper is to show the results of a study originally conducted for an Algerian State-Owned Company ENSP (Manufacturing Branch / formerly ALDIM) specialized in drill bits manufacturing. We show innovation opportunities offered by the use of reverse engineering assisted by patent information in the oil industry. This applied research, mainly based on the useful and actionable information, is crowned by the implementation of a dynamic and evolving process of drilling tools production and based on a continuous process of practical learning. We outline the cognitive processes for knowledge capitalization during the technical process of reverse engineering and the contribution of patent information in a technology development survey, identifying promising valuable technologies in the field of drill bits design and manufacturing. We conclude with tangible results by exposing performance obtained by a drill bit manufactured by ENSP (formerly ALDIM) according to the ___________________________________________________________________________________________ Manuscript first received/Recebido em: 28/11/2013 Manuscript accepted/Aprovado em: 26/06/2014 Address for correspondence / Endereço para correspondência Abdelkader Baaziz, IRSIC Laboratory, Aix-Marseille Université, 21, rue Virgile Marron - 13392 Marseille Cedex 05, France. Abdelkader Baaziz is Doctoral Researcher at the Laboratory IRSIC, Aix-Marseille University (France), Master Degree in Mechanical Engineering at USTHB – University of Algiers (Algeria) in 1991 and Master Degree in Information Systems Management at the University of Perpignan (France). Has held several senior positions in organizations and companies whose Director of Operations Mud Logging in Drilling Division of Sonatrach (Algeria). He can be contacted at: Abdelkader.baaziz@etu.univ-amu.fr Luc Quoniam, University of Sud Toulon-Var Avenue de l'Université - BP20132 - 83957 La Garde Cedex, France. Luc Quoniam is Professor at University of Sud Toulon-Var (France), Doctor in Information Sciences at the University of Aix-Marseille III in 1988 and HDR in 1996, Member of IRSIC Laboratory at Aix-Marseille University (France). He was Cendotec Director at Sao Paulo (2000 – 2004, Brazil), visiting professor at the Universidade de Sao Paulo (2005 – 2007, Brazil) and visiting professor at Universidade Fernando Pessoa (20072010, Porto, Portugal). He has directed more than 40 doctoral students and has authored numerous scientific publications. His research and teaching are focused on competitive intelligence, innovation, creativity, knowledge management, adaptation to change, "2.0 concepts". He can be contacted at: mail@quoniam.info Abdenacer Khoudi, ENSP - Direction Fabrication & Travaux (ex-ALDIM) Zone industrielle Reghaia – BP 109 – Alger, Algeria. Abdenacer Khoudi is Product Line Manager at ENSP - Direction Fabrication & Travaux (exALDIM) - Algeria. He is Master degree in electromechanical engineering, obtained at the prestigious engineering school "ENITA" (Algeria). Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
646
Baaziz, A., Quoniam, L., Khoudi, A. process described in this paper, while drilling an oil well in the region of Hassi Berkine (Algeria). Keywords: Drill bitoilfield drilling; information; patent; reverse engineering
RÉSUMÉ Le but de cet article est de montrer les résultats d’une étude réalisée initialement pour le compte d'une Entreprise Publique Algérienne ENSP (Direction Fabrication / exALDIM), spécialisée dans la fabrication des outils de forage, afin d'évaluer les opportunités d'innovation offertes par l'utilisation du reverse engineering assisté par l’information brevet dans l'industrie pétrolière. Cette recherche appliquée, basée principalement sur l’information utile et actionnable, est couronnée par la mise en place d’un processus dynamique et évolutif de fabrication des outils de forage qui s’appuie sur un processus d’apprentissage continu par la pratique. Nous mettrons en perspective le processus cognitif permettant la capitalisation des connaissances lors du processus technique du reverse engineering ainsi que la contribution de l’information brevet dans le suivi des évolutions technologiques dans le domaine de conception et de fabrication des trépans ainsi que l’identification des technologies porteuses de valeur. Nous terminerons par des résultats concrets, en exposant les performances obtenues par un outil de forage fabriqué par l’ENSP (ex-ALDIM) selon le processus décrit dans cet article, lors du forage d’un puits de pétrole dans la région de Hassi Berkine (Algérie). Mot clé: Trépan; Outil de forage; forage pétrolier; information; brevet; ingénierie inverse
1.
INTRODUCTION
En s’aidant de l’information brevet et en employant des techniques de reverse engineering, peut-on fournir un outil de forage performant, optimisé pour une formation géologique particulière ? Telle est la problématique que nous tentons d’aborder ici. Ce document est le résultat d’une étude réalisée initialement pour le compte d'une Entreprise Publique Algérienne ENSP (Direction Fabrication / ex-ALDIM), spécialisée dans la fabrication d’outils de forage, dans le but de montrer les possibilités d'innovation offertes par l'utilisation du reverse engineering, assisté par l’information brevet dans l'industrie pétrolière. Cette recherche appliquée, basée principalement sur l’information utile et actionnable, est couronnée par la mise en place d’un processus dynamique et évolutif de fabrication d’outils de forage puisqu’il est basé sur un apprentissage continu par la pratique. L’étude de cas débutera par un exposé technique simple permettant aux chercheurs en sciences de l’information de comprendre la problématique qui nous a amenés à proposer la combinaison des techniques du reverse engineering avec les informations contenues dans les bases brevets pour la conception et l’optimisation des trépans. Nous mettrons en perspective le processus cognitif permettant la capitalisation des connaissances lors du processus technique du reverse engineering, ainsi que la contribution de l’information brevet dans le suivi des évolutions technologiques dans JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
647
le domaine de conception et de fabrication des trépans, ainsi que l’identification des technologies porteuses de valeur. Nous terminerons par des résultats concrets en exposant les performances obtenues par un outil de forage fabriqué par l’ENSP (ex-ALDIM) selon le processus décrit dans ce papier, lors du forage d’un puits de pétrole dans la région de Hassi Berkine (Algérie). 1.1 LA PERFORMANCE DU TRÉPAN POUR RÉDUIRE LES COÛTS FORAGE La forte demande en ressources énergétiques et, en particulier, les hydrocarbures, ainsi que la hausse de leurs prix, a provoqué une augmentation vertigineuse des opérations de forage. Mais, face à la complexité des puits forés, les techniques de forage dites conventionnelles ne permettent plus l’exploitation des réserves de plus en plus profondes dans des conditions géologiques hostiles. Ce qui fait du forage l’une des opérations les plus coûteuses dans les activités d'exploration et de développement. Les exigences en matière de protection de l’environnement, de sécurité des personnes et des biens, contribuent aussi à l'augmentation des coûts des opérations de forage, d’où la nécessité de réduire la durée des forages en actionnant trois indicateurs de référence pour la mesure des performances de forage : 1. Taux de pénétration (ROP) 2. Temps non productif (NPT) 3. Coût du mètre foré Ces nombreux challenges, que l’amont pétrolier rencontre aujourd’hui, sont, aussi, propices à l’innovation technique et technologique des forages et en particulier le trépan. L'efficacité des trépans est augmentée par l'amélioration de leur qualité, ce qui permet une augmentation du ROP, la réduction des NPT dûe aux aléas techniques (voir Annexe 1) et donc la réduction des coûts de forage. Ceci est important lors du forage des puits profonds ou dans le cas du forage des formations dures. Toutes ces raisons ont entraîné une forte concurrence entre les grands fabricants afin d’apporter le développement continu de la technologie du trépan. La Direction Fabrication (ex-ALDIM) de l’Entreprise Nationale des Services aux Puits (ENSP), une entreprise publique algérienne spécialisée dans la fabrication des outils de forage (trépans), fait face à cette forte concurrence sur un marché orienté vers la performance, la qualité des ouvrages, la réduction des coûts et des temps non productifs. Pour cela, elle a réalisé, dans un premier temps, des partenariats (notamment avec l’entreprise belge DBS) pour le transfert technologique et du savoirfaire, puis elle a décidé de compter sur ses compétences pour développer ses propres atouts de Recherche & Développement efficaces mais non onéreux. C’est ce qui a motivé cette étude, à mi-chemin entre la recherche académique et la recherche appliquée, menée par une équipe pluridisciplinaire issue de l’entreprise ENSP (Algérie) et du laboratoire IRSIC de l’Université d’Aix-Marseille (France), en alliant hard technologies (technologies du forage et des trépans) aux soft technologies telles que la recherche de l’information brevet et l’apprentissage par la pratique (Jin, 2005).
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
648
Baaziz, A., Quoniam, L., Khoudi, A.
Le trépan est la partie principale de la garniture de forage, qui est placée au bas de celle-ci. Les trépans sont utilisés pour écraser ou couper la formation rocheuse. La bonne sélection de trépans et de l'utilisation des paramètres de forage appropriés jouent un rôle crucial dans le déroulement des opérations de forage, des coûts et des durées. La simulation du forage permet d'analyser les combinaisons de trépans et d’autres paramètres afin de produire une performance optimisée en termes de ROP, de coût et de réduction du temps. Il existe cinq principaux types de trépans utilisés dans le forage des puits pétroliers : 1. Trépans tricônes à molettes 2. Trépans imprégnés de diamant naturel (NDB) 3. Trépans thermiquement stables (TSP) 4. Trépans compacts en diamant poly-cristallin (PDC) 5. Trépans hybrides 6. 1. Trépans tricônes à molettes Un tricône est constitué de 3 bras forgés. Les dents peuvent être usinées directement dans la molette ou des pastilles en carbure de tungstène serties dans des trous percés sur la molette. Dans les formations dures, les outils à pastilles en carbure de tungstène ont une durée de vie plus longue que les outils à dents (Boryczko, 2012).
Figure 1. Trépan à dents & Trépan à pastilles en carbure de tungstène
2. Trépans de diamant naturel (NDB) Les trépans à diamants ont été introduits dans l’industrie pétrolière en 1952 par Christensen Diamond Products (aujourd’hui Baker Hughes). Ils sont constitués de trois parties principales : les diamants, la matrice et la tige. Une des caractéristiques la plus importante est l'absence de pièces mobiles, ce qui contribue à une plus grande fiabilité (Boryczko, 2012).
Figure 2. Trépans à diamants
3. Trépans thermiquement stable (TSP) La réalisation majeure dans l'amélioration de la résistance thermique de taillants PDC était de produire des trépans au diamant de type PDC avec des lames résistantes à la chaleur (TSP) dans lesquelles l'espace entre les inclusions des grains de diamant ont été gravés au cobalt (Boryczko, 2012).
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Figure 3. Trépan TSP
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
649
4. Trépans PDC Les outils PDC (Polycrystalline Diamond Compact) ont dépassé, durant cette décennie, les outils tricône en termes de métrage foré. Cette forte augmentation est dûe à plusieurs améliorations, tant du point de vue de la qualité des taillants, que de la conception même de l’outil. En effet, de nombreux progrès ont été réalisés dans le domaine de la composition des substrats et des liants (répartition carbure de tungstène / cobalt, microstructure du diamant), de l’interface entre la plaquette diamantée et le substrat, de manière à développer des taillants très résistants à l’abrasion et/ou aux impacts, ou encore de nouveaux procédés chimiques (traitement de la surface, etc.) permettant la réduction du frottement entre la face d’attaque du taillant et la roche (Menand, 2010).
Figure 4. Trépan PDC
5. Trépans hybrides Enfin, terminons par l’apparition très récente des outils hybrides (combinaison du tricône et du PDC), même si l’idée remonte aux années 50 (Menand, 2010). Le but est de réduire le temps de forage dans les formations les plus complexes, en alliant les avantages des deux types de trépans. L’opérateur peut ainsi obtenir une réduction de 40% du coût du mètre foré. Si on compare avec les trépans tricônes, la ROP est plus élevée et le WOB plus faible avec moins de rebond. Si on compare avec les PDC, il y a une nette amélioration de la longévité dans des formations intercalées, moins de stick-slip, un couple de forage plus bas, une meilleure stabilité et un meilleur contrôle directionnel. Figure 5. Outil Hybride Kymera (Source : Baker Hughes)
2. SIMULATEURS VIRTUELS DE FORAGE : OUTIL D’OPTIMISATION DU DESIGN ET DES PERFORMANCES DES TRÉPANS
Dans le domaine de la conception des outils de forage, que ce soit pour les outils PDC, imprégnés ou pour les tricônes, des améliorations ont été nécessaires pour s’adapter aux formations dures et abrasives et/ou hétérogènes. Un grand intérêt a été apporté au design de la garde (zone de stabilisation) de l’outil de manière à ce que l’outil de forage initie une déviation comme elle est demandée par le système directionnel (Menand, 2010). Pour suivre ces avancées technologiques, les logiciels permettant de simuler le processus de forage ont beaucoup évolué pour une meilleure compréhension des phénomènes et leur mise en équations (modèles plus réalistes), des temps de calcul JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
650
Baaziz, A., Quoniam, L., Khoudi, A.
réduits (augmentation de la puissance de calcul) et enfin de meilleurs outils d’aide à la décision et d’interprétation (visualisation 3D) (Menand, 2010). DRilling OPtimisation Simulator (DROPS) est un simulateur de forage conçu par Drops Technology AS (créée en 1997 à Oslo en Norvège) pour réduire le coût des puits futurs en se basant sur les logs de forage (Drilling Log), créés à partir des données recueillies dans les précédents puits forés dans la même zone. Pour cela, on utilise des modèles ROP afin de calculer la résistance à la compression de la roche. L'idée de base de DROPS est de simuler l'opération de forage avant le forage réel afin de trouver le niveau optimal des coûts. Il peut simuler n'importe quelle combinaison de conditions d'exploitation : design de l’outil de forage, pull depth, hydraulique, WOB et RPM (Bratli & al., 1997). En utilisant cette méthodologie dans le processus de planification, on peut aboutir à des programmes de forage plus rentables. les réductions de coûts obtenues indiquent des économies potentielles de l’ordre de 45 a 50% du coût global du forage par puits, ce qui est énorme par rapport à la pratique usuelle dans une même région (BRATLI & AL., 1997).
Figure 6. Interface graphique de DROPS représentant un Trépan PDC en 3D (Source : Schlumberger)
DROPS utilise des paramètres de forages réels pour générer la résistance de la roche plutôt que des diagraphies électriques, une pratique qui assure une meilleure qualité des données. Lyng Drilling, une société du groupe Schlumberger, spécialiste des technologies de pointe en matière de Trépans, a développé une capacité à produire des trépans « sur mesure » pour des puits « particuliers », ce qui a permis une baisse considérable des coûts du forage tout en en améliorant les performances. Pour cela, Lyng utilise le simulateur DROPS pour planifier et optimiser ses outils pour les futurs puits. Smith, une autre compagnie du même groupe, possède sa propre application de design et d’optimisation des trépans : IDEAS (Integrated Drillbit Design Platform). En utilisant une simulation 4D, le processus IDEAS simule le comportement de l'ensemble du système de forage : tiges, outils MWD et LWD, alésoirs, stabilisants JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
651
ainsi que les systèmes directionnels, donnant une représentation graphique détaillée des éléments qui ont un impact direct sur forage.
Figure 7. Processus IDEAS (Source : Schlumberger).
A la différence des processus de conception classique des trépans utilisant de multiples essais sur le terrain, la plate-forme IDEAS utilise la simulation virtuelle pour prédire avec précision le comportement du trépan dans le puits pour lequel il est conçu. Ayant les mêmes soucis de développement et de conception de trépans fiables et de hautes performances, Halliburton a conçu son software de modélisation : « Direction by Design Bit Optimization » capable de définir le lien entre les changements spécifiques de conception de trépans et de quantifier leur impact sur les résultats escomptés. Il en résulte une analyse de la façon dont la modification des paramètres de fonctionnement affecte les performances d'une conception d’un trépan particulier pour une optimisation en temps réel sur le site de forage.
Figure 8. Processus « Direction by Design Bit Optimization » (Source : Halliburton)
A l’instar de son concurrent, le processus de conception « Direction by Design Bit Optimization » remplace l'approche traditionnelle « trial and error ». Pour fournir à ses clients des produits de haute qualité aux performances optimales, Varel se base pour un processus de modélisation et de fabrication de trépans en six (06) étapes :
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
652
Baaziz, A., Quoniam, L., Khoudi, A.
1. GeoScience™ : Analyse préliminaire des formations géologiques à partir des données réelles des puits forés. 2. SPOT™ : Conception de la structure de coupe, simulation de forage et analyse de l’usure. Des modèles mathématiques sont utilisés pour vérifier qu'ils correspondent aux conclusions de Geoscience. 2A. Trépan existant : Il est recommandé de respecter les exigences de l'analyse de Geoscience.
Figure 9. Processus IDT (Source : Varel)
3. Pro-Engineer CAD : Module CAO pour la conception et modélisation 3D des Trépans. 4. CFD : Calcul de Dynamique des Fluides pour l'analyse et l'optimisation hydraulique. 5. Pro-Engineer CAM : Module de Programmation de Fabrication Assistée par Ordinateur avec génération du code de fabrication du Trépan sur un système CAM pour les besoins d’usinage.
Figure 10. Calcul Dynamique des Fluides
6. Bit Run & GeoScience Post Run Analysis : Geoscience est utilisé aussi pour évaluer la performance de l'outil par rapport au plan initial. Au besoin, l'analyse Geoscience initiale est réajustée avant de relancer une nouvelle itération de conception du trépan. Figure 11. Usinage d’un Trépan
Chez Baker Hughes Christensen, les outils PDC ou Tricône commencent leurs cycles de vie sur les systèmes de CAO. Une fois le modèle numérique créé, le système CAM génère les programmes à commande numérique correspondant. Le modèle passe à la simulation du forage par l’application des contraintes mécaniques. La modélisation des contraintes utilise la méthode des éléments finis (FEA) dans le but de choisir les meilleures combinaisons de matériaux du corps du trépan et des pastilles de coupe permettant d’obtenir une plus grande longévité du trépan et d’optimiser le coût du mètre foré. Aussitôt produit, le trépan est mis à l'épreuve dans les conditions de forage réel, dans un simulateur à grande échelle appelé BETA (Baker Hughes Experimental Test Area). WOB, ROP, RPM et le système hydraulique sont examinées. Ce qui permet d’analyser l’usure de l’outil et sa manœuvrabilité. Le simulateur BETA est situé dans un gisement pétrolier épuisé près de Tulsa, Oklahoma. Il apporte un procédé éprouvé durant les opérations de forage, tout en réduisant le risque d'utiliser des outils non testés dans les puits du client. Ceci permet de tester dans une gamme de formations géologiques une variété d’outils de forage, de complétion et de production sur une plate-forme à grande échelle.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
653
La boucle se ferme au laboratoire où l’outil subit une « autopsie » afin de déterminer les problèmes de performance : analyse de l'usure et des défaillances des structures de coupe, roulements, joints et autres éléments du trépan. REED-HYCALOG rachetée par National Oilwell Varco (NOV), offre un service intégré appelé « Advanced Drilling Solutions (ADS) » combinant des processus techniques, des softwares d’analyse « Terrascope » et « Vibrascope » ainsi qu’une variété d’outils de forage. ADS permet une optimisation de forage à plusieurs niveaux en fonction de l'opération en tenant compte des exigences de personnalisés du client. NOV se base sur sa capacité à gérer la connaissance issue des retours d’expériences et sa culture du benchmarking pour l’amélioration continue dans le but de réduire les coûts de forage. Nous n’avons pas pu exposer son processus détaillé faute de documentation officielle. 3.
REVERSE ENGINEERING : RÉVISION DE LA LITTÉRATURE
Le reverse engineering est une discipline en pleine évolution, qui couvre une multitude d'activités (Vàrady & al., 1997). Même si cette discipline touche pratiquement tous les domaines des hard technologies (mécanique, électronique, informatique, chimie, biologie, médecine, etc.), cette étude ne s’intéressera qu’à l’ingénierie mécanique (formes géométriques, contraintes mécaniques, etc.). La littérature académique est abondante dans ce domaine et les premiers travaux, notamment ceux de Zhang (1994), Chivate & Jablokow (1995), Eggert & al. (1996), et Vàrady & al. (1997), datent des années 90. Ces travaux, comme ceux de Motavalli (1998), Zhang (1999), Langbein & al. (2002, 2003 & 2004), Gao & al. (2003) et Fudos (2006), s’intéressent principalement aux algorithmes et processus technique du passage du modèle réel au modèle conceptuel d’un objet dont les formes géométriques sont quelconques. Le processus technique de reverse engineering en quatre (04) phases, proposé par Vàrady & al. (1997), est actuellement la référence en matière de recréation des modèles conceptuels à partir des modèles réels. Des auteurs, comme Thompson & al. (1999), Zhang (2003), De Toledo & al. (2008) et Bagci (2009), se sont penchés sur l’utilisation de la puissance des systèmes informatiques de conception assistée par ordinateur (CAO) pour la finition des modèles conceptuels obtenus. D’autres auteurs, notamment Fisher (2004) et Durupt & al. (2008, 2010a et 2010b), sont allés au-delà des techniques pour s’intéresser aux processus cognitifs d’apprentissage par la pratique du reverse engineering, en utilisant des méthodes dites KBRE (Knowledge-Based Reverse Engineering). Pour notre part, nous avons combiné le processus technique de Vàrady & al. (1997) et le processus d’apprentissage proposé par Durupt & al. (2008) afin de créer, dans un premier temps, un modèle générique global de reverse engineering. Nous avons ensuite élaboré un modèle spécifique pour la conception et l’optimisation des trépans, objet de notre étude. Le reverse engineering est une approche systémique en vue de l'analyse de la conception de dispositifs (ou systèmes) existants. L'objectif principal étant l'analyse d'un produit existant afin d’en reproduire une copie ou d’en créer une version améliorée. Ceci comprend toute activité visant à déterminer comment fonctionne un
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
654
Baaziz, A., Quoniam, L., Khoudi, A.
produit, à comprendre les technologies et à s’inspirer des idées qui ont été initialement utilisées pour le développer. Plusieurs objectifs peuvent être visés par le reverse engineering (Wikipedia, 2013) : -
-
-
Comprendre le fonctionnement de cet objet, pour être en mesure de l'utiliser correctement, de le modifier, ou encore de s'assurer de son bon fonctionnement ; Fabriquer une copie de cet objet alors qu'on ne peut en obtenir ni les plans ni les méthodes de fabrication (activité généralement illégale sur un plan juridique) ; Créer un nouvel objet ayant des fonctionnalités identiques à l'objet de départ, sans violer de brevet ; Analyser un objet produit par un concurrent, soit dans le cadre d'une activité de veille concurrentielle soit pour détecter d'éventuelles violations de brevets.
Le reverse engineering est aussi une activité de veille concurrentielle et technologique. Elle est orientée vers (Wikipedia, 2013) : - L'étude des produits concurrents, - La compréhension des méthodes utilisées par le concurrent, - La recherche des fournisseurs, - La détermination des composants utilisés, - L'estimation du coût de revient à partir de tout ou partie des informations précédentes, - La décomposition du coût d'une pièce, en évaluant chacun de ses composants, la matière utilisée, le temps de fabrication et la méthode, - L'identification d'éventuelles violations de brevets commises par un concurrent ou à éviter. En général, de nombreux produits sont protégés par des copyrights et des brevets qui représentent la meilleure protection contre la copie car ils protègent les idées, voire les détails du fonctionnement du produit. Mais, souvent, le brevet n'est qu'un signal d'avertissement lancé par le déposant pour décourager ses concurrents. Si le brevet en vaut la peine, un concurrent choisira une des options suivantes (NPDBOK, 2013) : - Négocier une licence pour utiliser l'idée, - Proclamer que l'idée n'est pas nouvelle et qu’elle constitue une étape évidente pour toute personne expérimentée dans le domaine spécifique, - Réaliser un changement subtil en prétendant que le produit modifié n'est pas protégée par le brevet, - Vérifier les aspects juridiques pour une utilisation légale du brevet : durée légale, payement des annuités, étendue géographique, etc. Suivant la nature de l'objet et l'objectif visé, différentes méthodes et techniques sont utilisées. Pour des objets physiques, il est possible de démonter le système jusqu'à un certain point pour en analyser les constituants. En électronique et en informatique, JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
655
la démarche peut être celle de l'étude d'une boîte noire : on isole l'objet à étudier, on détermine les entrées et les sorties actives. On essaie, ensuite, de déterminer la réponse du système en fonction des variations du ou des signaux en entrée (Wikipedia, 2013). Le reverse engineering des modèles géométriques consiste à extraire suffisamment d'informations à partir d'un objet physique pour reconstruire un modèle CAO. Si l’engineering consiste à transformer un concept (modèle conceptuel) en un artefact (modèle réel), le reverse engineering permet de passer du modèle réel au modèle conceptuel (Vàrady & al., 1997 ; Langbein, 2003). Idéalement, pour des applications telles que la refonte, le modèle conçu par le reverse engineering doit présenter exactement les mêmes propriétés géométriques que celles présentes dans le design idéal original. Toutefois, ce modèle ne peut être qu’approximatif dans le sens où il présente des régularités géométriques prévues. Ceci est peut-être dû à l’objet physique imparfait modifié par l'usure ou par un procédé de fabrication particulier utilisé lors de sa réalisation. Il peut aussi être provoqué par des erreurs commises dans le processus de reconstruction, en raison d’approximations et d’erreurs numériques, d’imprécisions dans les données mesurées à partir de l'objet d’origine. Selon Langbein (2003), ces problèmes peuvent être éliminés dans le modèle en tenant explicitement compte de l’esprit de la conception, de telle sorte que des modèles plus appropriés seront créés pour une modification ultérieure dans les applications de CAO et améliorés dans une étape de post-traitement. Le principe du reverse engineering repose sur la prise d’un nuage de points issu de la surface de l’objet à scanner numériquement ou à palper mécaniquement (Vàrady & al., 1997). Ce nuage de points est traité par des fonctions CAO permettant la reconstruction de surfaces, à partir desquelles un modèle paramétrique est redéfini par l'utilisateur et le système générateur (choix des côtes, des relations inter-côtes, tolérance, etc.). Le recours au reverse engineering se justifie dans de nombreux cas, notamment (Wikipedia, 2013) : - La conception originelle n’est pas supportée par une documentation suffisante ou adéquate. - Le modèle CAO originel n'est pas suffisant pour supporter des modifications et/ou les procédés de fabrication courante. - Le fabricant originel n'existe plus ou ne fabrique plus le produit, mais il existe des demandes pour le produit. - Des composants usés ou cassés pour lesquels il n'y a aucune source d'approvisionnement. - Le renforcement des fonctionnalités. - L’analyse des fonctionnalités des produits des concurrents. - L’amélioration de la performance et/ou des fonctionnalités du produit. - Le manque de pièces additionnelles (pièces de rechange). - L’actualisation des matériaux ou des processus de fabrication obsolètes. La tendance actuelle, dans le reverse engineering, est l'utilisation de modèles orientés fonctions. Ces modèles conviennent à la fabrication de pièces mécaniques, où il existe des liens bien définis entre les différentes parties du modèle. En outre, ils sont
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
656
Baaziz, A., Quoniam, L., Khoudi, A.
idéaux pour le design industriel et la fabrication, puisque le modèle produit est facilement modifiable (Fudos, 2006). Selon Fudos (2006), cette tendance est motivée par la connaissance fournie par le modèle concernant les tolérances, les contraintes, les relations et la connectivité entre les fonctions. Les modèles orientés fonctions et fondés sur les contraintes sont souvent fondés sur la connaissance. Selon Durupt & al. (2008), nous mettons en évidence deux types de connaissances nécessaires pour permettre la mise en place d’un processus de reverse engineering : 1. La connaissance de fabrication (pour le processus technique) ; 2. La connaissance des exigences fonctionnelles (pour le processus cognitif). La connaissance orientée Reverse Engineering commence à partir d'un nuage de points 3D complet de la pièce étudiée et consiste à appliquer deux activités principales (Durupt & al., 2008 & 2010) : 1. L'analyse de la connaissance : C'est un ensemble d'outils d'analyse afin de sauvegarder, de réutiliser et de définir les caractéristiques selon le procédé de fabrication et les spécifications fonctionnelles. 2. L'extraction de connaissances : cette étape permet d’ajuster les caractéristiques d'un nuage de points afin d'influer sur les dimensions de l’élément.
4. LES PRINCIPALES PHASES D’UN PROCESSUS COGNITIF TYPIQUE DE REVERSE ENGINEERING Le processus cognitif typique de reverse engineering des modèles géométriques solides passe par quatre (04) phases principales (Vàrady & al., 1997 ; Langbein, 2003) :
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
Acquisition des Données (Data Capture)
657
Capitalisation de connaissances (Knowledge Capitalization)
Pré-traitement (Preprocessing)
Segmentation et ajustement de surface (Segmentation & Surface fitting)
Création du Modèle 3D par CAO (CAD 3D Model Creation)
Analyse des connaissances
Extraction des connaissances
Figure 12. Processus cognitif du reverse engineering des modèles solides, adapté de (Vàrady & al., 1997 ; Langbein, 2003 ; Durupt, 2010)
1. Phase d'acquisition de données Les données brutes mesurées sont collectées à partir d’un objet physique existant. La première étape, dans l'ingénierie inverse, est d'obtenir une collection de points 3D précise et représentative généralement appelée nuage de points (Chivate & al., 1995 ; Eggert & al., 1996 ; Vàrady & al., 1997 ; Langbein, 2003 ; Durupt & al., 2008 ; Bagci, 2009). Selon Vàrady & al., (1997), la précision doit être suffisante pour distinguer les points voisins qui fournissent certaines informations structurelles. La densité de points est déterminée par la fréquence d'échantillonnage sur la surface 3D. Il existe différentes méthodes d’acquisition de données et elles sont classées selon deux grandes catégories : 1.1. Méthodes Tactiles : La collection de points 3D est obtenue par palpation de l’objet originel à travers d’un copieur constitué d’un bras robotisé ou d’une machine à mesurer tridimensionnelle (MMT) appelée aussi CMM (Coordinate Measuring Machine) utilisés en métrologie dimensionnelle (Vàrady & al., 1997 ; Fudos, 2006). 1.2. Méthodes Sans Contact : La collection de points 3D est obtenue sans contact avec l’objet originel à l’aide de scanners 3D et/ou de caméras. Les scanners laser 3D peuvent généralement être répertoriés en trois catégories principales : - Le laser par triangulation, - Le scanner 3D par détection de temps de vol, - Le scanner 3D par changement de phase. Ces techniques de scan laser sont généralement utilisées indépendamment, mais peuvent aussi être combinées pour créer un système de scan plus polyvalent. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
658
Baaziz, A., Quoniam, L., Khoudi, A.
Pour obtenir le nuage de points 3D, nous pouvons utiliser la numérisation laser 3D, une multiple reconstruction de l'instantané 2D ou une combinaison des deux. En utilisant des scanners laser, un grand nombre de coordonnées 3D sur la surface d'un objet est mesuré dans un temps très court. On peut aussi utiliser des clichés 2D pour reconstituer un objet 3D. Ceci peut être accompli en utilisant des caméras calibrées, placées dans des positions exactes, ainsi qu’en employant des méthodes de photogrammétrie pour la reconstruction. Alternativement, nous pouvons utiliser des photographies de caméras portatives et ensuite reconstituer la scène 3D grâce à des méthodes sophistiquées. Enfin, nous pouvons combiner les résultats de balayage laser avec reconstruction 3D à partir d'images 2D. Ce faisant, nous augmentons l'exactitude des deux méthodes et l’élimination des problèmes qui découlent de l'effet de surface brillant et de l'effet de bord dans la technologie de numérisation laser. Pour bénéficier d'une technique hybride, nous avons besoin d’algorithmes efficaces pour détecter les points correspondants dans les instantanés 2D et l'identification de leurs homologues de points 3D à l'issue du balayage laser. Les nuages de points qui correspondent aux surfaces brillantes et les bords sont remplacés par les résultats de reconstruction 3D (Vàrady & al., 1997 ; Fudos, 2006 ; Bagci, 2009). Les scanners 3D se démocratisent de plus en plus et nous trouvons actuellement des solutions gratuites avec des kits starter à moins de $US 500 (David3D ; Winkelbach & al., 2006). 2. Phase de prétraitement Beaucoup de problèmes pratiques peuvent surgir lors de l'acquisition de données. Ils sont principalement liés aux complexités des formes, aux erreurs de mesure et d’approche, parmi lesquelles : la calibration, la précision, l’accessibilité, l’occlusion, la finition, le bruit, des données incomplètes, etc. (Vàrady & al., 1997) Un prétraitement sur ces données est nécessaire afin de combiner plusieurs mesures à partir de différents points de vue. 3. Phase de segmentation et d’ajustement de surface Les phases du processus les plus cruciales sont la segmentation et la phase d’ajustement de surface : ici, les surfaces individuelles de l'objet doivent être déterminées et les surfaces des types géométriques appropriées doivent être mises en forme. Pour chacun des sous-ensembles, une ou plusieurs surfaces analytiques sont ajustées séparément. Cependant, la segmentation et l’ajustement de surfaces ne peuvent pas être complètement séparés l’un de l'autre et, pour cela, les méthodes doivent être soigneusement choisies pour la cohérence de l’ensemble. Dès la segmentation nous devons considérer les types de surface à ajuster ultérieurement aux sous-ensembles. Les méthodes numériques et particulièrement la méthode des éléments finis, sont utilisées pour le maillage. Nous énumérons les quatre principales tâches habituellement utilisées dans des algorithmes de récupération (Petitjean, 2002) : 1. Estimation : calcule la géométrie de la surface locale en utilisant des paramètres différentiels tels que la normale et de la courbure ;
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
659
2. Segmentation : responsable pour diviser les données d'origine en sous-ensembles, chacun d'eux formant probablement une primitive géométrique unique; 3. Classification : cette étape décide dans quel type de surface un sousensemble doit être inclus (cylindre, tore, cône ou d'une autre) ; 4. Reconstruction : recherche des paramètres de surface pour adapter correctement les données d'entrée. 4. Phase de Création du Modèle CAO Enfin, après que les surfaces appropriées aient été trouvées, un modèle complet de représentation des frontières est créé pour assembler les surfaces en utilisant les relations d'adjacence. La détection de régularité considère plusieurs relations entre les éléments utilisés pour représenter le modèle CAO afin de trouver des régularités potentielles et éventuellement générer le prototype 3D. Avec les imprimantes 3D, il est possible, aujourd’hui, de créer ce type de prototypes à moindre coût. 5. APPLICATION DU REVERSE ENGINEERING À LA GÉNÉRATION DES TRÉPANS En s’inspirant des processus déjà cités de fabrication par différents constructeurs et, particulièrement celui de Varel, que nous jugeons adaptable à un processus de reverse engineering ainsi que des méthodes classiques abondante dans la littérature académique, nous proposons le modèle de la figure 17. Ce modèle, que nous avons développé, a été utilisé par ALDIM pour concevoir un trépan de type PDC destiné au forage des phases 12˝¼ (diamètre du trou). Ce trépan a été remodelé trois (03) fois après sa conception initiale où il a servi à forer cette phase dans quatre puits différents MDZ#592, ONI#23, OMG#602 dans la région de Hassi Messaoud et BRNP#1 dans la région de Hassi Berkine.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
660
Baaziz, A., Quoniam, L., Khoudi, A.
Analyse préliminaire des données réelles des puits forés dans la région : Formations géologiques, Performances des Trépans, BHA, etc.
Capitalisation de connaissances (Knowledge Capitalization)
Les rapports finaux de sondage (FWR) délivrés par les opérateurs du Mud Logging sont complets.
Sélection des outils (trépans) qui ont réalisé les meilleures performances dans la région.
Analyse des connaissances
Extraction des connaissances Consultation des bases brevets disponibles des Trépans brevetés.
Numérisation des Trépans sélectionnés (Acquisition du nuage de points)
Pré-traitement
(Reconstitution géométrique du Trépan)
Création du modèle 3D du Trépan par un outil de CAO
Simulation de Forage : Optimisation de longévité par application des contraintes mécaniques et analyse de l’usure par la FEA (Méthode des Eléments Finis)
Simulation de Forage : Analyse et optimisation hydraulique par CFD (Calcul de Dynamique des Fluides)
Choix des matériaux du corps du Trapan et des pastilles de coupe
Génération du code de fabrication sur un système CAM pour l’usinage du Trépan. & Créer un prototype 3D (facultatif)
Evaluer la performance de l'outil par rapport au plan initial.
Figure 17. Processus cognitif de conception d’un Trapan par reverse engineering.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
661
6. LES BREVETS: SOURCE D’INFORMATION DANS LE PROCESSUS COGNITIF DE CONCEPTION DES TRÉPANS PAR REVERSE ENGINEERING
Les bases de données brevets sont des sources d’information inestimables car elles contiennent des informations qui ne sont généralement pas publiées ailleurs. Les brevets ont une durée limitée après laquelle ils peuvent être exploités sans droits. Ils peuvent aussi être déchus pour non-paiement des annuités et dans ce cas, leur utilisation est libre. De plus, s’ils ne sont publiés que dans certains pays et non étendus à d’autres, les exploitations de leurs résultats dans ces pays peuvent être faites librement (Quoniam, 2013). Cette étude est une prospective sur les brevets les plus importants traitant de la fabrication et l’optimisation des trépans ou de leurs composants dans le but de : - Identifier les leaders sur le marché dans le domaine de la fabrication des trépans et de leurs composants ; - Suivre les tendances technologiques à travers les brevets récents dans le domaine afin d’établir un éventuel partenariat basé sur le transfert technologique et l’utilisation légale des brevets ; - Faire l’inventaire du portefeuille de brevets technologiquement valables et dont l’utilisation est possible. Nous avons utilisé pour cela un outil performant de recherche et d’analyse des brevets Matheo Patent. 1. Méthodologie : Pour les besoins de notre étude, nous avons organisé la recherche sur l’interrogation de la base de données brevet à partir d’un seul mot clé composé : « Drill Bit » dans les titres et les résumés des brevets déposés sur EspaceNet WordWide et en appliquant une contrainte de classification normalisée CIB en IP Full Digits : « E21B10 » et ce pour la période allant de l’année 1900 à 2013. Notons que CIB est la Classification Internationale des Brevets appelée aussi IPC abréviation anglaise de International Patent Classification, est composée dans notre cas, comme suit (WIPO, 2013) : - La section E désigne les constructions fixes ; - La sous classe E21 désigne le forage du sol ou de la roche ; exploitation minière ; - La sous-classe E21B désigne le forage du sol ou de la roche (exploitation des mines ou carrières E21C ; creusement des puits, des galeries ou des tunnels E21D) ; extraction du pétrole, du gaz, de l’eau ou de matériaux solubles ou fusibles ou d’une suspension de matières minérales à partir de puits ;
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
662
Baaziz, A., Quoniam, L., Khoudi, A.
-
La désignation standard E21B10 désigne « les trépans » ou « drill bits » spécialement adaptés pour modifier la direction du forage E21B 7/08 ; comportant des moyens pour ramasser des substances E21B 27/00.
La sous-classe E21B couvre principalement (WIPO, 2013) : - Les équipements pour le forage du sol ou de la roche dans leur formation naturelle ; - Les équipements analogues pour le forage de structures artificielles in situ, par exemple de routes ou de structures en béton. - Par contre, elle ne couvre pas (WIPO, 2013) : - Les machines de perçage tenues à la main, p.ex. pour l'usage domestique ; - Les équipements de perçage pour la fabrication, c. à d. dans lesquels une pièce est usinée, p. ex. pour un traitement ultérieur couvert par les sousclasses de la section B, p.ex. B23B ; - Les compositions pour le forage des puits ou pour le traitement de puits ou de trous de forage, qui sont couvertes par le groupe C09K 8/00, p. ex. les compositions pour les méthodes de récupération assistée pour l’extraction d’hydrocarbures C09K 8/58. La recherche, pour la période (1900 – 1906), a donné ZERO réponse. De fait, pour en être sûr, nous sommes remontés dans le temps jusqu’à l’année 1800. Nous avons conclu avec certitude que le sujet « Drill Bit » n’a fait l’objet d’aucun brevet avant 1907. Pour la période allant de 1907 à 2013, nous avons obtenu 10 070 brevets. Lors des traitements, nous nous sommes rendus compte que ce chiffre regroupe les outils de forage pétroliers mais aussi ceux utilisés dans les mines « mining drill bit », ceux utilisés sur les chantiers de construction des structures artificielles tels que les routes et chaussées, tels que les marteaux piqueurs « hammer drill bit » et ceux utilisés pour faire des trous dans les structures (murs, plafonds, etc.) en béton comme les « concrete drill bit ». Nous avons évité l’utilisation du mot clé composé « Oil Drill Bit » pour ne pas perdre des informations concernant des trépans, utilisés dans les forages pétroliers sur des brevets qui ont omis de le préciser dans le titre ou le résumé. Nous n’avons pas utilisé les termes français « trépan » ou « outil de forage » parce que de toute façon si les brevets français en font référence, la traduction anglaise fera obligatoirement et systématiquement référence au mot « drill bit ». Nous avons donc décidé de filtrer ces informations en procédant par élimination et en utilisant des mots clés indésirables tels que : « mine drill bit », « mining drill bit », « hammer drill bit », « concrete drill bit », etc. Cette étape de traitement nous a pris du temps, particulièrement lorsque nous doutions du contenu d’un brevet, nous accédions à son contenu à travers le lien donné par Matheo Patent sur « EspaceNet Worldwide ». Il faut noter que les brevets chinois et russes ont été les plus difficiles à traiter pour des raisons évidentes de langue, surtout lorsque le résumé n’est pas bien explicite ou tout simplement inexistant. Dans ce cas, l’accès au brevet devient une obligation pour consulter la partie DRAWINGS.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
663
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
2. Discussions : Après l’opération de nettoyage des données, nous avons obtenu 7259 brevets répartis sur 86 IP Class 4 digits, comme suit : Inventeurs :
IP Class 4 Digits :
5582
8 6
Déposants :
IP Class Full Digits :
1903
6 96
Les dix (10) premières IP Class 4 Digits sont (WIPO, 2013) : S
Désignation de la Sous-Classe IPC-4D
/Cls E
FORAGE DU SOL OU DE LA ROCHE
23P
TRAVAIL DES POUDRES MÉTALLIQUES ; FABRICATION B D'OBJETS A PARTIR DE POUDRES MÉTALLIQUES ; FABRICATION DE POUDRES MÉTALLIQUES AUTRES PROCÉDÉS MÉCANIQUES DE TRAVAIL DU MÉTAL; B OPÉRATIONS MIXTES; MACHINES-OUTILS UNIVERSELLES B
1
ARBRES; ARBRES FLEXIBLES; PIÈCES DU MÉCANISME DES F ARBRES-MANIVELLES; PIÈCES ROTATIVES AUTRES QUE LES PIÈCES DE TRANSMISSION MÉCANIQUE; PALIERS C
1 21
PISTONS; CYLINDRES; RÉCIPIENTS SOUS PRESSION EN F GÉNÉRAL; JOINTS D'ÉTANCHÉITÉ G
23C
1 35
ALLIAGES
9 8
TRAITEMENT ÉLECTRIQUE DE DONNÉES NUMÉRIQUES
9 0
06F 23K
1 76 43
22C 16J
2 47
TOURNAGE; PERÇAGE
23B 16C
7 259
21B 22F
N bre
BRASAGE OU DEBRASAGE; SOUDAGE; REVÊTEMENT OU B PLACAGE PAR BRASAGE OU SOUDAGE; DÉCOUPAGE PAR CHAUFFAGE LOCALISÉ, p. ex. DÉCOUPAGE AU CHALUMEAU; TRAVAIL PAR RAYON LASER REVÊTEMENT DE MATÉRIAUX MÉTALLIQUES; C REVÊTEMENT DE MATÉRIAUX AVEC DES MATÉRIAUX MÉTALLIQUES; TRAITEMENT DE SURFACE DE MATÉRIAUX MÉTALLIQUES PAR DIFFUSION DANS LA SURFACE, PAR CONVERSION CHIMIQUE OU SUBSTITUTION; REVÊTEMENT PAR ÉVAPORATION SOUS VIDE
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
8 3
7 6
664
Baaziz, A., Quoniam, L., Khoudi, A.
Figure 18. Répartition des brevets en IP Class 4 Digits « 15 premières classes »
Le TOP 15 de la classification IPC-4D montre que la majorité des brevets traite des matériaux utilisés pour la fabrication des éléments de coupe tels que les inserts en diamant naturel ou en PDC, des procédés de montage des inserts et/ou des moyens de fabrication des trépans et l’optimisation de leurs performances. Un zoom en IPC-FD nous a permis de constater que les dix-huit (18) premières IP Class Full Digits se réfèrent toutes à E21B10 c'est-à-dire à : Trépans (spécialement adaptés pour modifier la direction du forage E21B 7/08; comportant des moyens pour ramasser des substances E21B 27/00). Le tableau suivant précise les désignations des 10 premières IPC-FD (WIPO, 2013) : S
Désignation de la Sous-Classe IPC-FD
/Cls E21B10/56
N bre
· parties rapportées du type bouton (E21B 10/52 à priorité)
1 107
E21B10/46 E21B10/60
E21B10/42
· caractérisés par des parties résistant à l'usure, p.ex. des diamants rapportés · caractérisés par des canaux ou des buses pour les fluides de forage (pour les trépans à organes coupants roulants E21B 10/18; pour les trépans à percussion E21B 10/38) · Trépans rotatifs du type racleur comportant des dents, des lames ou des organes de coupe similaires, p.ex. du type à fourche, en queue de poisson (caractérisés par leurs parties résistant à l'usure E21B 10/46, par des canaux ou des buses pour les fluides de forage E21B 10/60, par des éléments amovibles ou réglables E21B 10/62)
E21B10/56 7
· · · comportant des éléments de coupe préformés, montés sur un support distinct, p. ex. des parties rapportées polycristallines
E21B10/00
Trépans (spécialement adaptés pour modifier la direction du forage E21B 7/08 ; comportant des moyens pour ramasser des substances E21B 27/00)
E21B10/16
8 87 8 53 7 81
7 78 7 37
· · caractérisés par la forme ou la disposition des dents
7 31
E21B10/22
· · caractérisés par des détails de paliers, de lubrification ou d'étanchéité
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
7 19
665
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
E21B10/43 E21B10/08
· · caractérisés par la disposition des dents ou des autres éléments coupants · Trépans à organes coupants roulants, p. ex. à molettes (trépans carottiers à organes coupants roulants E21B 10/06 ; avec une partie pilote E21B 10/26 ; caractérisés par des parties résistant à l'usure E21B 10/46)
6 09 5 86
Figure 19. Répartition des brevets en IP Class Full Digits « 20 premières classes »
Nous constatons que la majorité des brevets se rapporte à : - la fabrication du trépan ou de ses composants, - la composition des organes de coupe (inserts en diamant naturel ou PDC), - l’optimisation des formes des organes de coupe des Trépans : inserts, forme, etc., - processus d’optimisation des performances des trépans. Le tableau suivant met en évidence les 25 premiers déposants de brevets : Classement
Compagnie
Nbre de Brevet
01
(SLB) SMITH INTERNATIONAL ( US )
1331
02
(BHI) BAKER HUGHES ( US )
1084
03
(SLB) CAMCO LTD ( GB )
293
04
(GE) GENERAL ELECTRIC / DRESSER ( US )
269
05
(NOV) REED HYCALOG ( US )
254
06
(HAL) HALLIBURTON DBS / SECURITY DBS ( US )
210
07
SHELL ( NL )
158
08
(SLB) SCHLUMBERGER ( US )
130
09
CHINA UNIVERSITIES & INSTITUTES ( CN )
126
10
(BHI) CHRISTENSEN ( US )
108
11
VAREL INTERNATIONAL ( US )
67
12
NL PETROLEUM PROD ( GB )
65
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
666
Baaziz, A., Quoniam, L., Khoudi, A.
13
HALL DAVID R ( US )
60
14
SANTRADE LTD ( CH )
55
15
ATLAS COPCO AB ( SE )
51
16
NL INDUSTRIES INC ( US )
47
17
SKF ( SE )
47
18
US SYNTHETIC CORP ( US )
46
19
RUSSIA INSTITUTES ( RU )
42
20
(WFT) WEATHERFORD ( US )
41
21
PRAD RES & DEV LTD ( VG )
37
22
ZHAO YUNLIANG ( CN )
32
23
STEVENS JOHN H ( US )
31
24
BP-AMOCO ( US )
30
25
EXXON-MOBIL ( US )
29
Figure 20. Répartition des brevets selon les Déposants « TOP 15 »
La lecture du tableau précédent et de la figure 20 demande des informations complémentaires, obtenues par le biais des matrices (Annexe 1) : Déposants/Pays, Déposants/IPC-4D, Déposants/IPC-FD, Déposants/Année de Publication ainsi que l’histoire des fusions/acquisitions opérées sur les compagnies spécialisées dans la fabrication des trépans. Il faut savoir que : - Schlumberger a racheté Camco Ltd en juin 1998 et Smith International en août 2010. - Baker Hughes a racheté Christensen Diamond Products en 1992. - General Electric a racheté Dresser Inc. (appartenant initialement à Halliburton) en février 2011. - Halliburton a racheté Security DBS en 2007. Cette reconfiguration nous permet d’obtenir une short-liste « TOP 5 » des fabricants des trépans : JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
Classement 01
Compagnie
667
Score
SHLUMBERGER (+ SMITH + LYNG + CAMCO)
1754
02
BAKER HUGHES (+ CHRISTENSEN)
1192
03
NOV (+ REED HYCALOG)
269
04
HALLIBURTON (+ DBS)
254
05
VAREL
67
Cette short-liste peut servir de white-liste pour les compagnies algériennes qui veulent acquérir des trépans pour leurs forages à travers des consultations restreintes (par exemple : Appel d’Offre Restreint), en précisant, en tant que condition éliminatoire, le nombre minimum de brevets déposés dans le domaine de fabrication des trépans. Elle peut servir aussi pour réaliser des partenariats (joint-ventures) permettant un réel transfert technologique ou l’utilisation légale des brevets. Nous avons éliminé Dresser Inc. de la short-liste malgré son important portefeuille brevet. La raison est qu’elle n’a publié aucun brevet depuis 2008 (Matrice 4a) et a même abandonné la fabrication des trépans depuis son acquisition par GE en 2011, pour se concentrer sur des produits et services du contrôle des flux (valves, instruments de mesure, etc.). Il est tout de même intéressant de vérifier le statut juridique de son patrimoine brevet. En effet, à titre d’exemple, le brevet « JET BIT WITH VARIABLE ORIFICE NOZZLE », publié aux Etats-Unis d’Amérique, en date du 08/05/2001, sous le numéro « US6227316B1 », a expiré le 08/05/2009 (c'est-à-dire avant échéance) pour non-paiement des annuités. Cette information est vérifiable en consultant INPADOC legal status du brevet en question sur « EspaceNet ». Il est donc possible d’utiliser le contenu de ce brevet en toute légalité sans paiement de royalties. Camco Ltd. n’a plus publié de brevet sur les trépans depuis 2007 (Matrice 4a) et a aussi abandonné la fabrication depuis son rachat par Schlumberger. De toute évidence, une partie de son portefeuille brevets est passée sous le contrôle de cette dernière, alors qu’une autre partie est toujours gérée par REED-HYCALOG (actuellement NOV). Les opérations successives de fusions et d’acquisitions subies par des compagnies telles que Dresser, Camco ou autres, peuvent générer des dysfonctionnements dans la gestion du portefeuille brevets. Ces failles juridiques peuvent faire tomber un brevet dans le domaine public. En s’intéressant à une liste plus importante de déposants (25 premiers), nous remarquons, outre ce qui a été énoncé, ce qui suit : - Avec 126 brevets déposés et une neuvième (09) place au classement du TOP 10, les universités et instituts chinois sont féconds en matière de production de brevets dans tous les domaines et, en particulier, dans les processus de fabrication du trépan et de ses composants. Il est intéressant d’étudier ces brevets (même si c’est difficile) parce que leur adaptation est aisée du fait de leur étendue géographique, généralement limitée à la Chine. - Les compagnies pétrolières telles que SHELL, BP-AMOCO, EXXONMOBIL et même TOTAL vont au-delà de leurs métiers d’exploration et de JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
668
Baaziz, A., Quoniam, L., Khoudi, A.
-
-
production en participant à la conception et à l’optimisation des trépans. Les dépôts de brevets sont, dans ces cas, le résultat d’opérations réalisées pour des besoins spécifiques de leurs forages. Parmi les déposants les plus actifs, se trouvent des personnes physiques indépendantes ou liées à des compagnies telles que HALL DAVID R (indépendant), ZHAO YUNLIANG (lié à Smith International) et STEVENS JOHN H (lié à Baker Hughes). On s’étonne, lorsqu’on constate que SKF, leader mondial des roulements et paliers, est déposant de brevets dans le domaine des trépans. La matrice 3 (Annexe 1) nous donne la réponse : SKF a déposé 40 brevets (sur 47) dans la classe E21B10/22 ce qui correspond à « · · caractérisés par des détails de paliers, de lubrification ou d'étanchéité » (WIPO, 2013). Donc, cela correspond bien à son métier de fournisseur de paliers comme composants entrant dans la fabrication des trépans.
En utilisant la matrice 1 (Annexe 1) représentant les déposants par pays, on obtient le classement suivant des pays déposants : Etats-Unis 0 d’Amérique (US) 1
Pays 0 Bas (NL) 6
Grande 0 Bretagne (GB) 2
Canada 0 (CA) 7
Chine 0 (CN) 3
Iles0 Vierges (VG) 8
Russie 0 (RU) 4
Suède 0 (SE) 9
Allemagne 0 (DE) 5
France 1 (FR) 10
Aucune surprise par rapport à la première place occupée naturellement par les Etats-Unis d’Amérique. Notons que la Chine occupe la 3ème position et que la France n’est qu’à la 10ème position. Les matrices 4a et 4b (Annexe 1) désignent, en fait, deux périodes consécutives de 20 ans : - La première, allant de 1994 à 2013, représente les 20 ans de protection légale des brevets. Durant cette période, l’utilisation d’un brevet nécessite de l’accord du déposant, moyennant le paiement des royalties. Il est cependant possible d’utiliser tous les brevets tombés dans le domaine public pour non-paiement des annuités ou pour d’autres motifs que nous avons déjà cités. - La seconde période, allant de 1974 à 1993, représente 20 ans pendant lesquels nous pouvons considérer que le brevet est technologiquement valable et son utilisation est tout à fait libre et légale puisqu’il est tombé systématiquement dans le domaine public. - La période avant 1973 représente l’histoire de l’évolution technologique du trépan dont l’exploitation n’est pas appropriée au vu de l’obsolescence des technologies décrites. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
669
3. Historique des dépôts de Brevets sur le sujet « Drill Bit »
Figure 21. Brevets en fonction des dates de publication
Le plus ancien brevet sur « drill bit » a été déposé en 1906 et publié le 1er janvier 1907 par M. Charles W. GUTTZEIT. Il s’agit d’un brevet concernant un trépan à molette spécialement conçu pour le forage des puits à couches rocheuses dures. Cette information annule le mythe entretenu par Baker Hughes sur la paternité du premier trépan à deux cônes. Nous pouvons dire que l’évolution des technologies des trépans a vu sa véritable genèse durant la fin des années 70. Cette évolution a été quasiment constante durant les années 80 et 90 et a pris un essor ces dix (10) dernières années. Ceci peut s’expliquer par l’augmentation des efforts de forages pétroliers, encouragée par la hausse du prix du pétrole et la forte demande sur le marché. 4. Résultats Nous notons que les compagnies constituant la short-liste « TOP 5 » des fabricants des trépans sont les concurrents directs de l’ENSP en Algérie : 1. SCHLUMBERGER (SMITH, LYNG & CAMCO) 2. BACKER HUGHES CHRISTENSEN 3. NOV (REED HYCALOG) 4. HALLIBURTON (DBS) 5. VAREL Cet ordre obtenu par le nombre de brevets détenus par chaque compagnie est confirmé par la part de marché de chaque compagnie, mais aussi par les performances obtenues durant les opérations de forage en Algérie. Cette short-liste peut servir pour l’ENSP, à réaliser des partenariats (ou joint-ventures) permettant un réel transfert technologique ou à travers une utilisation légale de leurs brevets encore valides. D’ailleurs, DBS (rachetée par HALLIBURTON), était le partenaire de l’ENSP. Elle peut aussi aider les compagnies pétrolières à constituer un portefeuille de fournisseurs fiables.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
670
Baaziz, A., Quoniam, L., Khoudi, A.
Concernant les résultats de notre travail sur le plan pratique, voici une performance significative réalisée au cours des opérations de forage de la phase 12˝¼ d’un puits d’huile (BRNP#1) en exploration dans le bassin de Hassi Berkine Est (Algérie). En mai 2014, l'outil PDC 12˝¼, conçu par l'équipe d'engineering de l’ENSP (Direction Fabrication) selon le modèle décrit à la figure n° 17 ci-dessus, a réalisé cette performance en forant 769 mètres en moins de 34 heures avec un taux de pénétration (ROP) approchant le seuil de 23 mètres par heure, pour culminer à 22,92 m/h. Il s'agit de la meilleure performance à ce jour pour ce type d’outils, dans la zone du Bassin de Berkine. Les paramètres d'usure de l'outil sont acceptables, compte tenu de la performance réalisée, ce qui a permis au client de réduire le temps non productif (NPT) et les coûts des opérations de forage.
Figure 22. Performances de l’outil PDC 12˝¼ (SPH639) de l’ENSP lors de ces quatre opérations (Source : ENSP, 2014)
A sa quatrième opération, cet outil s’est distingué par rapport à ses résultats précédents par : 1. Son taux de pénétration (ROP) exceptionnel : 22,92 m/h contre 16,8 m/h enregistrés lors de l’opération précédente ; 2. La baisse du coût de la prestation à 96,15 $/m contre 111,20 $/m, en faveur du client.
7. CONCLUSIONS Nous pouvons dire que cette étude a eu des retombées positives multiples pour l’ENSP et son Client SONATRACH et ce, suite à la performance réalisée par notre outil PDC, à savoir : - L’outil PDC utilisé, est à son troisième remodelage (réparation), ce qui représente une économie de 40% du prix d’un nouveau trépan ; - Les coûts économisés pour le client sont de l’ordre de 137000,00 US$ pour la phase 12˝¼ ; - Un gain en délais de plus de 3 jours de forage. Cette étude nous a permis d’explorer de nouvelles pistes d’innovation par la compréhension des systèmes, en utilisant des techniques du reverse engineering, JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
671
d’approfondir les connaissances par l’étude des informations contenues dans les bases brevets concernant un sujet donné et de proposer des améliorations conséquentes. Ceci a été rendu possible à travers le processus cognitif associé au processus technique de reverse engineering. Nous avons aussi constaté que rapprocher l'intelligence compétitive en général et le reverse engineering en particulier n’est pas une question de moyen mais d'état d'esprit. D'ailleurs nous pouvons envisager une analyse des coûts de ce genre d'études, ainsi que le retour sur investissement par rapport aux coûts d’exploitation, afin de démontrer que la R&D basée sur l'intelligence compétitive est «rentable».
REMERCIEMENTS Nous tenons à remercier M. Bruno Mannina, Ingénieur R&D à la Société Matheo Software, qui a eu l’amabilité de nous autoriser à utiliser la version complète de Matheo Patent durant deux semaines.
RESSOURCES WEB CONSULTÉES Baker Hughes, [Online] Available : http://www.bakerhughes.com/products-and-services/drilling/drill-bit-systems (August 22, 2014) David-3D, [Online] Available : http://www.david-3d.com (August 22, 2014) Halliburton DBS, [Online] Available : http://www.halliburton.com/enUS/ps/drill-bits/default.page (August 22, 2014) Lyng (Slb), [Online] Available : http://www.slb.com/services/drilling/drill_bits/lyng_pdc_bits.aspx (August 22, 2014) National Oilfield Varco (NOV), [Online] Available : http://www.nov.com/Drilling/Drill_Bits.aspx (August 22, 2014) Smith Intl. (Slb), [Online] Available : http://www.slb.com/services/drilling/drill_bits/pdc_bits.aspx (August 22, 2014) Varel, [Online] Available : http://www.varelintl.com (August 22, 2014) ENSP Group [Online] Available : http://www.enspgroup.com (August 22, 2014)
RÉFÉRENCES BAGCI, E. (2009), “Reverse engineering applications for recovery of broken or worn parts and re-manufacturing: Three case studies”, Advances in Engineering Software, 40(6), pp. 407–418. doi:10.1016/j.advengsoft.2008.07.003 BORYCZKO P. (2012), “Drill bit selection and optimization in exploration well 6507/6-4A in the Nordland Ridge Area”, Master Thesis in Petroleum Engineering / Drilling, University of Stavenger - Faculty of Science and Technology, 2012. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
672
Baaziz, A., Quoniam, L., Khoudi, A.
BRATLI R.K., HARELAND G., STENE F., DUNSÆD G. W. & GJELSTAD G. (1997), “Drilling Optimization Software Verified in the North Sea”, Paper SPE 39007 presented at SPE LACPEC Conference in Rio De Janeiro, Brazil, August 30 - Sept. 2, 1997. CHIVATE, P. N., & JABLOKOW, A. G. (1995), “Review of surface representations and fitting for reverse engineering”, Computer Integrated Manufacturing Systems, 8(3), pp. 193–204. DE TOLEDO, R., LEVY, B., & PAUL, J.-C. (2008), “Reverse engineering for industrial-plant cad models”, TMCE, Tools and Methods for Competitive Engineering, pp. 1021–1034. DURUPT A., REMY R., DUCELLIER G. & EYNARD B. (2008), “From a 3D point cloud to an engineering CAD model: A knowledge product based approach for reverse engineering”, Virtual and Physical Prototyping, 3, pp. 51–59. DURUPT A., REMY R. & DUCELLIER G. (2010a), “KBRE: A Knowledge Based Reverse Engineering for Mechanical Components”, Computer-Aided Design & Applications, 7(2), 2010, pp. 279–289, doi:10.3722/cadaps. DURUPT A., REMY R. & DUCELLIER G. (2010b), “Knowledge Based Reverse Engineering – An Approach for Reverse Engineering of a Mechanical Part”, Journal of Computing and Information Science in Engineering, 10(4), 044501, doi:10.1115/1.3482059 EGGERT David W., FITZGIBBON Andrew W., FISHER Robert B. (1998), “Simultaneous Registration of Multiple Range Views for Use in Reverse Engineering of CAD Models”, Computer Vision and Image Understanding, 69(3), 1998, pp. 253272. EGGERT David W., FITZGIBBON Andrew W., FISHER Robert B. (1996), “Simultaneous Registration of Multiple Range Views for Use in Reverse Engineering of CAD Models”, ICPR, 1996, pp. 243-247. FISHER, R. B. (2004), “Applying knowledge to reverse engineering problems”, Computer Aided Design, 36, 2004, pp. 501-510. FUDOS I. (2006), “CAD/CAM Methods for Reverse Engineering: A Case Study of Re-engineering Jewelry”, University of Ioannina, Computer-Aided Design & Applications, 3(6), pp 683–700. GAO, C. H., LANGBEIN, F. C., MARSHALL, A. D., & MARTIN, R. R. (2003), “Approximate congruence detection of model features for reverse engineering”, In Shape Modeling International, 2003, pp. 69–77, IEEE. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1199603 (August 22, 2014) JIN, Zhouying (2005), “Global Technological Change: From Hard Technology to Soft Technology”, Intellect (UK), January 2005 – ISBN 1841501247 LANGBEIN, F. C., MARSHALL, A. D., & MARTIN, R. R. (2002), “Numerical methods for beautification of reverse engineered geometric models”, In Geometric Modeling and Processing, 2002, pp. 159–168, IEEE. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1027507 (August 22, 2014) LANGBEIN F. C. (2003), “Beautification of Reverse Engineered Geometric Models”, PhD Thesis, Cardiff University - Department of Computer Science, June 2003 JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
673
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
LANGBEIN, F. C., MARSHALL, A. D., & MARTIN, R. R. (2004), “Choosing consistent constraints for beautification of reverse engineered geometric models”, Computer-Aided Design, 36(3), pp. 261–278. MENAND S. (2010), « 2000-2010 : Principales évolutions et avancées technologiques en forage », Pétrole & Gaz Informations, MINES ParisTech, 1806 (2010), pp. 38–41. MOTAVALLI, S. (1998), “Review of reverse engineering approaches”, Computers & Industrial Engineering, 35(1), pp. 25–28. NPD-BOK, “A Methodology for Reverse Engineering”, NEW PRODUCT DEVELOPMENT - BODY OF KNOWLEDGE, [Online] Available: http://www.npdsolutions.com/bok.html (October 18, 2013) VARUDY T., MARTIN R. R. & COX J. (1997), “Special issue: reverse engineering of geometric models”, Computer-Aided Design, 29(4), pp. 253–254. VARUDY T., MARTIN R. R. & COX J. (1997), “Reverse engineering of geometric models. An introduction”. Computer-Aided Design, 29(4), pp. 255–268. PETITJEAN S. (2002), “A survey of methods for recovering quadrics in triangle meshes”, ACM Comput. Surv., 34(2), pp. 211–262. QUONIAM L. (2013), « Brevets comme outil d’innovation, de créativité et de transfert technologique dans les pays en voie de développement », Journée Scientifiques et Techniques de Sonatrach (JST’9), Centre des Conventions d’Oran, Algérie, 08 avril 2013 THOMPSON, W. B., OWEN, J. C., DE ST GERMAIN, H. J., STARK Jr, S. R., & HENDERSON, T. C. (1999), “Feature-based reverse engineering of mechanical parts”, Robotics and Automation, IEEE Transactions on, 15(1), pp. 57–66. WINKELBACH, S., MOLKENSTRUCK, S., & WAHL, F. M. (2006), “Low-cost laser range scanner and fast surface registration approach”, In Pattern Recognition, pp. 718–728, Springer, Retrieved from http://link.springer.com/chapter/10.1007/11861898_72 Wikipedia, “Reverse engineering”. [Online] http://en.wikipedia.org/wiki/Reverse_engineering (October 18, 2013) WIPO GOLD (2013), Ressource de l’OMPI, http://www.wipo.int/wipogold/fr/ (August 22, 2014)
Available:
[Online]
Available
:
ZHANG, Y. (2003), “Research into the engineering application of reverse engineering technology”, Journal of Materials Processing Technology, 139(1-3), pp. 472–475, doi:10.1016/S0924-0136(03)00513-2
ANNEXE 1: MATRICES Déposants
US
GB
CN
RU
DE
NL
CA
VG
SE
FR
(SLB) SMITH INTERNATIO...
1331
0
6
0
0
0
0
0
0
0
(BHI) BAKER HUGHES (US)
1084
0
0
0
35
0
0
0
0
1
2
293
0
0
0
0
0
0
0
0
269
1
0
0
0
0
0
0
0
0
(SLB) CAMCO LTD (GB) (GE) GENERAL ELECTRIC ...
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
674
Baaziz, A., Quoniam, L., Khoudi, A.
(NOV) REED HYCALOG (US)
254
1
0
0
0
0
0
(HAL) HALLIBURTON DBS ... (SLB) SCHLUMBERGER (US)
210
7
0
0
0
0
130
22
0
0
0
0
SHELL (NL)
2
1
0
0
0
CHINA UNIVERSITIES & I...
0
0
126
0
108
0
0
PRAD RES & DEV LTD (VG)
33
19
VAREL INTERNATIONAL (US)
67
(BHI) CHRISTENSEN (US)
NL PETROLEUM PROD (GB) HALL DAVID R (US) SANTRADE LTD (CH)
0
0
0
0
0
0
2
3
33
0
6
158
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
3
37
0
5
0
0
0
0
0
0
0
0
0
0
65
0
0
0
0
0
0
0
0
60
0
0
0
0
0
0
0
0
0
0
0
0
0
0 0 0 0 0 0 Matrice 1. Déposants / Pays, obtenue par scoring (Poids sur l’axe pays x= 6570 à 116 et sur l’axe déposants y=1337 à 55)
Déposants
E21B
B22F
B23P
C22C
B23B
F16C
B23K
F16J
G06F
C23C
(SLB) SMITH INTERNATIO...
1331
52
32
39
24
13
21
15
69
36
(BHI) BAKER HUGHES (US)
1084
58
21
33
5
24
9
6
3
16
(SLB) CAMCO LTD (GB)
293
26
6
11
21
11
10
0
0
2
(GE) GENERAL ELECTRIC ...
269
6
3
1
7
4
7
13
1
0
(NOV) REED HYCALOG (US)
254
8
17
9
2
18
12
10
1
1
(HAL) HALLIBURTON DBS ...
210
5
3
1
1
4
0
9
6
0
SHELL (NL)
158
0
0
0
0
0
0
0
0
0
(SLB) SCHLUMBERGER (US)
130
2
0
0
3
2
0
0
2
0
CHINA UNIVERSITIES & I...
126
10
1
7
1
0
0
0
0
2
(BHI) CHRISTENSEN (US)
108
13
1
0
3
0
0
0
0
0
VAREL INTERNATIONAL (US)
67
3
4
0
2
3
0
4
0
0
NL PETROLEUM PROD (GB)
65
16
1
3
0
0
2
0
0
0
HALL DAVID R (US)
60
0
0
0
1
0
0
0
0
0
SANTRADE LTD (CH)
55
0
5
0
0
0
0
7
0
0
ATLAS COPCO AB (SE)
51
8
0
0
0
0
0
0
0
0
NL INDUSTRIES INC (US)
47
8
20
0
0
0
1
0
0
0
SKF (SE)
47
8
0
0
0
14
0
5
0
8
US SYNTHETIC CORP (US)
46
1
0
1
2
0
0
0
0
1
RUSSIA INSTITUTES (RU)
42
1
0
0
0
0
0
0
0
0
(WFT) WEATHERFORD (US)
41
0
0
0
0
0
0
0
0
0
Matrice 2. Déposants / IPC-4D, obtenue par scoring (Poids sur l’axe IPC-4D x= 9375 à 92 et sur l’axe déposants y=1755 à 48) E21B
E21B
E21B
E21B
E21B
E21B
E21B
E21B
E21B
E21B
10/56
10/46
10/42
10/00
10/60
10/16
10/567
10/22
10/08
10/43
Déposants (SLB) SMITH INTERNATIO...
179
186
141
158
80
327
147
140
199
116
(BHI) BAKER HUGHES (US)
176
160
182
108
99
86
156
80
74
134
(SLB) CAMCO LTD (GB)
139
28
66
36
69
8
97
24
4
54
(GE) GENERAL ELECTRIC ...
50
7
24
3
19
21
38
70
24
24
(NOV) REED HYCALOG (US)
59
13
30
8
29
25
52
50
5
23
(HAL) HALLIBURTON DBS ...
1
8
17
55
16
51
0
42
37
11
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
675
Identifying operational requirements to select suitable decision models for a public sector e-procurement decision support system
SHELL (NL)
21
4
22
3
26
25
15
1
9
11
3
0
20
18
20
3
2
4
0
13
(BHI) CHRISTENSEN (US)
71
55
14
11
43
0
69
0
1
14
NORVIC SA (CH)
19
0
0
0
0
18
0
19
18
0
CHINA UNIVERSITIES & I...
2
40
0
9
24
7
0
1
10
6
NL PETROLEUM PROD (GB)
55
16
5
3
28
0
50
0
0
5
NL INDUSTRIES INC (us)
47
5
11
0
13
0
24
0
0
11
(WFT) WEATHERFORD (US)
1
1
3
2
5
0
0
0
0
4
VAREL INTERNATIONAL (US)
5
5
7
5
0
1
2
11
11
12
14
0
0
0
8
12
0
22
4
0
ATLAS COPCO AB (SE)
9
3
1
2
11
7
1
0
0
1
BP-AMOCO (US)
1
10
19
9
2
0
0
0
0
19
12
0
5
12
5
0
11
0
0
5
40
0
0
(SLB) SCHLUMBERGER (US)
SANTRADE LTD (CH)
(HAL) BAROID (US) SKF (SE)
0 0 0 0 0 2 0 Matrice 3. Déposants / IPC-FD, obtenue par scoring (Poids sur l’axe IPC-FD x= 1182 à 773 et sur l’axe déposants y=3838 à 160) 2 0
2 0
2 0
2 0
2 0
2 0
2 0
2 0
1 9
1 9
1 9
1 9
1 9
1 9
1 3
1 2
06
0 5
0 4
0 3
0 2
0 1
0 0
9 9
9 8
9 7
9 6
9 5
9 4
(SLB) SMITH INTERNATIO...
3 8
13 6
11 6
9 3
8 8
9 5
8 9
8 1
2 8
4 1
3 0
1 4
2 2
1 5
4
(BHI) BAKER HUGHES (US)
55
24
29
1 8
1 9
6 1
3 9
3 7
2 5
2 2
1 7
1 6
1 9
1 3
1 7
0
0
0
4
2
6
4
2 7
1 6
4 8
2 7
3 8
2 4
2 7
1 9
1 9
0
0
0
3
1
0
0
1
4
1 3
1 8
2 3
2 5
3 9
1 9
1 5
5
6
0
1
4
5
1
4
0
0
0
0
0
0
2
0
0
3
28
18
1 3
24
15
14
9
1 1
8
8
4
1 1
1
1
0
0
0
0
3
6
5
7
9
13
12
1 0
1 5
1 5
1 0
5
4
3
0
0
0
0
1
1 2
1 6
17
23
2 3
6
5
6
7
0
0
1 0
5
0
0
0
0
0
0
0
CHINA UNIVERSITIES & I...
9
1 8
9
12
1 1
10
5
7
2
3
2
4
6
3
4
3
1
2
3
3
(BHI) CHRISTENSEN (US)
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
20
20
11
10
4 8
76
5 0
6 7
(SLB) CAMCO LTD (GB)
0
(GE) GENERAL ELECTRIC ...
2 0
20
20
20
0 9
08
07
10 0
6 4
10 2
14 2
20 1
8 8
0
0
0
0
0
0
(NOV) REED HYCALOG (US)
2
7
1
(HAL) HALLIBURTON DBS ...
1 7
2 8
SHELL (NL)
1
(SLB) SCHLUMBERGER (US)
1 1 3 7 3 0 3 0 1 2 8 3 2 0 0 5 Matrice 4a. Déposants / Année de Publication, obtenue par scoring (Poids sur l’axe Année x= 2013 à 1994 et sur l’axe déposants y=1331 à 67)
VAREL INTERNATIONAL (US)
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
676
Baaziz, A., Quoniam, L., Khoudi, A.
ANNEXE 2 : GLOSSAIRE CAD (CAO)
Computer-Aided Design / Conception Assistée par Ordinateur
CAM (FAO)
Computer-Aided Manufacturing / Fabrication Assistée par Ordinateur
CMM (MMT)
Coordinate Measuring Machine / Machine à Mesurer Tridimensionnelle
FEA (MEF)
Finite Element Analysis / Méthode des Eléments Finis
FWR
Final Well Report / Rapport Final de Sondage
IPC (CIB)
International Patent Classification / Classification Internationale des Brevets
IPC-4D
Classification IP à 4 lettres
IPC-FD
Classification IP complète
LWD
Logging While Drilling
MWD
Measurement While Drilling
NPT
Non Productive Time / Temps non productif
ROP
Rate Of Penetration / Taux d’avancement ou de pénétration dans le sol.
RPM
Revolution Per Minute / Tours par minute (vitesse de rotation)
TRQ
Torque / Couple de torsion appliqué au train de tiges du forage
WOB
Weight On Bit / Poids sur l’outil
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 645-676
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300009
STANDARDIZATION INITIATIVES IN THE PRODUCTION OF VIRTUAL LEARNING OBJECTS INICIATIVAS DE ESTANDARIZACIÓN EN LA PRODUCCIÓN DE OBJETOS VIRTUALES DE APRENDIZAJE Jhon Francined Herrera Cubides Nancy Yaneth Gelvez García Juan Manuel Sánchez Céspedes Universidad Distrital Francisco José de Caldas Bogotá, Colombia. ___________________________________________________________________________________________
ABSTRACT Contemporary training processes have been identified in TIC and virtualization, key strategies to strengthen training. This process is mediated through the production of digital content for learning purposes, which is a development that requires standards to take advantage factors such as reusability, scalability, and accessibility, among others. This article presents a review of the main specifications and standards that circumscribe the technological production of learning objects, such as the discussion about the selection and use of the standardization strategy defined as one of the results proposed in the research process. Review within which it is identified that, according to key features of the virtual object learning, and taking into account aspects such as communication interface, metadata and packaging, different standardization strategies are identified such as LOM, DCMI, SCORM; also, IMS is analyzed. To this purpose, we will study the classification and taxonomy of learning objects; there will be a general characterization of the major initiatives to standardize the technological production of learning objects and an analyzis of their contributions. Keywords: Learning objects, standards for learning objects, e-learning, Production of Learning Objects.
___________________________________________________________________________________________ Manuscript first received/Recebido em: 05/11/2013 Manuscript accepted/Aprovado em: 17/09/2014 Address for correspondence / Endereço para correspondência
Jhon Francined Herrera Cubides, Docente de Planta de Ingeniería de Sistemas, Facultad de Ingeniería, Universidad Distrital Francisco José de Caldas, Bogotá, Colombia. Ingeniero de Sistemas. Magister en Ingeniería de Sistemas y Computación, Universidad de los Andes (Bogotá, Colombia) Carrera 7 No. 40B - 53 Facultad de Ingeniería, Ingeniería de Sistemas. Bogotá D.C - República de Colombia E-mail: jfherrerac@udistrital.edu.co Nancy Yaneth Gelvez García, Docente de Planta de Ingeniería de Sistemas, Facultad de Ingeniería, Universidad Distrital Francisco José de Caldas, Bogotá, Colombia. Ingeniera de Sistemas. Magister en Ciencias de la Información y las Comunicaciones, Universidad Distrital Francisco José de Caldas (Bogotá, Colombia) E-mail: nygelvezg@udistrital.edu.co Juan Manuel Sánchez Céspedes, Docente de Planta de Ingeniería de Sistemas, Facultad de Ingeniería, Universidad Distrital Francisco José de Caldas, Bogotá, Colombia. Ingeniero Electrónico. Especialista en Teleinformática, Universidad Distrital Francisco José de Caldas (Bogotá, Colombia) E-mail: jmsanchezc@udistrital.edu.co Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
678
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
RESUMEN Los procesos de formación contemporáneos han identificado en las TIC y en la virtualización, estrategias claves para fortalecer la formación. Este proceso se ve mediado por la producción de contenidos digitales orientados al aprendizaje. Desarrollo que requiere de unos estándares que permitan aprovechar factores como reusabilidad, escalabilidad y accesibilidad, entre otros. Este artículo presenta una exploración de las principales especificaciones y estándares que circunscriben la producción tecnológica de objetos de aprendizaje, como la discusión acerca de la selección y el uso de la estrategia de estandarización definida, como uno de los resultados propuestos en el proceso de investigación. Revisión dentro de la cual se identifica que, acorde a las características claves del Objeto de Aprendizaje, y teniendo en cuenta aspectos como la interfaz de comunicaciones, los metadatos y el empaquetamiento, se identifican diferentes estrategias de estandarización, tales como LOM, DCMI, SCORM e IMS. Para tales efectos se estudiará la clasificación y la taxonomía de los Objetos de aprendizaje, se hará una caracterización general de las principales iniciativas que buscan estandarizar la producción tecnológica de los objetos de aprendizaje, se analizarán sus respectivos aportes, el trabajo a seguir y las conclusiones. Palabras Claves: Objetos de Aprendizaje, estándares de objetos de aprendizaje, Elearning, Celda de Producción.
1.
INTRODUCCIÓN
La constante y creciente evolución de las áreas tecnológicas como el hardware, el software, las comunicaciones, Internet, las tecnologías de la información y las comunicaciones, etc., se han abierto nuevos escenarios de interacción y desarrollo, que convergen en múltiples actividades del ser humano. Tal es el caso del campo educación, donde todas estas herramientas han ido incursionando, para ofrecer estrategias y escenarios alternativos de formación, de desarrollo, consolidación y distribución del conocimiento, haciéndolo más accesible a toda la población. Para tal fin se han venido diseñando, creando y poniendo en producción, diferentes materiales educativos digitales, que ahora se encuentran ubicados en repositorios privados o públicos, o simplemente, dispersos en Internet. Pero cada una de estas unidades de conocimiento – objetos de aprendizaje, requiere de la apropiación, comprensión y uso de estándares o especificaciones, tanto en su componente pedagógico como tecnológico, que le permitan su portabilidad, reusabilidad, etc., entre otras características básicas de los objetos de aprendizaje. Como lo plantea Cisco (2010), la tecnología ha realizado dos aportes principales al sistema educativo: ha revolucionado la administración y la distribución de la información, y ha repercutido en cierta medida en la enseñanza y el aprendizaje. No obstante, gracias al acceso global a Internet de alta velocidad y la mayor disponibilidad de computadoras, se cristalizarán, finalmente, algunos de los resultados prometidos por la tecnología educativa, proceso de transición que se muestra en la siguiente figura:
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
679
Figura 1: Maduración tecnológica en la educación. Fuente: Cisco, 2010 En la actualidad, la tecnología ha permitido responder a los procesos de formación con nuevas formas de aprendizaje que los sistemas educativos tradicionales no ofrecen: a. Nuevas formas de organizar el aprendizaje: la tecnología está cambiando el dónde y el cuándo tiene lugar el aprendizaje, y también el cómo se apoya y financia. b. Nueva pedagogía: al sacar el aprendizaje de los contextos tradicionales del aula y la escuela, los nuevos modelos que utilizan la tecnología toman como ejes principales la participación y la negociación, reemplazando la dirección y la instrucción. c. Nuevas relaciones: la conectividad favorece nuevas relaciones estudiante-mentor más allá del aula o los muros de la escuela. La educación dejó de ser una responsabilidad exclusiva de docentes y padres, para involucrar también a los estudiantes y una red distribuida de apoyo más amplia. d. Evaluaciones más completas: las nuevas formas de evaluación, por ejemplo el desarrollo de portafolios electrónicos, simulaciones y evaluaciones formativas con una comunicación inmediata de los resultados, pueden contribuir a comprender mejor el desarrollo, los conocimientos y la dirección futura de cada estudiante. e. Datos en todos los niveles: los avances tecnológicos permiten medir con cuidado los progresos de los estudiantes y analizarlos para que los docentes, los padres, los directivos y los propios estudiantes puedan tomar decisiones fundadas. El aprendizaje puede personalizarse y la financiación puede centrarse en las innovaciones que ejercen el máximo impacto. Estas nuevas formas de aprendizaje han permitido que las tecnologías de la información y las comunicaciones tengan un mayor uso en el proceso de enseñanza aprendizaje, aportando ventajas como (Cabero, 2007): a. Ampliación de la oferta informativa b. Creación de entornos más flexibles para el aprendizaje c. Eliminación de las barreras espacio temporales entre el profesor y los estudiantes d. Incremento de las modalidades comunicativas JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
680
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
e. Potenciación de los escenarios y entornos interactivos f. Favorecer tanto el aprendizaje independiente y el auto aprendizaje como el colaborativo y el grupo. g. Romper los clásicos escenarios formativos, limitados a las instituciones escolares. h. Ofrecer nuevas posibilidades para la orientación y la tutorización de los estudiantes i. Facilitar la formación permanente. En términos generales, la inserción de las TIC en los ambientes escolares, genera nuevas perspectivas y una serie de variables y dimensiones del acto educativo, en concreto permite la flexibilización en diferentes niveles, tales como: a. Temporal y espacial, para la interacción y recepción de la información. Por lo tanto deslocalización del conocimiento, b. Para el uso de diferentes herramientas de comunicación. c. Para la interacción con distintos tipos de código y sistemas simbólicos. d. Para la elección del itinerario formativo. e. De estrategias y técnicas para la formación. f. Para la convergencia tecnológica. g. Para el acceso a la información, y a diferentes fuentes de la misma. h. Flexibilización en cuanto a los roles del profesor y su figura. Con ello se evidencia que la introducción y el crecimiento potencial de las TIC en los ambientes educativos, y la generación de contenidos educativos digitales, han venido experimentando un aumento en su demanda, tanto en los procesos de formación presenciales con apoyo virtual, como en los procesos de formación con metodología netamente virtual. Dado este contexto, la Universidad Distrital Francisco José de Caldas ha buscado incursionar en la metodología virtual, por lo cual se ha presentado un proyecto de investigación con el que se busca generar una celda de producción tecnológica de contenidos digitales educativos, como estrategia de apoyo a este proceso de inmersión en los medios virtuales. Para ello, y como problema de investigación, se han analizado diferentes variables intervinientes en el proceso de diseño de una celda de producción tecnológica de contenidos digitales educativos, apoyados en las TIC, dentro de las cuales se identifica la necesidad de atender a las estrategias de estandarización en el proceso de diseño y construcción de dichos contenidos digitales educativos, que aseguren aspectos en dichos contenidos, tales como la durabilidad, la interoperabilidad, la accesibilidad, la reusabilidad y la adaptabilidad, entre otras; además de tener aspectos en cuenta como la interfaz de las comunicaciones, los metadatos y el empaquetamiento, que ofrezcan las estrategias de estandarización identificadas y usadas durante el proceso de producción tecnológica de estos contenidos digitales. Por lo anteriormente expuesto, este artículo se centra en desarrollar una exploración acerca de la conceptualización de los objetos de aprendizaje, sus características y los principales estándares o especificaciones que intervienen en la conceptualización, en la especificación, en el diseño y en la implementación de cada una de sus capas. Para ello se parte de una revisión de los antecedentes. Luego, en la JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
681
sección 3, revisamos el tema de educación virtual. En las secciones 4, 5 y 6 presentamos respectivamente los objetos de aprendizaje, sus atributos, su clasificación y su taxonomía. Posteriormente, en las secciones 7, 8 y 9, respectivamente presentamos las iniciativas de estandarización, la clasificación de los estándares, y un barrido general acerca de LOM, DCMI, SCORM e IMS, con lo cual se busca establecer criterios de discusión para la selección del estándar adecuado para implementar en el diseño y desarrollo de contenidos educativos digitales. Finalmente, en las secciones 10 y 11, presentamos los trabajos futuros y las conclusiones del proyecto de investigación en su estado actual. 2.
ANTECEDENTES
El proceso de inmersión de las Instituciones de Educación Superior – IES, en la oferta de estrategias innovadores de formación, como lo son la vinculación de las Tecnologías de la Información y la Comunicación – TIC, a la formación y la incursión en los programas virtuales, se circunscribe en diferentes referentes o requerimientos a los cuales se ven avocadas las instituciones de educación, dado (CNA, s.f.) su clase (pública o privada), naturaleza y objetivos (Instituciones Técnicas Profesionales, Instituciones Tecnológicas, Instituciones Universitarias y Universidades), niveles de formación (técnico, tecnológico, profesional), tipos de programas que oferta (pregrado, especialización, maestría, doctorado), reglamentación a la cual está sujeta, contexto misional de la institución, dimensionamiento de la infraestructura y recursos que posee, área o zona geográfica de influencia, metas de crecimiento y expansión, entre otros factores. Para el caso de las instituciones públicas en Colombia, como por ejemplo la Universidad Distrital Francisco José de Caldas, en su dinámica de crecimiento interactúan instancias pertinentes del Gobierno Nacional o Distrital, las cuales definen un conjunto de políticas, de metas, de estrategias, etc., que deben abordar y cumplir dichas instituciones. Como ejemplo de lo anterior se identifican algunos referentes de dichas políticas o estrategias, tales como:
El Plan Sectorial 2010-2014 y la Política Cierre de Brechas de Acceso y Permanencia, en su marco definen el reto de aumentar la tasa de cobertura bruta en la educación superior, pasando del 42.4% en el 2012, al 50% en 2014, lo cual deja entrever que para el logro de esta meta, se deben generar 361.542 nuevos cupos (MEN, 2013). Como lo plantea el Ministerio Nacional de Educación de Colombia (MEN, 2010), los niveles de formación han venido experimentando crecimientos variables en el periodo 2002 – 2009. Por ejemplo, en el caso de las maestrías y doctorados, en este periodo muestran un incremento anual del 17.5%, durante estos años. En este contexto, plantea diferentes estrategias de ampliación de cobertura en educación superior, dentro de las cuales se describen: -
El Instituto Colombiano de Crédito Educativo y Estudios Técnicos en el Exterior – ICETEX, y el Crédito Educativo Desconcentración y flexibilización de la oferta: creación de Centros Regionales de Educación Superior, expansión de la formación técnica y
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
682
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
tecnológica, educación virtual e-learning, apoyo y atención a poblaciones especiales. Financiación de la infraestructura. Fomento a la permanencia y la graduación, entre otros.
Dentro de los fundamentos del Plan Decenal de Educación 2006 - 2016, también se identifican políticas (VirtualEduca, 2013) y apoyo del Gobierno Nacional al desarrollo de soluciones e-learning sostenibles, validadas y certificadas internacionalmente, así como para adelantar procesos de capacitación del personal docente en el uso de plataformas, de herramientas interactivas, de la producción de material didáctico digital y del acompañamiento tutorial a los estudiantes virtuales; para ello ha establecido diferentes políticas de integración de TIC, acceso a las tecnologías y producción de contenidos digitales, como se muestra en la siguiente figura:
Figura No. 2 Políticas de Integración de TIC en los Sistemas Educativos. Fuente MEN 2012
Teniendo en cuenta los anteriores antecedentes, definidos en Planes, Políticas y Estrategias Nacionales, la Universidad Distrital Francisco José de Caldas, como Universidad Pública, se ve avocada a dar cumplimiento a dichos requerimientos de calidad, ampliación de cobertura, servicio social, etc. Razones por las cuales decide incursionar en la metodología de formación virtual, para lo cual abre espacios de investigación que ayuden a soportar el diseño, el desarrollo y la implementación de dicha estrategia en sus programas de formación. Dado este contexto, surge el proyecto de investigación “Diseño de una Celda de Producción Tecnológica de Contenidos Digitales Educativos”, el cual en su desarrollo identifica la necesidad de analizar y discutir acerca de la adopción y uso de un estándar para el diseño y la construcción de contenidos digitales educativos. Con el fin de llevar a cabo este propósito, a continuación se presenta la siguiente revisión documental, con el fin de brindar argumentos para el proceso de discusión y decisión al respecto, partiendo desde las conceptualizaciones base, hasta llegar a la contextualización de las iniciativas de estandarización potenciales.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
3.
683
EDUCACION VIRTUAL
La educación virtual ha venido evolucionando gracias a la dinámica de múltiples factores, donde muchos de ellos han interactuado para formar recursos, para estimular las tendencias o para motivar los procesos innovadores. Entre algunos ejemplos de evolución de las tecnologías de la información y las comunicaciones, se identifican algunos como por ejemplo:
Evolución en los dispositivos, iniciando con equipos de dimensiones exageradas y de proceso limitado, como el Z1 o el Electronic Numerical Integrator And Computer (ENIAC), hasta llegar a los laptop, las tabletas, los SmartPhone, etc., que son dispositivos de gran poder y almacenamiento, y de reducido tamaño.
Evolución de las telecomunicaciones, iniciando con procesos rudimentarios como las señales de humo, las palomas mensajeras, el cartero a caballo, pasando por el telégrafo, el teléfono, la radio, etc., hasta llegar a las redes inalámbricas, la telefonía celular (4G), Internet, las redes de próxima generación (NGN) (UIT, 2007), la integración de servicios, entre otras innovaciones y desarrollos, que han ampliado la cobertura, el almacenamiento, la calidad del servicio, etc. Desarrollos que han permeado más allá de las fronteras nacionales, articulando una sociedad interconectada transnacional (UIT, 2013), con acceso a múltiples bienes y servicios, muchos de los cuales ahora no se importan y se almacenan, sino que en su lugar, se mantienen en la nube.
Evolución de la web, pasando por la Web 1.0 con medios tradicionales como la radio, la televisión, el correo electrónico, páginas web estáticas, el usuario desarrollaba procesos largos y tediosos de lectura, etc.; la Web 2.0, con autogeneración de contenido, consumo activo, webs dinámicas, aplicaciones de servicios a los usuarios, los usuarios pueden interactuar con otros usuarios, etc.; la Web 3.0, donde se recolecta información en tiempo real, los usuarios tienen perfiles basados en historiales de búsqueda, realidad virtual, web inteligente, etc.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
684
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
Figura No. 3 Evolución de Internet. Universidad de Valencia, s.f. Como se plantea en (Delta, s.f.), el desarrollo de la Web 3.0 y sus tecnologías llevarán hacia la Web 4.0, la Web Ubicua, donde el objetivo primordial será el de unir las inteligencias donde tanto las personas como las cosas se comuniquen entre sí para generar la toma de decisiones. Para el 2020 se espera que haya agentes en la Web que conozcan, aprendan y razonen como lo hacemos las personas.
Figura No. 4 Evolución de la Web. Fuente: (Spivack, s.f.) Por otro lado, se ha venido observando el creciente interés de las Instituciones de Educación en vincular el uso de las TIC a los procesos de formación. Estos avances se pueden observar en las estadísticas presentadas por el Ministerio de Educación Nacional de Colombia, sobre indicadores TIC para educación en Colombia (MEN, 2007b): JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
685
Tabla No. 1 Indicadores y Metas de Incorporación de las TIC en los Procesos Educativos. Fuente: (MEN, 2007b) Algunos de estos casos se originan por necesidades o motivaciones propias; por procesos de renovación pedagógica, enriquecimiento de los ambientes de aprendizaje y modernización de las estrategias de aprendizaje (ColombiaAprende, s.f.); otros por regulaciones nacionales, otros más por articularse con procesos, instituciones o regulaciones internacionales. A continuación se presenta una tabla del estado de desarrollo de la educación a distancia y utilización de los entornos virtuales en la educación superior en Colombia en el año 2006, lo cual permite evidenciar algunos de los esfuerzos que han realizado las instituciones de formación en cuanto a la vinculación de las TIC: Desarrollo de educación superior con metodologías virtuales en Colombia Nivel de educación
Pregrado
Universidad o Institución
Comentarios
Centro de Investigación y Planeación Administrativa (CEIPA)
Institución presencial con oferta de programas en administración de empresas en convenio con la UOC
Universidad Autónoma de Manizales (UAM)
Hace parte de la Red Mutis, ofrece tecnología en administración de negocios
Universidad Católica del Norte
Constituye la primera IES creada en Colombia como virtual n 1997. Ofrece 8 programas de pregrado 100% virtuales
Universidad de Antioquia
Múltiples campus virtuales. Oferta ingeniería de sistemas
Universidad de Caldas
Integrante de la Red Mutis y ofrece pregrado en artes plásticas
Universidad Militar Nueva Granada
Cuatro programas virtuales con apoyo en contenidos multimedia
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
686
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
Nivel de educación
Universidad o Institución Corporación Universitaria Autónoma de Occidente – Cali
Postgrado
Comentarios (cont.) Integrante de la Red especialización en finanzas
Mutis.
Oferta
Universidad Nacional
Es una universidad presencial que ha desarrollado el programa de Universidad Virtual y oferta dos especialidades
Cursos con apoyo a presencialidad
Universidad Nacional, Universidad de Antioquia, Industrial de Santander, Universidad Manuela Beltrán, Universidad Antonio Nariño, Corporación Universitaria Autónoma de Occidente – Cali
Reemplaza parte de cursos presenciales, apoyan la presencialidad o la disminuyen
Educación continua
EAFIT, Universidad Católica del Norte, Sergio Arboleda, Universidad Javeriana, Universidad de Antioquia, Corporación Universitaria Autónoma de Occidente Cali
Nivel donde se comenzaron a utilizar los entornos virtuales. Existe oferta de cursos, diplomados, cursos de actualización y capacitación a egresados, sector empresarial y profesionales
CEIPA en convenio con la UOC
Unión que surgió en el año 2000 para crear el campus virtual y ofertar educación continuada, cursos de postgrado, de actualización y especializaciones. Modelo pedagógico apoyado en las TIC, material didáctico básico y complementario, uso de multimedia
Convenios con el TEC
Nace en el país la Red Mutis cuyo objetivo central es ofrecer programas de pre y postgrado en forma conjunta haciendo uso de la metodología del TEC apoyada en sistemas satelitales, Internet y videoconferencias
Universidad Pedagógica, Universidad de los Andes, Industrial de Santander, Universidad Nacional, EAFIT, entre otras
Grupos de investigación escalafonados por Colciencias: Informática educativa de la Universidad del Norte: Mejoramiento de la docencia con el apoyo de las TIC. Didácticas y nuevas tecnologías de la Universidad de Antioquia: Construcción de didácticas especiales con incorporación de las TIC en el proceso de enseñanzaaprendizaje
Convenios con universidades internacionales
Investigación en TIC en la educación superior
Tabla No. 2 Entornos Virtuales en Educación Superior. Fuente: (Calle & Molina, s.f.) Sea cual fuere la situación que originó el proceso, el e-learning ha generado una serie de ventajas dentro de las que se cuentan el cambio espacio temporal, el conectivismo, el uso de múltiples formas y lenguajes, la gestión de contenidos, el JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
687
acceso a la información y a los recursos, la implementación de nuevas estrategias, los ambientes virtuales de aprendizaje y los LMS o sistemas administradores de aprendizaje (Miranda, 2004), el uso de artefactos innovadores, etc. Ahora bien, el desarrollo del e-learning requiere del diseño y construcción de contenidos digitales educativos que procuren la implementación de su estrategia, razón por la cual, a continuación se presenta un análisis acerca del concepto de contenido digital educativo, en especial de los objetos de aprendizaje, como uno de los niveles de dichos contenidos, que integra diferentes elementos con el fin de llevar a cabo su finalidad formativa. 4.
OBJETOS DE APRENDIZAJE
Como se mencionó anteriormente, el e-learning ha permitido gestar el diseño, la implementación y el uso de artefactos que se configuran como recursos de aprendizaje, denominados Objetos de Aprendizaje. Como lo plantea (UniVirtual, 2009), la diversidad de definiciones que un lector podría encontrar acerca de los objetos de aprendizaje, es bastante amplia. Algunas de ellas hacen solamente énfasis en su naturaleza escalable, en su composición, en su estructura y en su posibilidad de ensamblaje, por ejemplo, un objeto de aprendizaje:
“Debe tener un objetivo de aprendizaje, una unidad de instrucción que enseñe el objetivo y una unidad de evaluación que mida el objetivo” (L’Allier, 1998). Es “una colección de objetos de información ensamblada, usando metadatos para corresponder a las necesidades y a la personalidad de un aprendiz en particular. Múltiples Objetos de Aprendizaje pueden ser agrupados en conjuntos más grandes y anidados entre sí para formar una infinita variedad y tamaños” (Hodgins, 2000). “Conjuntos de objetos de información seleccionados y ensamblados alrededor de un objetivo” (Duval & Hodgins, 2003). Es “una unidad mínima de aprendizaje con sentido pedagógico” (Morales, García, Moreira, Rego, & Berlanga, 2005).
Otras definiciones, además de tocar estos tópicos, hacen énfasis en su naturaleza reutilizable, por ejemplo:
“Trozos pequeños y reusables de medios instruccionales…cualquier recurso digital que puede ser reutilizado para apoyar el aprendizaje.” (Wiley, 2000). “Una pequeña colección de contenido reutilizable usada para presentar y apoyar un objetivo de aprendizaje particular” (Jacobsen, 2002). Se define como una “entidad, digital o no digital que puede ser utilizada, reutilizada o referenciada durante el aprendizaje apoyado en la tecnología” (IEEE, 2002).
Aunque (OIT/Cinterfor, 2013), plantea que formalmente no hay una única definición del concepto de Objeto de Aprendizaje – OA, y las definiciones son muy amplias, plantea algunas definiciones según su intencionalidad pedagógica, como las siguientes: JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
688
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
Para ser significativo y promover el aprendizaje, el OA debe tener una intención pedagógica. De lo contrario, no será un OA sino simplemente un recurso informativo, digital o no, utilizado en el marco de los procesos de aprendizaje presenciales o a distancia (Flamand y Gervais, 2004). “Un OA es una estructura (distribución, organización) autónoma que contiene un objetivo general, objetivos específicos, una actividad de aprendizaje, un metadato (estructura de información externa) y por ende, mecanismos de evaluación y ponderación, el cual puede ser desarrollado con elementos multimedia con el fin de posibilitar su reutilización, su interoperabilidad, su accesibilidad y su duración en el tiempo...” (Cano Zárate, 2007). Los OA son “unidades de aprendizaje, en general, de extensión reducida, que apuntan a desarrollar uno o varios componentes de una competencia y que pueden presentar una diversidad de formatos e incluir recursos muy variados (texto, imagen, video, noticia, ejercicio práctico, simulación, juego serio, caso, poema, tema musical, objeto utilitario, SMS, foro, etc.)” (Miller, 2004). “Un OA es una entidad informativa digital que se corresponde (representa) con un objeto real, creada para la generación de conocimientos, habilidades, actitudes y valores, y que cobra sentido en función de las necesidades del sujeto que lo usa” (Rabajoli, 2012). “Un OA es aquella información digital (encapsulada) donde se reflejan los datos generales, los objetivos de aprendizaje (a quién va dirigido) y el contenido como tal. Un OA es un elemento que puede tener enlaces a sitios externos o internos del ambiente virtual de aprendizaje (AVA), enlaces a elementos multimedia como imágenes, video, audio, etc. Un OA contribuye al aprendizaje de los usuarios en una plataforma de educación a distancia modalidad elearning” (Dibut, s.f.). “Un OA es un conjunto de recursos digitales, autocontenible, reutilizable, con un propósito educativo y constituido por al menos tres componentes internos: contenidos, actividades de aprendizaje y elementos de contextualización. El OA debe tener una estructura de información externa (metadato) que facilite su almacenamiento, su identificación y su recuperación” (Ministerio Educación Colombia, s.f.). “Un OA es cualquier material digital de aprendizaje con un comienzo,un medio y un final, que tenga un propósito en sí mismo” (SENAC, 2011). “Los OA se definen como cualquier entidad digital o no digital que puede ser utilizada, reutilizada o referenciada en el aprendizaje mediado por la tecnología” (LTSC, s.f.).
Para el desarrollo de este proyecto, el Ministerio de Educación Nacional – MEN, (Aprendeenlinea, s.f.) estableció una conceptualización para la creación de Objetos de Aprendizaje y la consolidación de un Banco Nacional de Objetos de Aprendizaje: “Un Objeto de Aprendizaje es un conjunto de recursos digitales, auto contenible y reutilizable, con un propósito educativo y constituido por al menos tres componentes internos: los contenidos, las actividades de aprendizaje y los elementos de contextualización. El Objeto de Aprendizaje debe tener una estructura de información externa (metadatos) que facilite su almacenamiento, su identificación y su recuperación”.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
689
El siguiente gráfico ilustra los componentes internos que posee un objeto de aprendizaje:
Figura No. 5 Componentes Internos de un Objeto de Aprendizaje. Fuente: (Álvarez, 2012.)
Para tener una idea más clara al respecto, a continuación se identifican los atributos propios de un objeto de aprendizaje, junto con una posible clasificación y taxonomía de los mismos. 5.
ATRIBUTOS DE UN OBJETO DE APRENDIZAJE
Después de revisar las definiciones presentadas, se pueden determinar atributos o características comunes al interior de ellas, dentro de las cuales se identifican los siguientes (OIT/Cinterfor, 2013; Galeana, 2005; Hilera y Otros, 2010; Rebollo, 2004): a. Reusabilidad: posibilidad de reutilizar un Objeto de Aprendizaje en diferentes situaciones y contextos de aprendizaje. b. Generatividad: carácter adaptativo del Objeto de Aprendizaje en relación a las competencias o grupo de competencias a desarrollar, facilitando al usuario la generación de ideas y de conceptos (Zapata, 2009). También se entiende como la capacidad para construir contenidos, objetos nuevos y para ser actualizados o modificados, aumentando sus potencialidades a través de la colaboración (Agudelo y García, 2010). c. Flexibilidad: implica una gran versatilidad y elasticidad para combinarse en diversas propuestas (múltiples contextos) enfocadas a desarrollar competencias y áreas del saber, lo anterior debido a su facilidad de actualización, gestión de contenido y búsqueda. d. Granularidad: alude al contenido dividido y clasificado en microinformaciones y/o micro-aplicaciones, seleccionadas o elaboradas con una intencionalidad pedagógica, para posibilitar situaciones de nano-aprendizaje (Elliott, et al., 2006). e. Escalabilidad: capacidad para integrarse y articularse con otros de diferente tipo y extensión. Este atributo es esencial para potenciar las posibilidades de combinación o de ensamble entre los OA. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
690
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
f. Accesibilidad: facilidad para ser identificados, buscados y encontrados gracias al etiquetado, a través de diversos descriptores (metadatos), que permitirían la catalogación y el almacenamiento en el correspondiente repositorio (Agudelo y García, et al., 2010). Si los OA no son accesibles su búsqueda podría generar desmotivación e ineficacia. g. Estructura: es la lógica interna de la información, organizada en una secuencia deductiva (partiendo de conceptos, de ejemplos, de actividades prácticas y de verificación) o inductiva (a partir de ejemplos para llegar a los conceptos y las actividades). h. Adecuación a estándares: criterios comunes que facilitan la integración con otros Objetos de Aprendizaje desarrollados por diferentes productores. i. Actualidad: es la posibilidad de continuar siendo usado independiente del cambio de la tecnología (Graboski da Gama, 2007); también, la vigencia de la información sin necesidad de nuevos diseños (Agudelo y García, et al., 2010). j. Interoperatividad: es la capacidad de ser aplicados en diferentes sistemas de gestión de contenido y aprendizaje. k. Durabilidad: Los objetos deben contar con una buena vigencia de la información, sin necesidad de nuevos diseños l. Auto contención conceptual: Capacidad para auto explicarse y posibilitar experiencias de aprendizaje integral. m. Gestión: Información concreta y correcta sobre el contenido y las posibilidades que ofrece. n. Adaptabilidad: que se facilite la adaptación o personalización del entorno de aprendizaje. o. Productividad: Si los proveedores de tecnología e-learning desarrollan sus productos siguiendo estándares comúnmente aceptados, la efectividad de elearning se incrementa significativamente y el tiempo y los costos se reducen. En este marco de características, (Smith, 2004) plantea una lista de requerimientos que se deben tener en cuenta en el momento de desarrollar un objeto de aprendizaje: Diseñar para permitir el aprendizaje - Mantenga el enfoque en su objetivo educativo. - Elija el contenido significativo que apoya directamente a su objetivo educativo. - Presente el contenido de manera apropiada. - Seleccione las estructuras de las actividades correspondientes. - Examine las estrategias de evaluación.
Diseño para la Reutilización - Le resuelve el problema de los derechos de autor a otras personas que quieran reutilizar sus materiales. - Asegúrese de que su objeto de aprendizaje es autónomo y puede valerse por sí mismo. - Diseñe su objeto de aprendizaje para que pueda ser utilizado por un público diverso.
para la interoperabilidad: Diseñando la Experiencia del Participante: Diseñar Adición de metadatos Pautas de Diseño Gráfico - Incluir metadatos apropiados en sus objetos de - Cada página o la pantalla debe ser visualmente aprendizaje equilibrada. - Al agregar los objetos de aprendizaje a una - Utilice la ubicación física de la pantalla o colección o biblioteca, le proporciona la página para establecer y fortalecer las información solicitada de metadatos relaciones visuales entre los elementos. - Elija uno o dos elementos visuales y úselos en toda la pieza para crear un sentido del ritmo. La elección de una tecnología y herramientas - Si los elementos en su diseño no son los de desarrollo mismos, hágalos muy diferentes (no sólo - Elija una tecnología y una herramienta con la ligeramente diferente) para crear contraste. cual sus desarrolladores estén cómodos (o - Todos los elementos deben trabajar juntos para aprendan). crear un todo armónico. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
691
- Elija una tecnología que soporta las características que desea incluir en su objeto de aprendizaje. Directrices de Usabilidad - Sea consistente en el uso de elementos de - Elija una herramienta que esté soportada por el diseño, lenguaje, formato, apariencia y personal de tecnología educativa de la funcionalidad. institución, en su caso. - Permita que los estudiantes controlen sus - Elija una herramienta que puede pagar. interacciones; deles la libertad de elegir cómo llevar a cabo las tareas. Cuidado y la alimentación de los objetos de - Siga las normas establecidas de estándares de aprendizaje diseño y de uso, que son familiares para los - Almacene sus objetos de aprendizaje en un alumnos. equipo seguro y estable con acceso permanente - Simplifique el diseño siempre que sea posible, y a Internet. adhiérase a los principios básicos de la estética. - Proporcione la información de contacto, copyright y las\licencias de uso, los requisitos técnicos y la información de la versión. Tenga Diseño para la Accesibilidad esta información actualizada. - Diseño independiente de los dispositivos. - Proporciona los formatos alternativos para el - Proporcione demostraciones, consejos de uso, enlaces a recursos relacionados y otros contenido visual y auditivo. materiales de apoyo. - Permite a los alumnos controlar el contenido en movimiento Tabla No. 2 Requisitos de desarrollo para objetos de aprendizaje. Fuente: (Smith, 2004)
Ahora bien, en el momento de evaluar un objeto de aprendizaje, también se contemplan algunas de estas características, como se muestra a continuación: Según (Smith, 2004)
Según (Toll et al., 2011)
Funcionalidad: Adecuación, Exactitud, Interoperabilidad, Conformidad, Recuperabilidad Usabilidad: Comprensibilidad, Facilidad de aprendizaje, Operabilidad, Conformidad. Eficiencia: Tiempo de respuesta, Utilización de recurso. Reutilización: Reutilización de contenido, Diseño reutilizable. Portabilidad: Facilidad de Instalación, Facilidad de Adaptación, Coexistencia (Vidal, Segura et al. 2008).
¿El objeto de aprendizaje en general es atractivo? ¿La experiencia de uso del objeto de aprendizaje es agradable? ¿Los requisitos técnicos son fáciles de entender y cumplir? ¿Es fácil de navegar a través del objeto de aprendizaje? ¿Tiene un contenido completo y correcto? ¿Son las actividades apropiadas para el contenido? ¿El alcance del objeto de aprendizaje es adecuado: ni muy limitado, ni demasiado general para sus propósitos? ¿Se ajusta a la meta educativa propuesta para el objeto de aprendizaje?
Tabla No. 3 Algunos Criterios de Evaluación de los OA. Fuentes (Toll et al., 2011), (Smith, 2004)
Como se observa en la anterior revisión, los objetos de aprendizaje obedecen a una serie de características que los ubican como elementos dinámicos, adaptables a un entorno y un objetivo de formación, portables, accesibles y usables por los usuarios finales, objetos y actores del proceso de formación. Dentro de las características identificadas se denota la adecuación a estándares, es decir, el uso de criterios comunes que facilitan la integración con otros Objetos de Aprendizaje desarrollados por diferentes productores, lo cual deja entrever la necesidad de la adopción de un estándar en el diseño y en la producción de estos objetos de aprendizaje. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
692
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
Ahora bien, a continuación se revisa la clasificación y la taxonomía de los objetos de aprendizaje, dentro de las cuales se identifica la participación de diferentes componentes, para los cuales las herramientas TIC y las herramientas de autor deben proveer una base de estandarización que permitan aspectos como la reusabilidad y la portabilidad de los objetos construidos. 6.
CLASIFICACIÓN Y TAXONOMÍA DE LOS OBJETOS DE APRENDIZAJE.
Como lo plantea (OIT/Cinterfor, 2013), los objetos de aprendizaje se pueden clasificar de acuerdo al diseño y uso pedagógico, la taxonomía de combinaciones, los requerimientos institucionales (nivel cognitivo y grado de complejidad). De acuerdo al diseño y uso pedagógico, (OIT/Cinterfor, 2013) plantea: Objetos de Enseñanza Destinados a apoyar el aprendizaje, sin exigir un rol activo de la persona. Por ejemplo:
Objetos de Colaboración Desarrollados para la comunicación en los ambientes de aprendizaje, con un rol activo de las personas. Por Ejemplo:
Intercambio entre facilitador y los Imágenes, mapas, gráficos, audios, videos, participantes, quienes deben demostrar videoconferencia, demostraciones de grados de habilidad o nivel de aplicaciones, textos con información conocimiento en instancias presenciales; detallada, casos de estudio, ejercicios La interacción sincrónica o asincrónica dirigidos. entre facilitador y participantes: Chats, Foros, etc. Objetos de Práctica Destinados al auto aprendizaje con una alta Objetos de Evaluación Tienen como función verificar el estado de interacción del participante. Por Ejemplo: las competencias en una etapa del proceso formativo. Por Ejemplo: Juego de roles para construir y comprobar el conocimiento y las habilidades en la Pre-evaluación y/o autoevaluación inicial interacción con otros; para determinar el nivel de competencias; Ejercicios interactivos que posibilitan Evaluación de avance o formativa, para establecer la relación entre conceptos a identificar los progresos y focalizar en través de ejercicios prácticos; áreas donde se detectan debilidades; Simulaciones de ambientes Evaluación final o sumativa, para el organizacionales para controlar y operar un reconocimiento de las competencias, rango de variables de gestión; identificación de necesidades de Prácticas sobre tareas complejas asociadas a formación, orientación sobre alternativas y productos específicos de software o al posibilidades de formación. desarrollo de hardware, como el ensamblado de computadores.
Tabla No. 4 Clasificación de Objetos de Aprendizaje acorde al diseño y uso pedagógico. Fuente: (OIT/Cinterfor, 2013). De igual forma, (Wiley, 2000) plantea una taxonomía acorde a la reutilización granularidad, dentro de la cual clasifica (Avalos, s.f.):
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
693
a) Fundamental - Por ejemplo, un archivo JPEG de una mano tocando un acorde en el piano. b) Combinado cerrado - Por ejemplo, un video de una mano tocando un acorde arpegiado en un teclado de piano con acompañamiento de audio. c) Combinado abierto - Por ejemplo, una página web dinámica que combina el ya mencionado JPEG y archivos de QuickTime junto con el material textual “sobre la marcha.” d) Generativo-presentación - Por ejemplo, una animación. e) Generativo-docente - Por ejemplo, una aplicación autoejecutable y que ofrece la práctia de cualquier procedimiento. Dado este contexto, se identifican las siguientes características: Características de los OA Número de Elementos Combinados Tipo de Objetos Contenidos Componentes reusables Funciones Comunes Dependencias Extra Objeto
Tipo de Lógica contenida en el Objeto
Potencial para reuso interconextual Potencial para reuso intraconextual
Fundamental
Combinado Cerrado
Combinado Abierto
Generación de Presentaciones
Generación Instruccional
Uno
Pocos
Muchos
Pocos - Muchos
Pocos Muchos
Fundamentales
Fundamentales, Combinado Cerrado
Todos
Fundamentales, Combinado Cerrado
Fundamentale, Combinado Cerrado, Generación de Presentaciones
(No aplica)
No
Sí
Sí / No
Sí / No
Mostrar
Instrucciones o Prácticas Prediseñadas
Instrucciones y/o prácticas prediseñadas
No
No
(No aplica)
Ninguna o registro de respuestas basadas en ítems
Ninguna o instrucciones de dominio específico y estrategias de evaluación
Estrategias de presentación de dominio específico
Presentaciones , instruccionales y estrategias de evaluación de dominio independiente.
Alto
Medio
Bajo
Alto
Alto
Bajo
Bajo
Medio
Alto
Alto
Mostrar
Sí
Sí / No
Instrucciones y/o prácticas generadas por computador Sí
Tabla No. 5 Taxonomía de los Objetos de Aprendizaje. Fuente: (Wiley, 2000). Los elementos taxonómicos identificados anteriormente permiten observar que para aspectos como el reuso intercontextual, la dependencia con otros objetos (formando secciones o cursos, etc.), entre otros aspectos, es necesario que estos contenidos educativos digitales opten en su proceso de diseño y producción, por estrategias que provean normas y especificaciones para organizar los objetos de aprendizaje como apoyo a sistemas de gestión de aprendizaje, generando objetos
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
694
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
pedagógicos estructurados, además de cumplir con los requerimientos para la implementación de los mismos. Estos requerimientos, las normas y las especificaciones están descritos y apoyados en diferentes estándares, para lo cual, a continuación se presentan las características generales de una iniciativa de estandarización, junto con la revisión de algunos estándares administrados en el mercado del diseño y producción de contenidos educativos digitales. 7.
INICIATIVAS DE ESTANDARIZACIÓN
Dadas las características, tales como la portabilidad, la escalabilidad, etc., descritas anteriormente, es prudente tener bien definidas un conjunto de reglas comunes, que faciliten el intercambio de contenidos entre diversas plataformas y sistemas, además de normalizar el acceso a dichos contenidos (Cajal & Moraga, 2010), localizarlos, catalogarlos y organizarlos en repositorios dispuestos para tal fin. Estas reglas comunes permitirán a los diferentes sistemas dialogar entre si, además de poder incorporar contenidos provenientes de otros productores o proveedores. Teniendo en cuenta las características de los objetos de aprendizaje descritas en la sección 5, se plantean diferentes áreas sujetas de estandarización en dichos Objetos de Aprendizaje. (Rebollo, 2004) describe tres áreas principales a las que se refiere la estandarización en Objetos de Aprendizaje: a. La interfaz de comunicaciones, que indica cómo los distintos recursos de aprendizaje pueden intercambiar información entre sí. b. La disponibilidad de metadatos proporciona recipientes para almacenar información sobre cualquier recurso de aprendizaje. Como lo describe (Astudillo, 2011),los metadatos se definen como:
“Información sobre un objeto, sea éste físico o digital” Comité de Estandarización de Tecnologías Educativas del IEEE (IEEE LTSC, 2002). “Conforman un conjunto de reglas aceptado (…) que ofrecen un medio para crear, manejar y almacenar datos y transferencias electrónicas de información” (pág. 4). (McGreal, 2004) “Información acerca del contenido que incluye descripciones de características y relaciones entre los ítem de cada categoría” (ADL, 2004. pág. 18). “Descriptores de un recurso” (López Guzmán y García Peñalvo, 2005. Pág. 38). “Una estructura detallada del texto, que describe atributos, propiedades y características distribuidos en diferentes campos que identifican claramente al objeto, con el fin de que pueda encontrarse, ensamblarse y utilizarse” (García Aretio, 2005. Pág. 2). “Conjunto estructurado de etiquetas descriptivas de objetos de información usadas para catalogar materiales educativos” (Zapata Ros, 2005. Pág. 11). “Datos que a su vez designan y califican datos de la información almacenada, para lo cual se utilizan elementos previamente seleccionados por las iniciativas de estandarización” (Prendes Espinosa, Martínez Sánchez & Gutiérrez Porlán, 2008. Pág. 90).
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
c.
695
El empaquetamiento, que se hace referencia a la recolección y a la descripción de los elementos de un curso.
Adicional a las áreas anteriores, (Pernalete y Otros, 2012) señalan otras áreas sujetas de estandarización: a. b. c. d.
e. f. g.
El diseño y secuenciación de actividades de aprendizaje; La evaluación de los contenidos y el proceso educativo; La accesibilidad de contenidos e interfaces; Las plataformas de aprendizaje (despliegue de contenidos, gestión de cursos, de objetos educativos y de información sobre los alumnos; registro de información sobre el proceso de aprendizaje, entre otros.); La codificación de información sobre los alumnos y otros participantes del proceso educativo; La creación de portafolios electrónicos, El almacenamiento y la distribución de contenidos mediante repositorios digitales.
En este marco, describen elementos constituyentes de un ambiente de enseñanza aprendizaje para e-learning y estándares asociados: Elemento de Caracterización
Descripción del Elemento
Institución (es) Asociada (s)
Metadatos
Se refiere a datos sobre los propios datos. Se utiliza para describir y etiquetar los productos de software generados
IEEE LOM –CWA 14643:2003; Dublin Core, DC- ISO 15836:2003; CanCore; IMS metadata; GEMSTONES; ADL SCORM metadata; ARIADNE metadata; GEM metadata; NSDL metadata; EdNA metadata; ProLEARN D4.7; UNE 71361:2009
Actores/Agentes
Constituyen el conjunto de personas involucradas en el proceso de aprendizaje, entiéndase profesores, estudiantes, participantes invitados, personal asesor, diseñador y de gestión educativa, y por lo tanto, sus roles deben estar claramente definidos, no sólo en torno a las funciones que ejercen dentro de la dinámica del ambiente, sino también de los valores que asumirán desde su vivencia.
IMS-LIP: IMS Learner Information Package; LTSC PAPI; IMS Enterprise; IMS AccessForAll; Metdadata; IMS ACCLIP; IMS Enterprise; IMS ePortfolio (IMS eP); CWA 14926:2004; IMS Enterprise services V2.0 (IMS ES)
Determinan las unidades de aprendizaje, los objetos de estudio y la estructura de las acciones que se ejecutarán para lograr el encuentro de los participantes con los temas, valiéndose de la interacción humana y la interacción con los materiales didácticos disponibles en formato digital en el entorno virtual, el análisis, la reflexión, la retroalimentación, la meta cognición y el significado de las situaciones en las que se encuentran involucrados los actores, procurando que, especialmente los aprendices, comprendan las dimensiones del aprendizaje logrado.
ADL SCORM; IMS-CP: IMS Content Packaging; IMS RLI, AICC CS; IEEE 1485.6; AGR011, CBT - AICC PENS; AICC Packaging Specification - CMI 012; IMS SS: Simple Sequencing; IMS –CC
Contenidos Actividades
–
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
696
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
Elemento de Caracterización
Descripción del Elemento
Institución (es) Asociada(s) (cont.)
Se refiere al estudio y al establecimiento de métodos sustentados en teorías del aprendizaje y enfoques pedagógicos específicos, que señalan los principios epistemológicos, los valores y los procedimientos generales de la enseñanza que marcarán la intervención didáctica y las interacciones socioculturales conducentes al logro del aprendizaje.
EML/ IMS Learning Design; DIN Didactical Object Model; ADL SCORM Sequencing and navigation (SCORM S&N)
Competencias
Está asociada a las características, habilidades o conocimiento específico, y medibles que el estudiante puede poseer y que es necesario para realizar un trabajo o tarea determinada.
IMS RDCEO; IEEE 1484.20.1-2008DMRCD; HR-XML Competencies; CWA 15455: 2005–CEN; CWA 14927:2004, -CEN
Accesibilidad
Está asociado a la capacidad de acceso que un usuario pueda tener con un entorno o ambiente apropiado en el momento justo y en el dispositivo correcto.
W3C WCAG; ACCLIP, ATAG; ISO TS 16071:2003; ISO DIS 9241-171; IMS ACCMD; IMS DALA; W3C -WAI ARIA -2009; ISO/IEC 247511,2,3:2008; W3C - WAI WCAG; UNE 139803:2004 – AENOR
Interoperabilidad
Comprende un conjunto de atributos que indican la capacidad de acceso e interacción con otros sistemas
IMS SSP; ISO/IEC 19778-1,2,3:2008ITLETCT; ISO/IEC 19780-1:2008, CB; ADL - SCORM RTE; IMS TI; AICC/ CMI; CWA 14928:2004; CWA 14929:2004; CWA 15155:2004; IEEE 1484.11.1:2004
Evaluación
Describe tests, evaluaciones y cuestionarios
IMS QTI; ISO/IEC 23988:2007
Repositorios
Proporciona un entorno para conexiones entre Repositorios
establecer
IMS DRI; CORDRA; CWA - SPI – 2009; CWA 15454:2005 – SQI – CEN
Arquitectura
Sistema que provee las distintas herramientas tecnológicas para la comunicación y el acceso a la información, se caracteriza por dos variables: la interfaz y la navegación. La primera se asocia a las condiciones visuales, gráficas y de interactividad entre hombre-máquina, lograda mediante códigos comunicativos, íconos, dibujos, señales, tamaño de texto, mapas y pantallas de trabajo, entre otros. La segunda, tiene que ver con las rutas, secuencias y herramientas de navegabilidad, y las posibilidades técnicas de diseñar o adecuar el entorno a las necesidades individuales y grupales de los participantes del acto educativo en el ambiente de enseñanza aprendizaje.
IEEE LTSA; Framework SIF; CORDRA; IMS GWS; OASIS; OKI
Vocabulario
Define una gramática para el intercambio sencillo de Términos
W3C- CSS; IMS VDEX; CWA 15453:2005; IMS AP; ISO/IEC 238236:2008; AICC/ CRS002
Didáctica aspectos pedagógicos Metodología didáctica
o -
Tabla No. 6 Caracterización del ambiente de enseñanza aprendizaje para E-learning y estándar asociado. Fuente: (Pernalete y Otros, 2012). Teniendo en cuenta la caracterización descrita anteriormente, se identifican diferentes capas e iniciativas relevantes (Figura No. 6) para llegar a la interoperabilidad de contenidos en e-learning, como las planteadas por (MEC, s.f.): JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
697
La capa más baja hace referencia a aspectos puramente tecnológicos para las que ya existen estándares aceptados. TCP/IP y HTTP son los protocolos estándar de intercambio de información en Internet. La segunda capa trata de los formatos en los que se crean los contenidos educativos. En este punto existe una gran variedad, de modo que en general se acepta cualquier formato de contenido web que sea capaz de visualizar un navegador (incluso si para ello necesita algún complemento o plug-in). La realidad es que no existe aún un consenso claro sobre qué lenguaje o formato utilizar. XML y HTML son los principales candidatos actuales pero hay muchos sistemas que utilizan contenidos PDF por su portabilidad y calidad de impresión, o Macromedia Flash por su capacidad de animación o interacción. La tercera capa selecciona los mecanismos que se utilizarán para representar los metadatos asociados con los contenidos educativos. Los metadatos son la información complementaria que se añade sobre los objetos educativos y que describen distintos aspectos sobre su contenido, sus objetivos didácticos, y facilitan los procesos de búsqueda, selección y recuperación. XML es la tecnología más frecuente para crear los metadatos, siendo considerada ya un estándar de facto para esta capa. Entre las características que han convertido a XML en la tecnología más utilizada, vale la pena destacar: la validación automática de los documentos, la separación entre contenido y procesamiento, y la independencia de herramientas o plataformas concretas. No obstante, con el desarrollo de la web semántica, hay iniciativas para hacer dicha descripción utilizando RDF, ya que estas nuevas tecnologías facilitan el desarrollo de las aplicaciones informáticas que traten e interpreten de manera automática dicha meta de información. En la cuarta capa, en los esquemas de metadatos, se determina qué información es relevante para los objetivos del modelo, se agrupa de acuerdo a una serie de categorías, que por lo general tienen carácter jerárquico, y por último, se adjunta al objeto como metadatos (implementados habitualmente con XML). El principal estándar ya aprobado de IEEE es el esquema de metadatos LOM (Learning Object Metadata) que se ocupa de estos aspectos. Las capas quinta y sexta hacen referencia a la necesidad de estructurar los objetos en unidades superiores de contenido (los cursos) y asegurar su portabilidad a través de la red en forma de fichero, aportando toda la información para que sea posible su reconstrucción exacta en el sistema destinatario. La séptima capa busca la homogeneidad en la estructuración de los perfiles de aquellos implicados en el proceso de enseñanza y en la forma de utilizar didácticamente los recursos educativos. Por último, la capa de nivel superior aborda los aspectos de adecuación lingüística, cultural y social a distintos contextos.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
698
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
Figura No. 6 Capas y las iniciativas más relevantes para llegar a la interoperabilidad de contenidos en e-learning. Fuente: (MEC, s.f.) En este marco, se identifican diferentes iniciativas de estandarización (Astudillo, G. 2011; MEC, s.f.; Hilera, 2010), dentro de las cuales se cuentan, entre otras: a. Dublin Core (1995): Concebido para la descripción de recursos web, y luego extendido a museos y bibliotecas. Se centra en la búsqueda eficiente de materiales y recursos a través de Internet. b. LALO (1995): Creación de objetos de aprendizaje independientes. c. Warwick Framework (1996): Construido sobre las bases de Dublin Core para conseguir una versión más concreta, operacional y usable. Promueve la interoperabilidad entre los distintos sistemas. d. ARIADNE (1996): Ha construido un gran repositorio de objetos pedagógicos llamado Knowledge Pool System. (http://www.ariadne-eu.org/) e. IMS (1997): Se asienta sobre las bases de Dublin Core y Warwick Framework para desarrollar su modelo de Objetos de Aprendizaje que queda reflejado en varias de sus especificaciones. (http://www.imsglobal.org/) f. IEEE (1997): En concreto, el grupo de trabajo IEEE1484.12, Learning Object Metadata, encargado de la definición de objetos de aprendizaje. g. ADL (1997): El núcleo de la propuesta de ADL es un sistema de intercambio de Objetos de Aprendizaje, como queda reflejado en el nombre de su especificación SCORM (Shareable Content Object Reference Model). Se basa en la especificación de IMS y en las técnicas de etiquetado de Dublin Core. h. Aviation Industry CBT Committee - AICC (1998). Publica recomendaciones en muchos aspectos del e-learning (incluido el hardware), pero quizás la que ha tenido mayor impacto ha sido la recomendación para interoperabilidad CMI (Computer-Managed Instruction). Es una especificación sobre cómo crear contenido que se pueda comunicar con el mayor número de sistemas LMS. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
699
i. European Committee for Standardization/Information Society Standardization System (CEN/ISSS): El comité europeo de normalización (CEN) alberga un subcomité de sistemas de estandarización de la sociedad de la información (Information Society Standardization System, ISSS), en el que está el grupo de trabajo de tecnologías de aprendizaje (Learning Technologies Workshop, CEN/ISSS/LT). j. International Standards Organization (ISO/IEC JTC1 SC36) y Asociación Española de Normalización (AENOR). La organización internacional de estándares (International Standards Organization, ISO). El subcomité 36 de la ISO fue creado en 1999 (ISO/IEC JTC1 SC36 http://jtc1sc36.org/) con el objetivo de cubrir todos los aspectos relacionados con la estandarización en el campo de las tecnologías de aprendizaje. k. Institute for Electrical and Electronic Engineers Learning Technology Standards Committee - IEEE LTSC (http://www.ieeeltsc.org:8080/Plone). LTSC está organizado en subcomités que se encargan de áreas de trabajo determinadas, como la definición de la arquitectura de sistemas de e-learning o la definición de metadatos para objetos educativos. En estos momentos el área de mayor impacto es la relacionada con los metadatos de los recursos educativos, ya que el estándar Learning Object Metadata (estándar IEEE 1484.12.1 – 2002) es el estándar oficial que más se está utilizando actualmente en e-learning. Estas iniciativas de estandarización han definido estándares, buenas prácticas y recomendaciones, entre otros aspectos, que han permitido al mercado de la producción de contenido digital, poder contar con herramientas que apoyen el diseño, la implementación y el empaquetado de objetos de aprendizaje, que además de cumplir con los requerimientos didácticos y pedagógicos, pueden ser gestionados tanto local, como regional e internacionalmente, a través de repositorios de contenido digital, y pueden cumplir con las características propias de dichos contenidos, como la usabilidad, la accesibilidad, el reuso, la portabilidad, etc. Para contextualizar el esfuerzo realizado por estas iniciativas de estandarización, a continuación se presenta una clasificación de los estándares generados. 8.
CLASIFICACIÓN DE LOS ESTÁNDARES
Como lo describe (Rebolledo, 2004), y enmarcado en las iniciativas enunciadas con anterioridad; en cuanto a los estándares se identifican las siguientes categorías: a.
Centrados en el contenido: Se refieren a especificaciones y estándares relacionados con el contenido (cursos, asignaturas, etc.) Las especificaciones y los estándares en esta categoría, establecen las pautas para describir, empaquetar, entregar, ejecutar y auditar contenidos por los diferentes sistemas. Entre los más representativos se destacan: SCORM, desarrollado de una colección de especificaciones. Es un modelo, no un estándar. AICC proporciona la posibilidad de utilizar gráficos inteligentes.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
700
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
b. c.
d.
ASTD se centra en la calidad del contenido. CanCore Learning Object Metadata Application Profile. Promueve mejores prácticas en la elaboración de contenidos para ser utilizados en la educación (http://cancore.athabascau.ca/en/). IEEE Learning Object Metadata (LOM). Cataloga objetos de contenido. IEEE CMI (computer managed instruction). Describe que información se debe comunicar a una plataforma de formación. IMS Accessibility Content. El grupo de trabajo de IMS sobre accesibilidad, proporciona contenidos educativos accesibles, siguiendo guías y recomendaciones de otras instituciones. Centrados en el estudiante: Especificaciones y estándares orientados al estudiante, los cuales incluye: HR-XML: especificaciones para las competencias del estudiante. IMS Learner Information Packaging. Facilita el intercambio de aprendizaje entre sistemas. IMS Reusable Competency Definitions. Basado en competencias del estudiante. SC36 Learner Model. Información relativa al estudiante. Centrados en los sistemas: Son estándares para la interoperatividad de plataformas, dentro de las cuales se identifican: IMS Digital Repository Interoperability. Recomendaciones para la interoperación de repositorios digitales. IMS Enterprise System. Especificaciones para el intercambio de información entre los sistemas de recursos humanos o el control de estudios y las plataformas e-learning. SC36 Identifiers System. Para identificar diferentes estudiantes en diferentes sistemas. SC36 Knowledge Management. Especificaciones para la gestión y la distribución del conocimiento vía la tecnología e-learning. IMS Question and Test Interoperability. El IMS QTI propone una estructura de datos XML para codificar preguntas y test online. El objetivo de esta especificación es permitir el intercambio de estos tests y datos de evaluación entre distintas plataformas.
Generales: Existen algunos estándares de carácter general entre los que se encuentran: CEN/ISSS Workshop. Localiza versiones de LOM, calidad, condiciones de derechos de autor, accesibilidad, arquitectura de plataformas y mucho más. Es un comité de estandarización europeo. IEEE Platform and Media Profiles Es un comité perteneciente al IEEE SC36 que trabaja para generar perfiles para sistemas de e-learning que recolecten una serie de funcionalidades para luego poder incorporarlas fácilmente a sus herramientas. SC36 Vocabulary. Define la terminología relacionada con la estandarización para el ISO/IEC JTC1 SC36 y para toda la tecnología desarrollada por sus comités y grupos de trabajo.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
701
SC36 Collaborative technology. Estandarización relacionada con las TI para la colaboración y para todas las tecnologías que le dan soporte.
Dado la clasificación de los estándares provistos por las organizaciones que han generado iniciativas de estandarización, y dado la cantidad de estrategias de estandarización generadas en el mercado, a continuación se presenta una revisión documental acerca de cuatro propuestas de estandarización que pueden ser analizadas y discutidas en el proceso de selección del estándar a seguir en la implementación de una celda de producción tecnológica de contenidos digitales educativos. 9.
LOM, DCMI, SCORM e IMS
Para contextualizar las características propuestas en un estándar, además de generar un espacio para la discusión de alternativas de entandares, con el fin de analizar y decidir acerca de cuál de ellos se adoptará en el proceso de implementación de la Celda de Producción Tecnológica de Contenidos Educativos Digitales, investigación, marco sobre la cual se base el problema de estudio de este artículo; a continuación se realiza una breve descripción de cuatro de los principales estándares usados en la producción de contenidos digitales. Este recorrido se lleva a cabo, pues en el mercado existen diferentes herramientas TIC y herramientas de autor usadas para la construcción de contenidos digitales en las cuales su producción, su exportación o uso obedecen a los parámetros establecidos por algún estándar, u ofrecen productos terminados bajo las características de un estándar definido. De igual forma, los contenidos digitales educativos son ubicados en repositorios internacionales y/o institucionales, los cuales ofrecen servicios para capturar, almacenar, ordenar, preservar y redistribuir la investigación académica de una institución en formatos digitales. Estos repositorios usan estándares para gestionar los contenidos digitales que administran.
Figura No. 7. Arquitectura de los Repositorios Institucionales. Fuente: (MEN, 2012b)
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
702
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
Como se observa en la figura anterior, el repositorio de contenidos usa un estándar para gestionar sus productos, lo cual, además de soportar los servicios que provee, le permite alinearse y compartir recursos con los demás repositorios nacionales y extranjeros, factor que muchas de las empresas y organizaciones que están haciendo desarrollos o impartiendo programas de educación a distancia y virtual ven reflejados en beneficios como (López, 2005): a. b. c. d. e. f. g. h. i. j.
Contenidos reutilizables. Consistencia en la descripción de los contenidos. Normalización en la organización de sus recursos. Acceso a más contenidos, de más fuentes y más fácilmente localizables. Persistencia de sus acervos. Migración sencilla de sus sistemas a nuevas versiones, e incluso a una nueva plataforma. Comunicación e intercambio de información con otros sistemas. Administración de la información apropiada tanto del recurso como del estudiante. Extensión de los servicios y de las capacidades de las plataformas. La inversión en la infraestructura se asegura por mayor tiempo.
La utilización de estándares amplía las opciones de los usuarios finales, reduciendo las restricciones de los sistemas propietarios y de soluciones aisladas. Las instituciones, los docentes, los estudiantes y los proveedores se verán beneficiados al contar con contenidos flexibles, plataformas homogéneas y bases de datos compartidas y distribuidas. Por ende, la revisión y uso de un estándar en la producción y gestión de contenidos digitales cobran especial interés para el presente proyecto de investigación, motivo por el cual, como forma de sustentar un proceso de discusión acerca de la selección del estándar a usar en la implementación de la celda de producción tecnológica de contenidos digitales, este articulo centra su revisión en los siguientes estándares: 9.1
LOM - Learning Object Metadata
Estándar desarrollado por la IEEE LTSC, uno de los primeros estándares de metadatos diseñado para describir objetos de aprendizaje (IEEE, 2002). El modelo cuenta con nueve categorías y con 76 elementos o campos a diligenciar:
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
703
Figura No. 8. Estándar para la Metadata de Objetos de Aprendizaje. Fuente: (IEEE, 2002) Como lo plantea (MEC, s.f.), el uso de un esquema de metadatos, ampliamente aceptado por una comunidad suficientemente amplia de productores y consumidores de material educativo; permite mitigar la problemática de coexistencia de materiales producidos por comunidades diferentes, en un mismo repositorio. Es por ello que IEEE LOM plantea un esfuerzo para estandarizar los esquemas de metadatos que deben ser utilizados en la producción de contenidos educativos. Basado en este contexto, los estándares del LOM se centran en el conjunto mínimo de propiedades que permiten que los objetos educacionales sean gestionados, ubicados y evaluados. Para ello, este estándar define las siguientes categorías (IEEE, s.f.): Elemento <general>
Descripción Información general que describe el objeto de aprendizaje como un todo. Contiene 9 sub-elementos.
<lifecycle>
Características relacionadas con la historia y el estado presente del Objeto de Aprendizaje y de aquellos que han afectado a este objeto durante su evolución. Contiene 6 sub-elementos.
<metametadata>
Agrupa información sobre los mismos metadatos, no sobre el objeto de aprendizaje que se está describiendo. Contiene 10 subelementos.
<technical>
Agrupa los requerimientos y características técnicas del Objeto de Aprendizaje. Contiene 11 sub-elementos.
<educational>
Condiciones del uso educativo del recurso. Contiene 11 subelementos.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
704
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
Elemento <rights>
<relation>
Descripción (cont.) Condiciones de uso para la explotación del recurso. Contiene 3 sub-elementos. Define la relación del recurso descrito con otros Objetos de Aprendizaje. Contiene 7 sub elementos.
<annotation>
Comentarios sobre el uso educativo del Objeto de Aprendizaje. Contiene 3 sub-elementos.
<classification>
Descripción temática del recurso en clasificación. Contiene 8 sub-elementos.
algún
sistema
de
Tabla No. 7. Estándar de Metadatos IEEE LOM. Fuente (IEEE, s.f.). 9.2
DCMI - Dublin Core Metadata Initiative
El estándar DCMI (DCMI, s.f.) está compuesto por 15 definiciones semánticas, las cuales permiten la descripción y la organización de la información. De igual forma, permite definir las propiedades de los objetos para sistemas que se encarguen de la búsqueda de recursos basados en la Web. Los 15 elementos que componen el estándar son:
Figura No. 9. Conjunto de Metadata de Dublin Core. Fuente: (DCMI, s.f.) Como lo describe (Lamarca, s.f.), el conjunto de elementos de metadatos Dublin Core es un conjunto de metadatos previsto para describir documentos. Los elementos poseen etiquetas descriptivas que pretenden transmitir un significado semántico a los mismos. Cada elemento es opcional y puede repetirse. Además, los elementos pueden aparecer en cualquier orden. Aunque algunos entornos, como HTML, no diferencian entre mayúsculas y minúsculas, es recomendable escribir correctamente cada metadato, según su definición, para evitar conflictos con otros entornos, como SGML y XML. Los elementos Dublin Core se pueden clasificar en 3 grupos que indican la clase o el ámbito de la información que contienen:
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
705
Elementos relacionados principalmente con el contenido del recurso: o Title (titulo) o Subject (tema) o Description (descripción) o Source (fuente) o Languaje (lenguaje) o Relation (relación) o Coverage (cobertura). Elementos relacionados principalmente con el recurso cuando es visto como una propiedad intelectual: o Creator (autor) o Publisher (editor) y, otras colaboraciones o Contributor (otros autores/colaboradores) o Rights (derechos). Elementos relacionados principalmente con la instanciación del recurso: o Date (fecha) o Type (tipo de recurso) o Format (formato) o Identifier (identificador)
A continuación se describen los elementos DCMI, definidos en el Metadata Terms: ETIQUETA DEL ELEMENTO DC. http://dublincore.org/documents/dcmiterms/
DESCRIPCIÓN
DC. Title http://purl.org/dc/elements/1.1/title
Título: El nombre dado a un recurso. Típicamente, un título es el nombre formal por el que es conocido el recurso.
DC. Creator http://purl.org/dc/elements/1.1/creator
Autor: La entidad primariamente responsable de la creación del contenido intelectual del recurso. Entre los ejemplos de un creador se incluyen una persona, una organización o un servicio. Típicamente, el nombre del creador podría usarse para indicar la entidad.
Materias y palabras clave: El tema del contenido del recurso. Un tema será expresado como palabras clave, frases clave o códigos de DC. Subject clasificación que describan el tema de un recurso. http://purl.org/dc/elements/1.1/subject Se recomienda seleccionar un valor de un vocabulario controlado o un esquema de clasificación formal. Descripción: La descripción del contenido del recurso. La descripción puede incluir, pero no se limita a: un resumen, a una tabla de contenidos, a DC. Description http://purl.org/dc/elements/1.1/description una referencia, a una representación gráfica de contenido o a una descripción de texto libre del contenido.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
706
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
ETIQUETA DEL ELEMENTO DC. http://dublincore.org/documents/dcmiterms/
DESCRIPCIÓN (Cont.)
Editor: La entidad responsable de hacer que el DC. Publisher recurso se encuentre disponible. Ejemplos de http://purl.org/dc/elements/1.1/publisher editores son una persona, una organización o un servicio. Típicamente, el nombre de un editor podría usarse para indicar la entidad. Colaborador. La entidad responsable de hacer colaboraciones al contenido del recurso. DC. Contributor http://purl.org/dc/elements/1.1/contributo Ejemplos de colaboradores son una persona, una organización o un servicio. Típicamente, el r nombre del colaborador podría usarse para indicar la entidad.
DC. Date http://purl.org/dc/elements/1.1/date
Fecha: Una fecha asociada con un evento en el ciclo de vida del recurso. Típicamente, la fecha será asociada con la creación o disponibilidad del recurso. Se recomienda utilizar un valor de datos codificado definido en el documento "Date and Time Formats", http://www.w3.org/TR/NOTEdatetime que sigue la norma ISO 8601 que sigue el formato YYYY-MM-DD.
DC. Type http://purl.org/dc/elements/1.1/type
Tipo: la naturaleza o la categoría del contenido del recurso. El tipo incluye términos que describen las categorías generales, funciones, géneros o niveles de agregación del contenido. Se recomienda seleccionar un valor de un vocabulario controlado (por ejemplo, el DCMI Vocabulary -DCMITYPEhttp://dublincore.org/documents/dcmi-typevocabulary/). Para describir la manifestación física o digital del recurso, se usa el elemento Formato.
DC. Format http://purl.org/dc/elements/1.1/format
Formato: la manifestación física o digital del recurso. El formato puede incluir el tipo de media o dimensiones del recurso. Podría usarse para determinar el software, hardware u otro equipamiento necesario para ejecutar u operar con el recurso. Ejemplos de las dimensiones son el tamaño y la duración. Se recomienda seleccionar un valor de un vocabulario controlado (por ejemplo, la lista de Internet Media Types (MIME) que define los formatos de medios del ordenador).
Identificación: Una referencia no ambigua para el recurso dentro de un contexto dado. Se recomienda identificar el recurso por medio de DC. Identifier una cadena de números de conformidad con un http://purl.org/dc/elements/1.1/identifier sistema de identificación formal, tal como un URI (que incluye el Uniform Resource Locator -URL, el Digital Object Identifier (DOI) y el International Standard Book Number (ISBN). JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
707
ETIQUETA DEL ELEMENTO DC. http://dublincore.org/documents/dcmiterms/
DESCRIPCIÓN(Cont.)
DC. Source http://purl.org/dc/elements/1.1/source
Fuente: Una referencia a un recurso del cual se deriva el recurso actual. El recurso actual puede derivarse, en todo o en parte, de un recurso fuente. Se recomienda referenciar el recurso por medio de una cadena o número de conformidad con un sistema formal de identificación.
Lengua: La lengua del contenido intelectual del recurso. Se recomienda usar RFC 3066 http://www.ietf.org/rfc/rfc3066.txt en conjunción con la ISO 639 (ISO639) DC. Language http://www.loc.gov/standards/iso639-2/, que http://purl.org/dc/elements/1.1/language define las etiquetas de dos y tres letras primarias para lenguaje, con subetiquetas opcionales. Ejemplo: "en" o "eng" para Inglés, "akk" para Acadio, y "en-GB" para inglés usado en Reino Unido. DC. Relation http://purl.org/dc/elements/1.1/relation
Relación: Una referencia a un recurso relacionado. Se recomienda referenciar el recurso por medio de una cadena de números de acuerdo con un sistema de identificación formal.
Cobertura: La extensión o ámbito del contenido del recurso. La cobertura incluiría la localización espacial (un nombre de lugar o coordenadas geográficas), el período temporal (una etiqueta del período, fecha o rango de datos) o jurisdicción (tal como el nombre de una entidad DC. Coverage administrativa). Se recomienda seleccionar un http://purl.org/dc/elements/1.1/coverage valor de un vocabulario controlado (por ejemplo, del Thesaurus of Geographic Names (TGN) y que, donde sea apropiado, se usen preferentemente los nombres de lugares o períodos de tiempo antes que los identificadores numéricos tales como un conjunto de coordenadas o rangos de datos.
DC. Rights http://purl.org/dc/elements/1.1/rights
Derechos: La información sobre los derechos de propiedad y sobre el recurso. Este elemento podrá contener un estamento de gestión de derechos para el recurso, o referencia a un servicio que provea tal información. La información sobre derechos a menudo corresponde a los derechos de propiedad intelectual, copyright y otros derechos de propiedad.
Tabla No. 8. Elementos de Metadata de DCMI. Fuente: (Lamarca, s.f.)
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
708
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
9.3
SCORM - Sharable Content Object Reference Model
Modelo de Referencia, que comprende un conjunto de normas técnicas que permite empaquetar y reutilizar contenidos de aprendizaje, de modo que un mismo paquete de contenidos se puede importar desde diferentes LMS o plataformas de elearning (Zaragoza, 2011), facilitando así la interoperabilidad entre las plataformas.
Figura No. 10. SCORM – Modelo de Referencia de Objetos de Contenido Compartido. Fuente: (Zaragoza, 2011) Como lo describe (Adlnet, s.f.), SCORM empaqueta el contenido en un archivo ZIP transferible, que permite tener un curso para múltiples herramientas de gestión de aprendizaje, que en todas se visualicen de igual modo y se produzcan los mismos resultados independientemente del LMS y del visor empleado. SCORM 2004 aporta el complejo requisito de la secuenciación, que es un conjunto de reglas que especifican el orden en el que un alumno puede visitar objetos de contenido, guiando al alumno a través del material de aprendizaje, para que sea el propio alumno el que decida el tiempo que debe invertir en cada contenido, los descansos, la preparación de los exámenes e incluso, realizarlos y evaluarse. El paquete es un archivo particular con extensión zip (o pif) que contiene archivos válidos de definición de curso SCORM o AICC. Un paquete SCORM contiene en la raíz del zip un archivo llamado imsmanifest.xml el cual define la estructura de un curso SCORM, la localización de los recursos y muchas otras cosas. Un paquete AICC está definido por varios archivos (de 4 a 7) con extensiones definidas. He aquí una descripción de lo que estas extensiones quieren decir: 1. 2. 3. 4. 5. 6. 7.
CRS - Archivo de descripción del curso (obligatorio) AU - Archivo de asignación de unidad (obligatorio) DES - Archivo de descripción (obligatorio) CST - Archivo de estructura del curso (obligatorio) ORE - Archivo de relación de objetivos (optativo) PRE - Archivo de pre-requisitos (optativo) CMP - Archivo de requisitos de trabajo (optativo)
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
709
SCORM se basa en XML para representar la estructura de los cursos, lo que permite utilizarlo en diferentes entornos virtuales de aprendizaje. Mediante una API, permite la comunicación entre los entornos virtuales de aprendizaje y los contenidos. 9.4
IMS - INSTRUCTION MANAGEMENT SYSTEMS
IMS (www.imsglobal.org) es un consorcio que agrupa a vendedores, a productores, a implementadores y a consumidores de e-learning, y que se enfoca completamente al desarrollo de especificaciones en formato XML. Las especificaciones IMS cubren un amplio rango de características que persiguen hacer interoperables entre plataformas, que van desde los metadatos, la interoperabilidad de intercambiar el diseño instruccional entre las plataformas, hasta la creación de cursos online para alumnos que tengan alguna discapacidad visual, auditiva u otra (Hernández, s.f.). Dentro de las especificaciones que ya han sido liberadas y trabajadas por IMS se encuentran las siguientes:
IMS Learning Resources Meta - data Specifications (Octubre 01, 2001): genera una forma uniforme para describir los recursos de aprendizaje de manera que éstos puedan ser fácilmente encontrados, por medio del uso de herramientas de búsqueda que sean capaces de interpretar estos meta datos. IMS Enterprise Specification (Julio 16, 2002): está dirigida a aplicaciones y a servicios administrativos que necesitan compartir datos sobre los alumnos, los cursos y el rendimiento, a través de sistemas operativos, de plataformas y de interfaces de usuario. IMS Content Packaging Specification (Agosto 10, 2002): hace más fácil crear objetos de contenido reutilizables que serán útiles en una variedad de sistemas de aprendizaje. IMS Question & Test Specification (Febrero 13, 2002) soluciona la necesidad de poder compartir ítems de exámenes y otras herramientas de evaluación a través de sistemas distintos. IMS Learner Profiles Specification (Marzo18, 2003): buscará formas de organizar la información del alumno de manera que los sistemas de aprendizaje puedan ser más responsivos a las necesidades específicas de cada usuario. IMS Reusable Competency Definition Specification (Octubre 25, 2002): define un modelo de información para describir, referenciar e intercambiar definiciones de competencias, principalmente en el contexto del aprendizaje online y distribuido. En esta especificación, la palabra competencia es utilizada en un sentido muy general que incluye habilidades, conocimientos, tareas y resultados del aprendizaje. Esta especificación entrega una manera de representar formalmente las características claves de una competencia independiente de su uso en un contexto en particular. Permite la interoperabilidad entre los sistemas de aprendizaje que manejan la información de competencia, entregándoles medios para referirse a definiciones comunes con significados comunes. IMS Learning Design Specification (Febrero 13, 2003): orienta a describir el Diseño Instruccional y el Diseño de Aprendizaje que acompañará a un curso online. IMS Guidelines for Developing Accessible Learning Applications (Abril 28, 2003): Guías desarrolladas por el Grupo de Trabajo sobre Accesibilidad de IMS
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
710
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
entregará un marco de trabajo para las comunidades de aprendizaje distribuido. Este marco establecerá el escenario para las soluciones existentes, las oportunidades y las posibilidades para implementarlas, y las áreas donde más desarrollo e innovación se necesitan en las tecnologías educacionales para asegurar que la educación es para todos, en cualquier lugar y en cualquier momento. IMS Digital Repositories (Enero 30, 2003): Busca integrar el aprendizaje online con los recursos de información a través de bodegas o depósitos digitales para almacenar las colecciones digitales de documentos. IMS Simple Sequencing (Marzo 20, 2003): Especifica cómo los objetos de aprendizaje son ordenados y presentados a un alumno
En términos generales, en el momento de seleccionar un estándar para trabajar, es importante revisar cada uno de los componentes que especifica, al igual que factores como las herramientas a usar o disponibles, los repositorios con los que se cuenta, los metadatos generados y los esquemas de empaquetamiento, entre otros aspectos inherentes al proceso de diseño, de implementación y de distribución. Por ejemplo, como lo plantea (Solano, 2007), un elemento imprescindible en el engranaje de los repositorios son los metadatos ya que éstos se conciben como elementos que permiten la catalogación de la información digital y su reutilización en diversos contextos. Los metadatos son comúnmente entendidos como los datos que a su vez designan y califican datos de la información almacenada, para lo cual se utilizan elementos previamente seleccionados por las iniciativas de estandarización (Dublín Core, SCORM, IEEE_LOM…) en los que se apoyan, como título, descripción, palabras clave, formato y publicación, entre otros. Dos de los estándares en los que se organizan los metadatos son SCORM, enmarcado a su vez en el estándar IEEE_LOM3 y Dublín Core surgida a partir de la Dublín Core Metadata Initiative (DCMI). Con elementos de clasificación de metadatos similares, las principales diferencias entre ambos estándares hace referencia a los aspectos educativos, ya que SCORM es concebido como un esquema orientado a objetos de aprendizaje existentes en contenidos de formativos, y de hecho “no sólo es un esquema de metadatos, además dispone de otros elementos orientados específicamente al ámbito educativo, como es por ejemplo su sistema de LMS (Learning Management System)”. Sin embargo, Dublín Core surgió como una iniciativa que superaba el ámbito educativo y que perseguía “la descripción de los recursos, todo ello para crear sistemas de búsqueda de información más inteligentes”. Por otro lado, en el ámbito de la educación en línea, los estándares se ven como necesarios ahora más que antes, dado el alcance global que tienen las aplicaciones elearning por el uso de los sistemas de telecomunicación y al creciente interés de los individuos en la autoformación y en el aprendizaje a lo largo de toda la vida, que está marcando un mayor uso de los modelos de aprendizaje en línea que crecen de forma dispersa. Contar con aplicaciones estandarizadas marca un mejor y mayor aprovechamiento de los esfuerzos invertidos en este campo. La creación de estándares globales es una tarea compleja. Sería muy difícil llegar a un consenso que cubra las necesidades de todos o de una gran mayoría para ser adoptados de forma genérica, sin embargo, diferentes grupos están trabajando en el desarrollo tanto de especificaciones como de estándares en los diferentes niveles que se requieren, para poder establecer entornos e-learning integrados e interoperables (López, 2005). JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
10.
711
TRABAJOS FUTUROS
Por estas razones, el presente artículo dispone esta revisión documental, con el fin de colaborar en el proceso de discusión de la selección de las especificaciones y estándares a usar, en el proceso de implementación de la celda de producción tecnológica de objetos de aprendizaje, para la Universidad Distrital Francisco José de Caldas, y por ende, de cualquier institución que busque incursionar en los ambientes de formación virtual. De igual forma, con la presentación de esta revisión documental se plantea como trabajos futuros: En primera instancia, la finalización del presente proyecto de investigación que servirá de complemento a diferentes instituciones que inicien el proceso de inserción en los escenarios de e-learning y virtualización de contenidos. Como segunda instancia, se proyecta el diseño de una propuesta para una línea de producción tecnológica de Objetos de Aprendizaje para la Universidad Distrital Francisco José de Caldas (Bogotá, Colombia), en términos de workflow, infraestructura, hardware y software base requeridos para tal fin; dado que dicha institución se encuentra en la actualidad en la etapa de operacionalización de conocimiento acerca del tema, e ingresando a la oferta educativa virtual. En tercera instancia, este proyecto de investigación contribuirá al fortalecimiento de la investigación en e-learning y virtualización, al interior del grupo de Investigación GIIRA, de la Facultad de Ingeniería de la Universidad Distrital Francisco José de Caldas, y de igual forma, ofertar nuevos escenarios de investigación para los estudiantes de pregrado y postgrado de dicha institución.
11.
CONCLUSIONES
Como se observa en la conceptualización de Objeto de Aprendizaje, existen múltiples definiciones al respecto, cada una con un enfoque apropiado según el contexto en el que se plantee. En este marco, un objeto de aprendizaje puede partir desde una fotografía, la cual se usa para explicar un tema, dado una intención informativa; hasta un conjunto de componentes de información ensamblados, como unidad de aprendizaje con sentido pedagógico; usando una estructura de información externa (metadato) para facilitar su almacenamiento, identificación y recuperación. La construcción de un objeto de aprendizaje, se circunscribe bajo la selección y el uso de uno o varios estándares, los cuales cubren diferentes áreas en el ámbito tecnológico, tales como contenidos, diseño, evaluación, accesibilidad, plataformas, etc. La situación compleja se presenta cuando en el proceso de construcción, adopción o modificación de un objeto de aprendizaje, se abordan dichos modelos, especificaciones o estándares existentes en el mercado, donde cada uno de ellos presenta un alcance, validez, aplicación y grado de obsolescencia, además de identificar diferentes escenarios de solapamiento entre algunos de ellos. Ahora bien, dado el diseño instruccional plantado para la construcción del objeto de aprendizaje, como estrategia para asegurar la modularidad, granularidad y reutilización del mismo, entre otros aspectos; es de vital importancia contar con un equipo de trabajo multidisciplinario, que además de la construcción pedagógica, JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
712
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
didáctica y tecnológica, involucre las intenciones informativas adecuadas, lo que involucra miembros con conocimientos en pedagogía, en tecnología y en ciencias de la comunicación con enfoque social. Este proceso de construcción modular genera un cúmulo de metadatos, que deben recibir un tratamiento, al igual que las demás capas que involucra la construcción de un objeto de aprendizaje; a través de un modelo o estándar, como por ejemplo LOM. Por ello cobra gran importancia la ejecución de un estudio cuidadoso acerca de aspectos como las herramientas a usar en la construcción del objeto, las cuales deben garantizar estándares de compatibilidad en el mercado; los repositorios donde se van a desplegar dichos objetos, y el tratamiento tecnológico que se le va a dar, etc.; todo ello con el fin de seleccionar los estándares y especificaciones pertinentes, reconocidos en el mercado, debidamente probadas, y con un soporte documental estable, con el fin de evitar inconvenientes posteriores, en tiempo de producción del objeto de aprendizaje. Como lo describe (López, 2005), la estandarización se requiere a distintos niveles, primero, cuando los recursos son creados deben considerarse tecnologías, políticas y formatos compatibles con lo común en el sector; segundo, cuando esos recursos son incluidos en un repositorio, y deben ser descritos, se utilizarán esquemas que aseguren su fácil localización y compatibilidad con otros sistemas de metadatos; tercero, cuando esos recursos sean utilizados y tengan que incorporarse a diferentes servicios, repositorios, plataformas y aplicaciones en un contexto dado; y cuarto, cuando los sistemas involucrados en un entorno tengan que interoperar con otros para cumplir sus funciones o ampliar sus capacidades. El reto de los estándares es acordar de qué forma compartir, comunicar o desarrollar modelos y sistemas con la finalidad de lograr la interoperabilidad entre los diversos componentes. Por ende, la documentación, la selección y el uso de un estándar para el diseño y para la producción de contenidos digitales educativos, y en consecuencia, en la constitución de su repositorio, en la Universidad Distrital Francisco José de Caldas, le permitirá poder gestionar sus contenidos digitales procurando esquemas de indexación, localización y distribución adecuados, compatibles con objetos y repositorios de sus aliados estratégicos, además de ofrecer a la comunidad académica componentes de calidad, acorde a los estándares y a las especificaciones del mercado.
12.
GLOSARIO
OVA: Objeto Virtual de Aprendizaje TIC: Tecnologías de la Información y las Comunicaciones IES: Instituciones de Educación Superior CNA: Consejo Nacional de Acreditación MEN: Ministerio de Educación Nacional ICETEX: Instituto Colombiano de Crédito Educativo y Estudios en el Exterior UIT: Unión Internacional de Telecomunicaciones LMS: Learning management system IEEE: Institute of Electrical and Electronics Engineers OIT/Cinterfor: Organización Internacional del Trabajo / Centro Interamericano para el Desarrollo del Conocimiento en la Formación Profesional k. OA: Objeto de Aprendizaje l. TCP/IP: Protocolo de control de transmisión/Protocolo de Internet a. b. c. d. e. f. g. h. i. j.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
m. n. o. p.
713
HTTP: Protocolo de transferencia de hipertexto XML: eXtensible Markup Language (lenguaje de marcas extensible) HTML: HyperText Markup Language (lenguaje de marcas de hipertexto) RDF: Resource Definition Framework,
BIBLIOGRAFÍA ADLNET (s.f.): Personal Assistant for Learning (PAL) - Details / BAA. Fuente: http://www.adlnet.gov/. Consultada el 25 de Octubre de 2013. Álvarez (2012): Álvarez Pedraza, L. Elaboración de un objeto virtual de aprendizaje, que facilite la enseñanza de las unidades físicas de concentración. Universidad Nacional de Colombia. Bogotá. 2012. Aprendeenlinea (s.f.): Ministerio de Educación Nacional, Colombia Aprende. Que es un Objeto de Aprendizaje. Fuente: http://aprendeenlinea.udea.edu.co/lms/men/oac1.html. Consultada el 18 de Julio de 2013. Astudillo, G. (2011): Análisis del estado del arte de los objetos de aprendizaje. Revisión de su definición y sus posibilidades. Facultad de Informática - Universidad Nacional de La Plata. 2011 Avalos (s.f.): Avalos, M. C. Gestión de las TIC en el campo educativo. Fuente: http://gestiondelastics.tumblr.com/post/36822005690/objetosdeaprendizaje. Consultada el 1 de Septiembre de 2014. Cabero (2007): Cabero Almenara, J. Las necesidades de las TIC en el ambiente educativo: oportunidades, riesgos y necesidades. Tecnología y Comunicación Educativa. Año 21 número 45. Julio – Diciembre de 2007. Fuente: http://investigacion.ilce.edu.mx/tyce/45/articulo1.pdf. Consultado el 8 de Septiembre de 2014. Cajal & Moraga (2010): Cajal, F. Moraga, P. Desarrollo de un repositorio de objetos de aprendizaje. Facultad de Ingeniería, Licenciatura en Informática. Universidad Nacional de la Patagonia San Juan Bosco. 2010 Calle & Molina, s.f.: Calle Pineda, C. Molina Velásquez, T. Gestión para la implementación de TIC en la educación continua bimodal y virtual de la Universidad CES. Fuente: http://www.virtualeduca.info/ponencias2011/59/Ponencia%20virtual%20educa%2020 11.doc. Consultada el 2 de septiembre de 2014. Callejas et al. (2011): Callejas Cuervo, M. Hernández Niño, E. Pinzón Villamil, J. Objetos de Aprendizaje, Un Estado del Arte. Revista Entramado. Volumen 7 Número 1. Universidad Libre de Cali. 2011. Cisco (2010): Cisco Systems. La sociedad del Aprendizaje. Fuente: http://www.cisco.com/web/about/citizenship/socio-economic/docs/TLS_Spanish.pdf. Consultado el 10 de Septiembre de 2014. CNA (s.f.): Consejo Nacional de Acreditación. El Sistema de Educación Superior en Colombia. Fuente: http://www.cna.gov.co/1741/article-187279.html. Consultada el 25 de Julio de 2013. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
714
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
ColombiaAprende (s.f.): Portal Colombia Aprende. Las TIC en la Educación. Fuente: http://www.colombiaaprende.edu.co/html/directivos/1598/article-183078.html. Consultada el 7 de Agosto de 2013. DCMI (s.f.): DCMI Abstract Model. Fuente: http://dublincore.org/documents/abstractmodel/. Consultada el 28 de Octubre de 2013. Delta (s.f.): Delta Asesores. Hacia La Web 4.0. Fuente: http://www.deltaasesores.com/articulos/tecnologia/545-hacia-la-web-40-. Consultado el 7 de Agosto de 2013. Galeana (2005): Galeana, L. Objetos de Aprendizaje. Universidad de Colima. CEPROMED - Centro Universitario de Producción de Medios Didácticos. Fuente: http://www.cudi.edu.mx/primavera_2004/presentaciones/Lourdes_Galeana.pdf. Consultado el 28 de Julio de 2013. Hernández, E (s.f.): Estándares y Especificaciones de E-Learning: Ordenando el Desorden. Fuente: http://www.uv.es/ticape/docs/eduardo.pdf. Consultado el 28 de Agosto de 2013. Hilera González, J. Hoya Marín, R. (2010): Estándares de e-learning: guía de consulta. Universidad de Alcalá. ISBN: 978-84-693-0263-7. IEEE (2002): Draft Standard for Learning Object Metadata. Fuente: http://ltsc.ieee.org/wg12/files/LOM_1484_12_1_v1_Final_Draft.pdf. Consultado el 1 de Noviembre de 2013. IEEE (s.f.): WG12: Learning Object Metadata. Fuente: http://ltsc.ieee.org/wg12/. Consultado el 30 de Octubre de 2013. Lamarca (s.f.): Lamarca Lapuente, M.J. Metadatos Dublin Core. Fuente: http://www.hipertexto.info/documentos/dublin_core.htm. Consultado el 30 de Octubre de 2013. López (2005). López Guzmán, C. Los repositorios de Objetos de Aprendizaje como soporte a un entorno de e-learning. Doctora en Procesos de formación en Espacios Virtuales. Universidad de Salamanca. Salamanca, España. 2005. Fuente: http://gredos.usal.es/jspui/bitstream/10366/56649/1/DIA_Repositoriosobjetos.pdf.pdf. consultado el 1 de Septiembre de 2014. MEC (s.f.): Estándares y especificaciones en e-learning. Ministerio de Educación y Ciencia. Fuente: http://ares.cnice.mec.es/informes/16/contenido/indice.htm. Consultado el 1 de Noviembre de 2013. MEN (2007): Convenio de Asociación e-learning 2.0 Colombia. Propuesta de metodología para transformar los programas presenciales a virtuales o e-learning. Ministerio de Educación Nacional. Colombia. 2007. MEN (2007b): Indicadores TIC para educación en Colombia. Fuente: https://www.itu.int/ITU-D/ict/events/dominicanrep08/material/Colombia.pdf. Consultado el 29 de Agosto de 2014. MEN (2010): Ministerio de Educación Nacional. Revolución Educativa, 2002 – 2010 Acciones y Lecciones. Julio. 2010 MEN (2012): Rendón Osorio, H. Políticas de Integración de TIC en los Sistemas Educativos. Oficina de Innovación Educativa con uso de Nuevas Tecnologías. 2012
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
Iniciativas de Estandarización en la Producción de Objetos Virtuales de Aprendizaje
715
MEN (2012b): Recursos Educativos Digitales Abiertos COLOMBIA. Ministerio de Educación Nacional. Bogotá, Colombia, Octubre de 2012. MEN (2013): Ministerio de Educación Nacional. Convocatoria de ampliación de cobertura en educación superior. Colombia. Mayo de 2013. Fuente: http://www.mineducacion.gov.co/1621/w3-article-321546.html. Consultada el 31 de Julio de 2013. Miranda (2004): Miranda Díaz, G. De los ambientes virtuales de aprendizaje a las comunidades de aprendizaje en línea. Revista Digital Universitaria. Volumen 5 Número 10. Universidad Nacional Autónoma de México, México. 2004. Morales (2011): Morales, L. Generación Automática de Diseños de Aprendizaje: Diferentes enfoques de Planificación. Universidad de Granada. 2011. OIT/Cinterfor (2013): Red de Instituciones de Formación Profesional. Aportes al debate sobre Objetos de Aprendizaje para el desarrollo de competencias laborales. Montevideo: OIT/Cinterfor, 2013. Pernalete, D., Cánchica, M., Coello, Y. (2012): Estándares y Modelo de Calidad asociado a los Ambientes de Enseñanza Aprendizaje para E-learning. Consultada en Línea: <http://laclo.org/papers/index.php/laclo/article/view/52 >. Consultada el 30 de Octubre de 2013. Rebollo Pedruelo, M. (2004): El estándar SCORM para EaD. Máster en Enseñanza y Aprendizaje Abiertos y a Distancia. Universidad Nacional de Educación a Distancia. Consultada en Línea: < http://www.mrebollo.es/pubs/tesina.pdf >. Consultada el 30 de Octubre de 2013 Rivera et al. (2008): Rivera, D.M., Lozano, F. G. y Ramírez, M. S. (2008). El proceso de construcción de objetos de aprendizaje mediante cursos en línea: un estudio de casos múltiple. Memorias del XVII Encuentro Internacional de Educación a Distancia. Virtualizar para educar. Guadalajara, Jalisco. 2008. Smith (2004): Smith, R. Guidelines for Authors of Learning Objects. NMC: The New Media Consortium. McGraw-Hill Education. 2004. Solano (2007): Solano Fernández, I.M. (2007). Repositorios De Objetos De Aprendizaje Para La Enseñanza Superior: DSpace. En PRENDES ESPINOSA, M. P. Herramientas Telemáticas Para La Enseñanza Universitaria En El Marco Del Espacio Europeo De Educación Superior. Grupo de Investigación de Tecnología Educativa. Universidad de Murcia. CD –ROM. ISBN: 978-84-611-7947-3. Spivack (s.f.): Nova Spivack. Semantic Web Talk. Radar Networks & Nova Spivack. Consultada en Línea: < http://vimeo.com/684381 >. Consultada el 7 de Agosto de 2013. Sitio Web Nova Spivack: <http://www.novaspivack.com/tag/radar-networks > Toll et al. (2011): Toll Palma, Y. Ruiz Ortiz, L. Trujillo Casañola, y. Ril Gil, Y. La Calidad de los Objetos de Aprendizaje producidos en la Universidad de las Ciencias Informáticas. Revista Electrónica de Tecnología Educativa. Número 36, Junio de 2011. Universidad de las Ciencias Informáticas. Cuba. 2011. UIT (2007): Unión Internacional de Telecomunicaciones. Tendencias en las reformas de las telecomunicaciones 2007: El Camino hacia las redes de próxima generación. 2007.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
716
Herrera Cubides, J., Gelvez Garcia, Nancy, Sanchez Cespedes, J.
UIT (2013): Unión Internacional de Telecomunicaciones. Tendencias en las reformas de las telecomunicaciones 2013: Aspectos transnacionales de la reglamentación en una sociedad interconectada. Ginebra, 2013. Univirtual (2009): Objetos de Aprendizaje: Prácticas y perspectivas educativas. Comité Univirtual, Vice-rectoría Académica. Pontificia Universidad Javeriana de Cali. 2009. VirtualEduca (2013): VirtualEduca. La educación superior a distancia y virtual en Colombia: Nuevas realidades. VirtualEduca - Asociación Colombiana de Instituciones de Educación Superior con Programas a Distancia y Virtual, ACESAD. ISBN 978958-57929-0-6. Bogotá, Colombia. 2013. Wiley (2000): Wiley, D.A. Connecting learning objects to instructional design theory: A definition, a metaphor and taxonomy. Fuente: http://wesrac.usc.edu/wired/bldg7_file/wiley.pdf. Consultado el 5 de Agosto de 2013. Zaragoza (2011): Introducción al Modelo de Referencia SCORM. Área de Tecnologías para la Docencia. Universidad de Zaragoza. Fuente: http://unizar.es/innovacion/ecoleccion1/archivos/PDF/49_SCORM_CURSO.pdf. Consultado el 25 de Octubre de 2013.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 677-716
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300010
SECURITY INFORMATION IN PRODUCTION AND OPERATIONS: A STUDY ON AUDIT TRAILS IN DATABASE SYSTEMS
Rodrigo Roratto Evandro Dotto Dias Federal University of Santa Maria, RS/Brazil ___________________________________________________________________________________________
ABSTRACT Special care should be taken to verify the integrity and to ensure that sensitive data is adequately protected. One of the key activities for data loss prevention is anaudit. And in order to be able to audit a system, it is important to have reliable records of its activities. Systems that store critical data, whether financial or productive, must have features such as audit log, also called audit trail, which records all activities on critical data. This allows to identify harmful actions that can be internal or external, intentionally or unintentionally caused. Therefore, this paper presents major studies in security audit trail (audit log), especially records of logs, and it presents what is available in terms of commercial tools and what they offer. Keywords: Audit trails, Information Security, Computer management technologies available, Computational Risk.
systems
___________________________________________________________________________________________ Manuscript first received/Recebido em: 28/11/2013 Manuscript accepted/Aprovado em: 26/06/2014 Address for correspondence / Endereço para correspondência Rodrigo Roratto, Universidade Federal de Santa Maria, RS/Brasil. Email: roratto_rs@hotmail.com Evandro Dotto Dias, Universidade Federal de Santa Maria, RS/Brasil, E-mail: evandrodotto@yahoo.com Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
718
Roratto, R., Dias, E. D.
1. INTRODUCTION Information is a critical resource in organizations. With the increased availability of computers for all -type users of around the world, more data is being processed in short periods of time. Understanding computer security requires understanding the meaning of threat, vulnerability and risk (Bosworth; Kabay, 2002). Vulnerability is a weakness in the computer system or its surroundings that may become a security risk. A computer risk is the probability of an event resulting in a loss. Risks and losses may include financial and personal losses, loss of reputation and customer base, inability to function in a timely and effective manner, the inability to grow, and the violation of the laws and government regulations (Bosworth; Kabay, 2002). In systems where the device owner is not the person who owns the secrets in the device, an audit mechanism is essential to determine if there was any attempted fraud (Schneier; Kelsey, 1999). Special care should be taken to verify the integrity and to ensure that sensitive data is adequately protected. Activities for data loss prevention is an audit. An audit process includes recommending actions to eliminate or minimize losses by identifying vulnerabilities and risks, to determine whether adequate security controls are in place, to ensure that security devices and audits are valid and to check controls; it also tracks auditing and security measures and whether they are working effectively (Bosworth; Kabay, 2002). In many applications, access control and other information related to user operations should be kept in secure log files for intrusion detection and violations or for audit purposes (Xu et al. 2005). A lot of sensitive information is usually stored in log files. Therefore, it is important to ensure that if any system breach occurs, its logs are not compromised and the violation can be detected later (Xu et al. 2005). The first target of an experienced system attacker will be the audit trail/log system: the attacker wants to erase the traces of the attack, in order not to be detected, as well as keep in secret the method of attack so that the security flaws found are not detected by system managers (Bellare system; Yeey 1997). This shows that there is a great need to study and develop techniques to manage and especially ensure the inviolability of audit trails/logs, protecting them from damage and tampering with all types of users, whether intentionally or not. Based on these concepts, this research presents major studies in the pertinent area and tools available in the market. Based on the aforementioned problems, we aim to present an analysis of key points that should be considered in the management of information security and a description of the main technologies and research relating to the application and protection of audit trails (logs). There is a lso a brief description of two of the major available commercial solutions on the market today. Thus, we seek to find solutions against violations, whether voluntary or involuntary, from any users or even the system administrators. This paper is organized as follows: in section 2 the methodology used in this study is presented; in section 3, the concept of security information is presented. In section 4, the concepts of audit trails are shown; below in section 5, the use of logs in management systems databases are described; in section 6, major papers, researchJISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Security information in production and operations: a study on audit trails in database systems
719
seeking solutions for the protection of audit trails/logs are shown; in section 7, a brief description is available for managing critical data, offered commercially by the two leading providers of solutions, for information management and storage. Finally, section 8 presents the conclusions of this study. 2. METHODOLOGY
Regarding methodological procedures, this research is characterized as a descriptive and literature-based study, focused on a case study, as it describes models of audit systems and an analysis of attributes to be considered for the security of information systems of logs. It also seeks to identify what is most significant in research and solutions to the problem of audit trail security. The study is limited to theoretical analysis regarding solutions for the protection of audit trails (logs) and the tools available for managing critical market data. It is important to highlight that the term audit log is equivalent to audit trail.
3. SECURITY INFORMATION SYSTEMS MANAGEMENT
It is clear that businesses are increasingly dependent on technology and they need to provide confidentiality, integrity and availability. According to Albuquerque (2002) and Krause (1999) there are three basic principles to ensure information security, especially with regard to systems involving financial matters, such as: •Confidentiality: the information can be accessed only by explicitly authorized personnel. It is the protection of information systems to prevent unauthorized access. •Availability: the information should be available at the time it is needed. • Integrity: the information must be retrieved in its original form (at the time it was stored). It is the protection of data or information from accidental or intentional unauthorized modification. Some authors have suggested that where one person considers information to be safe, the system that manages it still must meet the following criteria: • Authenticity: warrant that the information or its user is authentic. • Non-repudiation: can not deny (in the sense of saying that something was not done) a transaction or service that modified or created information; can not deny sending or receiving information or data.• Legality: ensures the legality of (legal) information; adherence to a system of laws; and the characteristics of the information that has legal value within a communication process where all assets are in accordance with the agreed contractual terms or the existing national or international laws. • Privacy: escapes from the aspect of confidentiality, because some information may be considered confidential, but not private. Private information may be viewed / read / changed only by its owner. It also ensures that information is not disclosed to others (in this case, the confidentiality nature of information is attributed). It is the ability of a user to perform actions on a system without being identified.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
720
Roratto, R., Dias, E. D.
â&#x20AC;˘ Audit: traceability of the different stages of a business or process, identifying participants, locations and times of each stage. The audit adds credibility to the company and is responsible for the adequacy of the Company to legal and internal policies. All these considerations about criteria for information security are added to another strategy for information management: accuracy. This means that the information must be grounded on true events or logical arguments, compatible with the needs of the organization. In this sense, it is not enough that the information is authentic, because its source can be dishonest. Reliability is not enough; accuracy of information must also exist. 4. AUDIT TRAILS (LOGS)
An audit seeks to identify and prevent suspicious and fraudulent activities by the user, collecting data about them in the database. The information collected is analyzed in order to find security problems and their origin (Simon et al. 2008). The main functionality of an audit is to provide secure and permanent storage of log records, so that they can be detected when a security breach has occurred (Xu et al. 2005). The need to identify such activities and to determine suspicious patterns are important requirements for system security. In addition, an audit should be performed independently and transparently, so that all relevant information is classified (Hawthorn et al. 2006). An audit trail, which can also be called audit log, is used to ensure an accurate flow of transactions in a system. Every detail of a source and entry of a document or transaction should be made based on a report or file. A digital audit enables the verification of the contents of a file system in a given period in the past. The audit protocol is a challenge / response between the auditor and the file system to be audited (Peterson et al, 2007). The tracking technique can be applied in a single transaction for rapid testing; however, to ensure that control function consistently, the test should cover large volumes of data in different time periods (Bosworth; Kabay, 2002). Audit trails should be developed as a normal part of the internal control systems. Some systems can be acquired with the use of an automated audit log. The system log file includes an entry for each operation applied to a database that may be necessary to recover an operation failure or an operating system failure; (Elmasri Navathe, 2004). We can expand the log entries so that it also includes the account number of the user and terminal online to be applied to each transaction recorded in the log. If any tampering with the database is suspicious, an audit of the database is performed, which is to analyze the log to examine all accesses and operations applied to the database during a certain period of time (Elmasri; Navathe, 2004). When an illegal or unauthorized operation is found, the DBA can determine the number of the account used to perform this operation. Database audits are particularly important for sensitive databases that are updated by many transactions and users, such as a banking database, which is updated by many bank tellers (Elmasri; Navathe, 2004). JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Security information in production and operations: a study on audit trails in database systems
721
To prepare for a future audit, a file system generates authentication metadata that â&#x20AC;&#x153;commitâ&#x20AC;? in the file regarding its current content system. This metadata is published in a third location. To conduct an audit, the auditor accesses the metadata and makes objections to the file system and crosschecks the information obtained from those represented in the metadata (Peterson et al. 2007). The system must be prepared to withstand attacks with the creation of histories and fake versions that pass the audit process (Peterson et al. 2007). This class of attack includes creating fake versions of the data that matches the published metadata file, but differ from the data used in its creation. It also includes the creation of a fake history, the insertion or deletion of versions in a sequence without identity. This point describes the importance of an audit as an activity that aims to ensure the security and continuity business. 5. LOGS IN DBMSS Saving logs on file systems is not recommended because if a file is deleted, there is no record of this action. This is a problem that occurs in a database (McDowall, 2007). Most DBMSs allow actions classified in the database, generating audit logs. Unfortunately, the methods generally are not transparent and many require the creation of triggers for each analyzed object (Simon et al. 2008). The use of triggers is not recommended as it burdens the use of the database by adding routines that must be performed to every action performed (Sallachl, 1992). The generation of audit data can be implemented via generic functions or through of database use policies and automated logs. In order for log records to be created, there should be a separate record of all entries of audit trails associated with the creation, modifications and deletion of data and records in the database (McDowall, 2007). Regardless of the approach, each packet in the system must have a single audit trail. The advantage of this approach is that all audit entries are closely associated with the data they represent. This approach allows to search more specifically and quickly log records (McDowall, 2007). As an example of the generation of the DBMS logs, PostigreSQL will be presented. OPostgreSQL enables the system to manage records about its activities in its configuration file. Among the parameters present in this file is the creation of a log for each activity performed by the DBMS. This log can contain, in addition to information on access to data, several others, such as connection messages, authentication errors and errors of SQL queries. An example of log records generated by PostgreSQL is shown in Figure 1 In this case, the configuration file is defined to generate information on data accesses. As can be observed, the records are created in every query made by a client, in which the information about types of queries and their duration is present. These are the parameters that will be used as the basis for the audit.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
722
Roratto, R., Dias, E. D.
Figure 1: Example of log PostgreSQL (SIMON et al. 2008). 6. STUDIES FOR EXISTING SECURITY AUDIT TRAILS
In this section, we present published papers that directly or indirectly present contributions to the problem of violation of log records.
6.1 Forward Integrity for Secure Audit Logs A log entry consists of a date (time) and event description. An experienced system attacker tries to modify or destroy log data corresponding to their current or past login attempts (Bellare; Yeey, 1997) .The authors of this paper, Mihir Bellar and Bennet S. Yeey, introduce a new security property which they called â&#x20AC;&#x153;forward integrityâ&#x20AC;? (FI) based on the generation of message authentication codes (MACs) model. The goal is to prevent FI alteration or entering of information by the attacker, even when the log records become available to the attacker who gained control of the entire system. In the MAC system, if an attacker obtains the MAC key, he/she can forge all the registry entries. In the FI system, the possession of the key at a particular point in time does not allow the attacker to forge log entries from a previous to the current date. Thus, the attacker can not change the contents of the log (Bellare; Yeey, 1997). He/she can even delete entries, but spaces will be visible in the registry and also the occasional transmission of the log to a remote system mitigates the effect of the deletion of records. 6.1.1. Message Authentication Codes (MACs) Typically, MACs are used in a context of communication, where the sender and receiver share a secret MAC key. The sender uses the MAC key to generate a message and attaches it to the message; the receiver, who knows the MAC key, can restore Mac and accept as true only those messages for which the regenerated MAC matches the transmitted MAC. The MAC security model is the fact that it is computationally infeasible for an adversary-based network that does not know the key to modify the MAC messages and MACs for the receiver to accept them as true. Once the audit logs are simply messages that are read and checked later on by a recipient and not (necessarily) over a network, it might simply attach MACs to the audit log entries to protect them. The following is a log coding scheme MAC. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Security information in production and operations: a study on audit trails in database systems
723
Figure 2: Example of MAC coding (HOLT, 2006). However, the MAC model fails when it does not send continuous logs to a remote device, either by lack of or delay in transfers. Another vulnerability is in the fact that if an attacker enters the system and obtains the MAC key, they will get control of the logs (Bellare system; YEEY 1997).
6.1.2. Model forward integrity (FI) This new model proposed by Mihir Bellar and Bennet S. Yeey makes use of MACs in a different way, avoiding the requirement of replication of a log in remote logs. A log entry consists of a date (time) and description of event. As previously mentioned, an experienced attacker attempts to compromise the previous data: they want to change or delete the entry corresponding to their attempts to login. In the same model proposed, even if the attacker gets the key in a given period in time, they will not be able to change records generated prior to this period (Bellare; Yeey 1997). They can even delete entries, but spaces will be visible in the registry and also the occasional transmission of the log to a remote source decreases the chances of complete destruction of records. In this system, the keys are changeable and evolve in time periods, being generated from the previous key. The key Ki at time i is obtained with non-reversible function Ki-1 of the previous time and the current time. After the new key Ki is generated, the Ki-1 key is deleted. Thus, if an attack on attacker gets key Ki, they can not get Kj for j <i. This prevents the attacker from creating registry entries for previous
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
724
Roratto, R., Dias, E. D.
periods. A key K0 is provided for verifying the integrity of all independent versions of time. In this article, it is suggested audit log systems where:
the generators of log messages (mi) may have or not control over when the registry decides to change the time. Each message received in one mi Ej time, the generator creates a log entry _fnj (mi) and saves the audit log which can be subsequently verified. The FIMACj (mi) is an authentication code attached to messages. The cryptographic protection should be made very carefully. Do not just encrypt with a public key and make the verifications. If an attacker accesses the encryption key, they simply opt out the original record and generate their own logs. In addition to encrypting these secrets, the generator logs must authenticate its use at the beginning of the log, perhaps using a times tamping protocol (Bellare; Yeey 1997). This would require some communications network or digital signature scheme based on the key. Instead of generating codes in the data logger, the key may be generated by an external device. For example, the log is generated safely and delivered to the logger using an encrypted protocol with forward secrecy (FS). Maintain records in the filing is also essential not to allow an attacker to retrieve logs from a previous period, something that can only be avoided if a key system check (FS) is used.
6.2. Building an Encrypted and Searchable Audit Log
In this work the authors develop a study to create a search engine for keywords and encryption of log files. Delegation of resources is important so that a researcher can search and find specific entries in log files (Waters et al. 2004). They developed a system based on keys that allows you to search keywords on encrypted data using Identity-Based Encryption (IBE). If at any time you want to search the auditor, an audit log to identify entries matching a certain keyword, they should go to the depositary audit agent. If the depositary considers it appropriate, they grant this ability to auditor. They can then search through the entries and see what entries correspond to the keyword. To audit entries that match the keyword log, the investigator can decrypt the input and display its contents, according to figure 4.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Security information in production and operations: a study on audit trails in database systems
725
Figure 3: Scheme seeks records in an encrypted log (Waters et al. 2004).
6.2.1. System Operation Operations in the asymmetric regime are significantly more expensive than the symmetric regime. The main obstacles are of modular exponentiation calculations for each matching keyword (Waters et al. 2004). However, if the same keywords are used frequently, the intermediate results can be reused. The asymmetric model corrects many of the drawbacks of the symmetric scheme (Waters et al. 2004). Since each server stores only public parameters, there are no secret keys for an attacker to steal .This model does not allow the attacker to search or decipher any entries in the audit that have already been generated and stored. In that work, a system database audit that creates asymmetrically encrypted and searchable log entries was implemented. The log agent is implemented as a MySQL Proxy server, upon receiving a query, records the query, and passes it on to the server MySQL database. The proxy is created on a Linux platform and is multi-threaded so that multiple users can be served simultaneously on the logging component that runs in parallel with the rest of the system. The audit log server assigns the date and time for each entry audit log. The log entries are written in another MySQL database server, which is dedicated to storing log entries. The software has a cache server that is used to reuse queries. It is implemented as a simple hash table that associates the result with the word sought. The method of checkpoint hash chain was also implemented. The audit log server calculates the present value of the hash chain for each log entry that builds. The current hash value can be read at any time. A part that reads this value can check the integrity of the log later on. In this research the authors presented the implementation of a model that allows you to make searches through keywords in logging and ensure that these records will be protected via asymmetric key model.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
726
Roratto, R., Dias, E. D.
7. SOLUTIONS FOR SECURITY LOGS IN DBMSs Functionality and security is the biggest problem in any DBMS (Jangra et al. 2010). There are many problems?? in the DBMS market. Currently, we have several databases such as: Alpha Five, DataEase, Oracle database, IBM DB2, Adaptive Server Enterprise, FileMaker, Firebird, Ingres, Informix, Mark Logic, Microsoft Access, Microsoft SQL Server, Microsoft VisualFoxPro, MonetDB, MySQL, PostgreSQL, Progress, SQLite, Teradata, CSQL, OpenLink Virtuoso, Daffodil DB, etc. OpenOffice.org Base Among these databases presented, which are more present on the market are: Oracle, IBM DB2 and (Jangra et al. 2010). The following are the features that each offers for the management of audit logs. 7.1 Oracle Database Vault The Oracle Database Vault in 11g helps to protect sensitive application data and even the access of privileged users. Thus, customers can increase the protection of their sensitive application data from unauthorized access of any user, including the highly privileged ones, including DBAs and other powerful applications, to access sensitive data and applications on Oracle databases outside the scope of their responsibilities (ORACLE, 2010). For example, you can restrict administrative access to employee salaries, customer medical records, or other confidential information. It can also be used to determine the separation of duties within the database; for example, blocking access to confidential DBA application data, but it allows it to perform the day-to-day activities such as backup and recovery, and tuning and replication of the database. It allows you to consolidate the databases of applications and to determine strong boundaries and policies around the access to data. Regulations such as Sarbanes-Oxley (SOX), Healthcare Insurance Portability and Accountability Act (HIPAA), Basel II and Data Security Standards (DSS) of the Payment Card Industry (PCI) require that companies consider separation of duties and strong access controls to confidential information as shown i table 1 (ORACLE, 2010). Table 1: Regulations and potential threats to security (ORACLE, 2010). Regulation
Potential security threat
Sarbanes-Oxley Section 302 Section 302 of Unauthorized modification of data Sarbanes-Oxley
Sarbanes-Oxley Section 404 Section 404 of The modification of data, unauthorized Sarbanes-Oxley access
Sarbanes-Oxley Section 409 Section 409 of A denial of service, unauthorized
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Security information in production and operations: a study on audit trails in database systems
727
Regulation
Potential security threat
Sarbanes-Oxley
access
Gramm-Leach-Bliley Gramm-Leach-Bliley
The unauthorized access, modification or disclosure
Health Insurance Portability and Accountability Act (HIPAA). HIPAA 164.312 HIPAA 164,312. Basel II â&#x20AC;&#x201C; Internal Risk. Management BasilĂŠia II CFR Part 11 CFR Part 11
Unauthorized
access
to
data
Japan Privacy Law Japan. EU Directive on Privacy and Electronic. Communications Management of EU. Payment Card Industry Data Security Standard (PCI DSS) Payment Card Industry Data Security Standard (PCI DSS)
This system allows you to create flexible security policies for your database. For example, any user of the database, such as SYSTEM, who has the DBA role can make modifications to basic parameters of a database. Suppose that an inexperienced administrator, who has system privileges decides, to start a new log file, but they are not aware of the fact that if they do it at a particular time, this may cause problems to the database. With Oracle Database Vault, you can create a rule to prevent the user's command to make these changes, limiting their use of the ALTER SYSTEM SWITCH LOGFILE (ORACLE, 2010) .This tool also allows you to attach rules to the command rule to restrict further activities, such as limiting the execution of an instruction. A database consolidation can result in multiple powerful user accounts residing in a single database. This means that besides the DBA database general, a proprietor scheme of individual applications may also have powerful privileges. Revoking some privileges may adversely affect existing applications. The Database Vault has a system called Realms, which allows to access applications through a trusted path, preventing database users, the database that, who have not been specifically authorized, from privileges and access to application data. For example, a DBA who has the SELECT ANY TABLE privilege can be prevented from using that privilege to read data from the application (ORACLE, 2010). The Database Vault is against unauthorized access to application data, as well as changes to the database made by anyone, even by privileged access, such as DBA, intentionally or unintentionally that may in any way be harmful, taking into consideration various factors such as time, authentication, and other applications. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
728
Roratto, R., Dias, E. D.
7.2 IBM InfoSphere Guardium Systems DB2 database provide an audit mechanism to assist in the detection of unknown or unanticipated access to data. The DB2 audit facility generates, and allows maintaining an audit trail for a series of predefined events in the database. For the protection of mission-critical systems, most organizations have formal control change policies of that determine how and when employees and service providers can make changes to production databases. However, it is difficult to detect violations, making policies difficult to enforce. As a solution, the IBM InfoSphere Guardium provides the tool that promises to send real-time security alerts whenever major system changes are made. Among the features are (IBM, 2010): â&#x20AC;˘ Fraud Protection for SAP Systems: From client data to ERP and personnel information, SAP systems often contain sensitive information that must be monitored for compliance and audit purposes. Now, businesses can detect fraud in real-time through the monitoring of all user activities at the application layer, including activities by administrators and outsourced personnel. The new release of InfoSphere Guardium provides more detailed information about SAP users, making it easier for businesses to detect fraudulent activities without making any changes to their databases or applications. Protection of SharePoint files: SharePoint repositories often contain sensitive information such as corporate financial results and valuable intellectual property such as product design data, but they do not have the necessary controls to prevent misuse by insiders. Now, for the first time, businesses have continuous real-time monitoring controls making it easier to detect unauthorized access to SharePoint repositories. Support for the Mainframe: An often overlooked, yet critical aspect of database security is real-time monitoring and auditing controls for database and system administrators. IBM now offers enhanced database activity monitoring capabilities for IBM DB2 databases running on System z, allowing businesses to protect critical information from unauthorized access by administrators. For example, if a database administrator at an insurance company tries to access a client's social security number, salary and medical history, the system will immediately generate an alert for security and compliance personnel. The new version of InfoSphere Guardium 8 leverages IBM-developed mainframe technology to capture all database transactions with minimal performance impact. Improved Compliance and Audit processes: A critical part of any audit is the ability to demonstrate that compliance and exception reports have been reviewed by oversight teams and appropriate actions taken. With the new software, businesses will have improved flexibility to define custom workflows and share specific audit information with relevant audiences in their organizations. Together JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Security information in production and operations: a study on audit trails in database systems
729
with the software's pre-packaged report templates for common regulations such as SOX, HIPAA and PCI, this capability will help businesses save time and money by significantly reducing time required to gather and report on compliance data required by auditors. â&#x20AC;˘ Lock and advanced Quarantine: Companies can selectively block individual users not to access the system for a certain period of time in the event of suspicious activity or unauthorized, thus avoiding the loss of valuable data until the activity can be investigated. For example, if an administrator of a database in a hospital access sensitive data from a patient, access this employee will be locked automatically without any manual, costly and prone to error change of databases and applications is required.
The Info Sphere Guardium allows simplification of regulation and security organizations with a single set of centralized and automated controls for a wide range of applications and database of companies (IBM, 2010). In addition to its automated monitoring capabilities, the new software helps customers comply with the regulation easier to provide more precise control of the information, ensuring privacy and integrity of corporate data and simplifying audits.
8. CONCLUSIONS This work shows the importance of ensuring security, inviolability and integrity of information contained in a computerized management system. There was a study and description of the main research in proposing mechanisms for the protection of audit logs. With this, it is concluded that with the increasing dependence of critical data storage systems, we must develop new solutions for the monitoring and protection of these data. Currently, there are few studies in the area with some implementations, but none of them introduced a great solution to the problem of security logs. Two commercial systems from Oracle and IBM that promise to solve the problems such as unauthorized access to sensitive information and integrity of audit logs are also presented. Based on this research, one realizes that this is a very promising and important area of study and is recommended to conduct further research in the area of control and information security through the use of Business Intelligence technologies.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
730
Roratto, R., Dias, E. D.
REFERENCES Bellare, Mihir; YEEY, S., Bennet. Forward Secure Audit Integrity For Logs. Dept. of Computer Science & Engineering, Mail Code 0114, University of California at San Diego, 1997. BOSWORTH, SEYMOUR; Kabay, ME COMPUTER SECURITY HANDBOOK Fourth Edition. John Wiley & Sons, Inc. 2002 Canada. ISBN 0-471-41258-9.Pg 28846. Elmasri, Ramez; B. Navathe Shamkant. FUNDAMENTALS OF DATABASE SYSTEMS 4th ed. Copyright Š 2004 Pearson Education, Inc. ISBN 0-321-12226-7.Pg 735. HAWTHORN, P., B., Clifton, C., Wagner, D., Bellovin, SM, Wright, RN, Rosenthal, A., Poore, RS, Coney, L. Gellman, R., and Hochheiser, H . (2006). Statewide databases of registered voters: a study of accuracy, privacy, usability, security, and reliability issues. Communications of the ACM, 49 (4): 26-28. HOLT, E., Jason. Logcrypt: forward security and public verification for secure audit logs. Internet Security Research Lab, Brigham Young University. ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research Volume 54. IBM. IBM InfoSphere Guardium. Found 01.ibm.com/software/data/guardium/-in date: 20/12/2010.
at:
http://www
Jangra, A .; BISHLA, D .; BHATIA, Komal; PRIYANKA. Functionality and Security Analysis of ORACLE, IBM DB2, SQL & Server. Global Journal of Computer Science and Technology. Vol. Issue 7 View 10. 1.0 September 2010 page 8. McDowall, RD Validation of Spectrometry Software - Audit Trails for Spectrometer Software. Spectroscopy 22 (4) April 2007 Pg 16 to 18. http://spectroscopyonline.findanalytichem.com/spectroscopy/data/articlestandard/spect rscopy/172007/421873/article.pdf. Alfred J. Menezes; VAN OORSCHOT C. Paul; A. Vanstone Scott. HANDBOOK of APPLIED cryptography. Massachusetts Institute of Technology June 1996.Pg 560. ORACLE. Presentation of Oracle Database Vault. Found in: http://download.oracle.com/docs/cd/B28359_01/server.111/b31222/dvintro.htm&prev =_t&rurl=translate.google.com.br&twu=1&usg=ALkJrhjnhkUAHhpz2vIjNKVO8sXg sNt0kw#CEGCIECD, on the date of 10/11/2010. PETERSON, N. J. Zachary; Randal Burns; ATENIESE, Giuseppe; BONO Stephen. Design and Implementation of Veri able fi Audit Trails for a Versioning File System. Proceeding FAST '07 Proceedings of the 5th USENIX conference on File and Storage Technologies in 2007. SALLACHL, DL (1992) .A deductive database audit trail.In Proceedings of the 1992.ACM / SIGAPP Symposium on Applied Computing (SAC'92), pages 314-319. SCHNEIER, Bruce; KELSEY, John. "Secure audit logs to support computer forensics." ACM Transactions on Information and System Security, 2 (2), 1999, 159176. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Security information in production and operations: a study on audit trails in database systems
731
SIMON, Fernando; DOS SANTOS, L., Aldri; Carmen S. HARA. An Auditing System based on analysis of log records. Informatics Department Universidade Federal do Paranรก (UFPR). Regional School Database (ERBD'2008), Florianopolis-SC, April 2008. Brent R. Waters; BALFANZ, Dirk; DURFEE, Glenn; Smetters, DK Building an Encrypted and Searchable Audit Log CiteSeerX -. Scientific Literature Digital Library and Search Engine (United States). In 2004. Xu, Wensheng; CHADWICK, David; OTENKO Sassa.A PKI Based Secure Audit Web In IASTED Communications, Network and Information and CNIS, Phoenix, USA, November 2005 Found in:. Http://www.oracle.com/global/br/corporate/press/2008_mar/ Oracle_Database_Vault.html
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
732
Roratto, R., Dias, E. D.
APPENDIX 1 No
1 2 3 4 5
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
Table 1. MCDA methods (Adapted from Guitouni and Martel (1998)) Method Author(s) Linear weighting and elementary methods Weighted Sum Churchman and Ackoff (1954) Lexicographic method Roy and Hugonnard (1982) Conjunctive method Hwang and Youn (1981) Disjunctive method Chen and Hwang (1992) Maximin method Hwang and Youn (1981) Single synthesizing criterion or utility theory TOPSIS Hwang and Youn (1981) MAVT Keeney and Raifa (1976) UTA Jacquet-Lagreze and Siskos (1982) SMART Edwards (1971) MAUT Bunn (1984) AHP and ANP Saaty (1980), Saaty (2005) DEA Talluri et al. (1999) COPRAS Zavadskas et al. (2007); Chatterjee et al. (2011) Outranking methods ELECTRE De Boer et al. (1998); Dulmin and Mininno (2003) ELECTRE I Roy (1968) ELECTRE IS Roy and Bouyssou (1993) ELECTRE II Roy and Bertier (1971) ELECTRE III Roy (1978) ELECTRE IV Roy and Hugonnard (1982) ELECTRE TRI Yu (1992); Mousseau et al. (2000) PR OMETHEE Dulmin and Mininno (2003) PROMETHEE TRI Figueira et al. (2004) PROMETHEE/GAIA technique Dulmin and Mininno (2003) NAIADE Munda (1995) ELECCALC Kiss et al. (1994) UTADIS Doumpos et al. (2001) MELCHIOR Leclerc (1984) ORESTE Roubens (1980) REGIME Hinloopen and Nijkamp (1982) PROMSORT Araz and Ozkarahan (2007) EVAMIX Voogd (1983) QUALIFLEX Paelinck (1978) Fuzzy methods Fuzzy relationship hierarchy Lin and Chen (2004) Fuzzy set approach Sarkar and Mohapatra (2006) Fuzzy suitability index (FSI ) Bevilacqua et al. (2006) Fuzzy weighted sum Baas and Kwakernaak (1977) Fuzzy miximini Bellman and Zadeh (1970) Ng and Skitmore (1995); Vokurka et al. (1996); Kwong et AI methods al. (2002); Choy et al. (2002); Choy et al. (2003); Choy et al. (2005) CBR Ng and Skitmore (1995); Choy et al. (2003) Mixed methods Martel and Zaras method Martel and Zaras (1990); Martel and Zaras (1995) Fuzzy conjunctive/ disjunctive Dubois, Prade and Testemale (1988) method
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Security information in production and operations: a study on audit trails in database systems
733
APPENDIX 2 Operational requirements identified for the purpose of criteria-based evaluation are as follows: 1. The maximum tender for the evaluation is MVR1.500,000.00. 2. The minimum tender for the evaluation is MVR25.000.00. 3. Different cost bands are evaluated differently. 4. Public announcement should be made for every procurement costing more than MVR25.000.00. 5. There is a minimum of two criteria for evaluation. 6. There can be more criteria for evaluation based on the procurement. 7. Allocation of criteria and weights are based on the needs of the organisation. 8. A pre-bid meeting is compulsory and it needs to be announced. 9. Specification should be provided to potential bidders during the pre-bid meeting. 10. Marking criteria with weights are provided in advance in pre-bid meeting. 11. All required documents should be submitted with the bid and the requirements need to be informed to bidders. 12. If any bidder requires, calculations procedures are explained. 13. All bids are submitted on specific date and time. All the documents are checked verified during the submission process. 14. It requires minimum three BEC members to evaluate bids. 15. Basis for evaluation solely depends on the information provided in pre-bid meeting. 16. Suppliersâ&#x20AC;&#x2122; bids need to be verified for correct information. 17. Suppliersâ&#x20AC;&#x2122; previous jobs are evaluated based on available information. 18. Submitted support documents are primary source of information and they are assessed. 19. Assess the bid price compare to the expected work. 20. Suppliersâ&#x20AC;&#x2122; performances are evaluated based on the criteria provided and according to the weights and marks in allocated schemes provided in advance. 21. Marks are allocated based on the criteria and weights provided during pre-bid meeting in relation to performances of suppliers. 22. Technical expertise is used to get advice and explanations on procurement of technical good and services. 23. A through check is made if the proposed goods or services meet the specified standard. 24. Every criterion is assessed independently from one another. 25. All the criteria need to be evaluated. 26. No ranking can be made in evaluation; rather, marks are allocated in evaluation. 27. Pair wise comparison cannot be done. 28. In evaluation stage no changes to criteria, weights and requirements should be made. 29. Incomplete bids should be rejected. 30. Evaluation calculations are shown to bidders if requested. 31. BEC needs to approve of the winner. Evaluation analysis does not grant awarding the bid to the winner. 32. BEC need to state the reason for selection of the specific bid. 33. Bidders are informed the winner but not marks. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
734
Roratto, R., Dias, E. D.
34. If any bidder wants more clarification, evaluation calculations are shown. 35. No discrimination in evaluation. 36. Evaluation method needs to be accurate. 37. Evaluation method should be using reasonable amount of resources and provide reasonable results. 38. Evaluation method should comply with procurement rules and regulations. 39. Evaluation method should provide no chance of manipulation from both sides. 40. Evaluation method needs to help minimise complaints. 41. Evaluation method needs to support utility concept. 42. Evaluation method should be clear and easily understandable.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
JISTEM - Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734 ISSN online: 1807-1775 DOI: 10.4301/S1807-17752014000300010
SEGURANÇA DA INFORMAÇÃO DE PRODUÇÃO E OPERAÇÕES: UM ESTUDO SOBRE TRILHAS DE AUDITORIA EM SISTEMAS DE BANCO DE DADOS SECURITY INFORMATION IN PRODUCTION AND OPERATIONS: A STUDY ON AUDIT TRAILS IN DATABASE SYSTEMS Rodrigo Roratto Evandro Dotto Dias Universidade Federal de Santa Maria, RS/Brazil ________________________________________________________________________________________
ABSTRACT Special care should be taken to verify the integrity and to ensure that sensitive data is adequately protected. One of the key activities for data loss prevention is anaudit. And in order to be able to audit a system, it is important to have reliable records of its activities. Systems that store critical data, whether financial or productive, must have features such as audit log, also called audit trail, which records all activities on critical data. This allows to identify harmful actions that can be internal or external, intentionally or unintentionally caused. Therefore, this paper presents major studies in security audit trail (audit log), especially records of logs, and it presents what is available in terms of commercial tools and what they offer. Keywords: Audit trails, Information Security, Computer systems management technologies available, Computational Risk.
RESUMO Cuidados especiais devem ser aplicados para verificar a integridade e para garantir que dados sensíveis estejam adequadamente protegidos. Uma das atividades fundamentais para que se evitem estas perdas é a auditoria. E para ser possível auditar um sistema é importante que se tenha registros confiáveis das atividades no mesmo. Sistemas que armazenam dados críticos, sejam financeiros ou de ordem produtiva, devem dispor de recursos como o log de auditoria, também chamado de trilha de auditoria, que registre todas as atividades nos dados críticos. Isto permite identificar ações danosas que podem ser internas ou externas causadas intencionalmente ou não. Diante disso, neste estudo fez-se um levantamento das principais pesquisas na área de segurança de trilhas de auditoria (logs de auditoria), em especial registros de logs, e apresenta-se o que existe disponível em termo de ferramentas comerciais e o que elas oferecem. Palavras-chave: Trilhas de auditoria, Segurança da informação, Sistemas informatizados de gestão, Tecnologias disponíveis, Risco computacional.
___________________________________________________________________________________________ Manuscript first received/Recebido em: 23/09/2013 Manuscript accepted/Aprovado em: 17/09/2014 Address for correspondence / Endereço para correspondência Rodrigo Roratto, Universidade Federal de Santa Maria, RS/Brasil. Email: roratto_rs@hotmail.com Evandro Dotto Dias, Universidade Federal de Santa Maria, RS/Brasil, E-mail: evandrodotto@yahoo.com Published by/ Publicado por: TECSI FEA USP – 2014 All rights reserved.
718
1.
Roratto, R., Dias, E. D.
INTRODUÇÃO
A informação é um recurso crítico nas organizações. Com a maior disponibilidade de computadores para usuários de todos os tipos em todo o mundo, mais dados estão sendo processados em curtos períodos de tempo. Entender o que implica a segurança do computador exige a compreensão dos termos exposição, vulnerabilidade e risco (Bosworth; Kabay, 2002). A vulnerabilidade é uma fraqueza no sistema computacional ou em seus arredores que pode se tornar um risco à segurança.Um risco computacional é a probabilidade de um evento resultar em uma perda. Os riscos e as perdas podem incluir perdas financeiras e de pessoal, perda de reputação e base de clientes, incapacidade de funcionar de uma forma atempada e eficaz, a incapacidade de crescer, e violação das leis e regulamentações governamentais (Bosworth; Kabay, 2002). Nos sistemas em que o proprietário do dispositivo não é a mesma pessoa que é proprietária dos segredos dentro do dispositivo, é essencial que existam mecanismos de auditoria no local para determinar se houve alguma tentativa de fraude (Schneier; Kelsey, 1999). Cuidados especiais devem ser aplicados para verificar a integridade e para garantir que dados sensíveis estejam adequadamente protegidos. Uma das atividades fundamentais para que se evitem estas perdas é a de auditoria. A tarefa de auditoria inclui recomendar ações para eliminar ou minimizar as perdas, através da identificação de vulnerabilidades e riscos, determinar se os controles de segurança adequados estão em vigor, garantir que os dispositivos de auditoria e segurança sejam válidos e verificar se os controles, trilhas de auditoria e medidas de segurança estão funcionando de forma eficaz (Bosworth; Kabay, 2002). Em muitas aplicações o controle de acesso e outras informações relacionadas com as operações do usuário devem ser mantidos em arquivos de log seguros para detecção de intrusão e violações ou para fins de auditoria do sistema (Xu et al. 2005). Nos arquivos de log geralmente são armazenados uma grande quantidade de informações confidenciais. Portanto, é importante garantir que, caso ocorra alguma violação do sistema, os logs do mesmo não sejam comprometidos e a violação possa ser detectada posteriormente (Xu et al. 2005). O primeiro alvo de um atacante experiente será o sistema de log de auditoria: o atacante quer apagar os traços do ataque, para escapar da detecção, bem como manter o método de ataque em segredo para que as falhas de segurança explorada não sejam detectadas pelos administradores do sistema (Bellare; Yeey, 1997). Isto demostra que há uma grande nescessidade de se estudar e desenvolver técnicas que permitam gerir e principalmente garantir a inviolabilidade dos registros de auditoria para protegê-los de adulterações e danos causados por qualque tipo de usuário ou pessoa de forma intencional ou não. A partir destes conceitos buscar-se-á fazer neste estudo um levantamento dos principais estudos na área e ferramentas disponíveis no mercado. Com base nestes problemas busca-se neste trabalho fazer um estudo e apresentar uma análise dos seus principais pontos que devem ser considerados na gestão de segurança da informação e uma descrição das principais tecnologias e pesquisas, referentes às formas de aplicação e proteção das trilhas de auditorias (logs). Também se faz uma breve descrição de duas das principais soluções comerciais disponíveis no mercado hoje. Com isto, busca-se encontrar soluções contra violações voluntárias ou involuntárias que podem partir de qualquer usuário ou até mesmo do administrador do sistema.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Segurança da informação de produção e operações: um estudo sobre trilhas de auditoria em sistemas de banco de dados
719
O presente trabalho está organizado da seguinte forma: primeiramente no item 2 é apresentada a metodologia utilizada neste estudo; no item 3, apresenta-se o conceito de segurança da informação. Posteriormente, no item 4, são apresentados os conceitos de trilhas de auditoria; a seguir, no item 5, descreve-se o uso de logs em sistemas gerenciadores de banco de dados. No item 6, são apresentados e descritos os principais trabalhos e pesquisas que buscam soluções para a proteção dos registros de auditoria; a seguir, no item 7 é apresentada uma breve descrição dos recursos disponíveis para a gestão de dados críticos oferecidos comercialmente pelas duas principais empresas fornecedoras de soluções para gestão e armazenamento de informações; por fim, no item 8, apresenta-se as conclusões deste estudo. 2.
METODOLOGIA
Quanto aos procedimentos metodológicos, esta pesquisa caracteriza-se como um estudo descritivo bibliográfico focado em um estudo de caso, visto que descreve modelos de sistemas de auditoria e uma análise de atributos a serem considerados para a segurança da informação de sistemas de logs. Também busca identificar o que existe de mais significativo em pesquisas e soluções para o problema de segurança de trilhas de auditoria. O estudo limita-se à análise de referencial teórico referente a soluções para a proteção de trilhas de auditoria (logs) e das ferramentas disponíveis para a gestão de dados críticos no mercado. Salienta-se que o termo log de auditoria, nesse estudo, equivale à trilha de auditoria. 3. GESTÃO
A SEGURANÇA DA INFORMAÇÃO EM SISTEMAS DE
É evidente que os negócios estão cada vez mais dependentes das tecnologias e estas precisam proporcionar confidencialidade, integridade e disponibilidade. Segundo Albuquerque (2002) e Krause (1999), há três princípios básicos para garantir a segurança da informação principalmente no que se refere a sistemas que envolvam questões financeiras, tais como: • Confidencialidade: a informação somente pode ser acessada por pessoas explicitamente autorizadas. É a proteção de sistemas de informação para impedir que pessoas não autorizadas tenham acesso; • Disponibilidade: a informação deve estar disponível no momento em que a mesma for necessária; • Integridade: a informação deve ser recuperada em sua forma original (no momento em que foi armazenada). É a proteção dos dados ou informações contra modificações intencionais ou acidentais não-autorizadas. Alguns autores defendem ainda que, para que uma informação seja considerada segura, o sistema que a administra ainda deve respeitar os seguintes critérios: • Autenticidade: garante que a informação ou o usuário da mesma é autêntico; • Não repúdio: não é possível negar (no sentido de dizer que não foi feito) uma operação ou serviço que modificou ou criou uma informação; não é possível negar o envio ou recepção de uma informação ou dado; • Legalidade: garante a legalidade (jurídica) da informação; a aderência de um sistema à legislação; e as características das informações que possuem valor legal dentro de um processo de comunicação, onde todos os ativos estão de acordo com as cláusulas contratuais pactuadas ou a legislação nacional ou internacional vigente; JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
720
Roratto, R., Dias, E. D.
• Privacidade: foge do aspecto de confidencialidade, pois uma informação pode ser considerada confidencial, mas não privada. Uma informação privada deve poder ser vista / lida / alterada somente pelo seu dono. Garante ainda que a informação não será disponibilizada para outras pessoas (neste caso é atribuído o caráter de confidencialidade à informação). É a capacidade de um usuário realizar ações em um sistema sem que seja identificado.; • Auditoria: rastreabilidade dos diversos passos de um negócio ou processo, identificando os participantes, os locais e horários de cada etapa. A auditoria aumenta a credibilidade da empresa e é responsável pela adequação da empresa às políticas legais e internas. A todas estas ponderações acerca de critérios para a segurança da informação soma-se outra como estratégia de gestão da informação: a veracidade. Isto significa que a informação deve estar calcada em acontecimentos verídicos ou argumentos lógicos compatíveis com a necessidade da organização. Nesse sentido, não basta que a informação seja autêntica, pois sua fonte pode ser desonesta. Não basta a confiabilidade, mas também deve existir veracidade da informação. 4.
TRILHAS DE AUDITORIA (LOGS)
A auditoria procura identificar e evitar ações suspeitas e fraudulentas por parte do usuário, coletando dados sobre suas atividades no banco de dados. As informações coletadas são analisadas a fim de descobrir problemas de segurança e sua origem (Simon et al. 2008). A principal funcionalidade de um serviço de auditoria é oferecer armazenamento seguro e permanente dos registros de log, para que eles possam detectar quando uma falha de segurança ocorreu (Xu et al. 2005). A necessidade de identificar quais foram as ações e determinar os padrões suspeitos são importantes requisitos para a segurança do sistema. Além disso, a auditoria deve ser realizada de maneira independente e transparente, de forma que todas as informações relevantes devem ser catalogadas (Hawthorn et al. 2006). Uma trilha de auditoria, que também pode ser chamada de log de auditoria, é usada para assegurar o fluxo preciso das transações em um sistema. Cada detalhe de uma fonte e entrada de um determinado documento ou transação deve ser feita com base em um relatório ou arquivo. A auditoria digital permite a verificação do conteúdo de um sistema de arquivo em um determinado período no passado. A auditoria é um protocolo de contestação/resposta entre o auditor e o sistema de arquivo a ser auditado (Peterson et al, 2007). A técnica de rastreamento pode ser aplicada em uma única transação para teste rápido. No entanto, para garantir que o controle funcione consistentemente, o teste deve cobrir grandes volumes de dados em diferentes períodos de tempo (Bosworth; Kabay, 2002). As trilhas de auditoria devem ser construídas como parte normal dos sistemas de controles internos. Alguns sistemas podem ser adquiridos com o recurso de registro de auditoria automatizados. O log de sistema inclui uma entrada para cada operação aplicada ao banco de dados que possam ser necessárias para a recuperação de uma falha de operação ou falha do sistema (Elmasri; Navathe, 2004). Podemos expandir as entradas de log para que ele também inclua o número da conta do usuário e terminal on-line para que seja aplicado a cada operação registrada no log. Se qualquer adulteração com o banco de JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Segurança da informação de produção e operações: um estudo sobre trilhas de auditoria em sistemas de banco de dados
721
dados é suspeita, uma auditoria do banco de dados é realizada, o que consiste em analisar o log para examinar todos os acessos e operações aplicadas ao banco de dados durante um determinado período de tempo (Elmasri; Navathe, 2004). Quando uma operação ilegal ou não autorizada é encontrada, o DBA pode determinar o número da conta usada para executar esta operação. Auditorias de banco de dados são particularmente importantes para bancos de dados sensíveis, que são atualizados por muitas transações e usuários, como um banco de dados bancário, que é atualizado por muitas caixas de banco (Elmasri; Navathe, 2004). Para se preparar para uma auditoria futura, um sistema de arquivos gera os metadados de autenticação que consolidam (commit) no sistema de arquivos referente ao seu conteúdo atual. Esses metadados são publicados em um terceiro lugar. Para realizar uma auditoria, o auditor acessa os metadados e faz contestações ao sistema de arquivos e confronta as informações obtidas com as representadas nos metadados (Peterson et al. 2007). O sistema deve estar preparado para resistir a ataques com a criação de históricos e versões falsas que passam pelo processo de auditoria (Peterson et al. 2007). Esta classe de ataque inclui a criação de versões falsas do arquivo de dados que coincidem com os metadados publicados, mas diferem dos dados utilizados na sua criação. Também inclui a criação de históricos falsos, inserção ou exclusão de versões em uma sequência sem detecção. Neste item descreveu-se a importância da auditoria como atividade que tem como objetivo garantir a segurança e continuidade do negócio. 5.
LOGS EM SGBDS
Guardar logs em sistemas de arquivos não é recomendado, pois se algum arquivo for excluído, não haverá registro desta ação. Este é um problema que não ocorre em um banco de dados (Mcdowall, 2007). A maioria dos SGBDs permite catalogar ações na base de dados, gerando logs de auditoria. Infelizmente, os métodos em geral não são transparentes e muitos requerem a criação de triggers para cada objeto analisado (Simon et al. 2008). O uso de triggers não é recomendado, pois onera o uso do banco de dados por adicionar rotinas que devem ser executadas a cada ação realizada (Sallachl, 1992). A geração de dados de auditoria pode ser implementada através de funções genéricas ou através de políticas de uso do banco e logs automáticos. Para que se construam os registros de log deve-se ter uma tabela separada para gravação de todas as entradas de trilhas de auditoria associadas à criação, modificação e exclusão de dados e registros na base de dados (Mcdowall, 2007). Independentemente da abordagem, cada pacote no sistema deverá ter uma trilha de auditoria individual. A vantagem dessa abordagem é que todas as entradas de auditoria estão intimamente associadas com os dados que representam. Esta abordagem permite que se pesquise de forma mais específica e rápida os registros de log (Mcdowall, 2007). Como exemplo será apresentada a geração de logs do SGBD PostigreSQL. O PostgreSQL permite que no seu arquivo de configurações possa ser definido que o sistema gere registros sobre suas atividades. Dentre os parâmetros presentes neste arquivo está a criação de um log para cada atividade realizada pelo SGBD. Este log
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
722
Roratto, R., Dias, E. D.
pode conter, além de informações sobre acesso aos dados, diversas outras, como as mensagens de conexões, erros de autenticação e erros de consultas SQL. Um exemplo de registros de log gerados pelo PostgreSQL é apresentado na Figura 1. Neste caso, o arquivo de configurações foi definido para gerar somente informações sobre acessos aos dados. Como podem ser observados, os registros são gerados a cada consulta realizada pelo cliente, nos quais estão presentes as informações sobre os tipos de consultas e duração das mesmas. São estes os parâmetros que serão utilizados como base para a realização da auditoria.
Figura 1: Exemplo de log PostgreSQL (SIMON et al. 2008). 6. ESTUDOS EXISTENTES PARA SEGURANÇA DE TRILHAS DE AUDITORIA Nesta seção, apresentam-se trabalhos publicados que de forma direta ou indireta apresentam contribuições para o problema de violação dos registros de log. 6.1.
Forward Integrity for Secure Audit Logs
Uma entrada de log é composta de uma data (tempo) e descrição do evento. Um atacante experiente tenta alterar ou destruir os dados de log correspondentes às suas tentativas de login atuais ou passadas (Bellare; Yeey, 1997). Os autores deste trabalho, Mihir Bellare e Bennet S. Yeey, introduzem uma nova propriedade de segurança chamado por eles de “integridade para a frente” (FI) baseada no modelo de geração de códigos de autenticação de mensagem (MACS). O objetivo do FI é prevenir a alteração ou inserção de informações pelo atacante, mesmo quando os registros de log ficarem disponíveis para o atacante que obteve o controle de todo o sistema. No sistema MAC se um invasor obtém a chave MAC ele poderá forjar todas as entradas do registro. No sistema FI a posse da chave em um determinado ponto no tempo não permite que o atacante forje as entradas do registro de uma data anterior a atual. Assim, o atacante não pode alterar o conteúdo do registo (Bellare; Yeey, 1997). Ele ainda pode apagar as entradas, mas os espaços serão visíveis no registro e, também, a transmissão ocasional do log para um sistema remoto atenua o efeito da exclusão dos registros. 6.1.1.
Códigos de autenticação de mensagem (MACs)
Normalmente, os MACs são usados em um contexto de comunicação, onde o remetente e o destinatário compartilham uma chave secreta MAC. O remetente usa a chave para gerar MAC de uma mensagem e atribuí-lo à mensagem; o receptor, que conhece a chave MAC, pode restaurar o MAC e aceitar como verdadeiras apenas as mensagens para o qual o MAC regenerado corresponde ao MAC transmitido. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Segurança da informação de produção e operações: um estudo sobre trilhas de auditoria em sistemas de banco de dados
723
A segurança do modelo MAC está no fato de que é computacionalmente inviável para um adversário baseado em rede que não sabe a chave do MAC modificar as mensagens e os MACs para que o receptor aceite-as como verdadeiras. Uma vez que os logs de auditoria são simplesmente mensagens que são lidas e verificadas mais tarde por um destinatário e não (necessariamente) por uma rede, talvez se possa simplesmente anexar aos MACs as entradas de log de auditoria para protegê-los. A seguir apresenta-se um esquema de codificação de logs por MAC.
Figura 2: Exemplo de codificação por MAC (HOLT, 2006). No entanto, o modelo MAC falha quando não é mantido um envio contínuo dos logs para um dispositivo remoto, seja por falta de um ou demora nas transferências. Outra vulnerabilidade é se um invasor entrar no sistema e obtiver a chave MAC ele obterá o controle do sistema de logs (Bellare; Yeey, 1997). 6.1.2.
Modelo forward integrity (FI)
Este novo modelo proposto por Mihir Bellare e Bennet S. Yeey faz o uso de MACs de uma forma diferente, evitando a obrigatoriedade de replicação do log em registros remotos. Uma entrada de log consiste em uma data (tempo) e descrição do evento. Como citado anteriormente, um atacante experiente, que tenta comprometer os dados anteriores: ele deseja alterar, ou apagar, as entradas correspondentes às suas tentativas de login. No modelo proposto mesmo que o atacante obtenha a chave em um dado período no tempo ele não conseguirá alterar os registros gerados anteriormente a este período (BELLARE; YEEY, 1997). Ele ainda pode apagar as entradas, mas os espaços serão visíveis no registro e, também, a transmissão ocasional do log para uma origem remota diminui as chances de destruição total dos registros. Neste sistema, as chaves são mutáveis e evoluem em períodos de tempo, sendo geradas a partir da chave anterior. A chave Ki no período de tempo i é obtida com a função não reversível Ki-1 do intervalo de tempo anterior e o tempo atual. Após a nova chave Ki ser gerada, a chave Ki-1 é excluída. Sendo assim, se houver um ataque em i e o atacante obtiver a chave Ki, ele não conseguirá obter Kj para j<i. Isto evita que o atacante crie entradas de registro para períodos anteriores. Uma chave K0 é fornecida JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
724
Roratto, R., Dias, E. D.
para verificação da integridade de todas as versões independente do tempo. Neste artigo, é sugerido sistemas de log de auditoria onde:
sendo que os geradores de mensagens log (mi) podem ou não ter controle sobre quando o registrador decide mudar os tempos. Para cada mensagem mi recebida em uma época Ej, o gerador de logs cria uma entrada log_fnj (mi) e armazena no log de auditoria, que pode ser posteriormente verificada. A FIMACj (mi) é um código de autenticação anexada às mensagens. A proteção criptográfica deve ser feita com muito cuidado. Não basta criptografar com uma chave pública e fazer verificações. Se o atacante obtiver a chave de criptografia, ele simplesmente irá apagar o registro original e gerar os seus próprios logs. Além de criptografar esses segredos, o gerador de logs deve autenticar a sua utilização no início do log, talvez usando um protocolo timestamping (BELLARE; YEEY, 1997). Isto exigiria algumas comunicações de rede ou um esquema de assinatura digital baseado em chave. Ao invés de gerar os códigos no logger, a chave pode ser gerada por um dispositivo externo. Por exemplo, o log é gerado de forma segura e entregue ao logger usando um protocolo de criptografia com privacidade para a frente (FI). Manter os registros no arquivamento também é fundamental para não permitir que um invasor recupere os logs de um período anterior, algo que só poderá ser evitado se for utilizada uma chave de verificação do sistema (FI).
6.2.
Building an Encrypted and Searchable Audit Log
Neste trabalho os autores desenvolvem um estudo para criar um mecanismo de busca de palavras-chave e criptografia dos arquivos de log. Delegação de recursos é importante para que um investigador possa pesquisar e encontrar entradas específicas em arquivos de log (WATERS et al. 2004). Eles desenvolveram um sistema com base em chaves que permite pesquisar palavras-chave em dados criptografados, utilizando o Identity-Based Encryption (IBE). Se em algum momento o auditor quiser pesquisar um log de auditoria para identificar as entradas que combinam com uma determinada palavra-chave, ele deverá ir ao agente depositário de auditoria. Se o agente depositário considerar adequado, ele concede essa capacidade para o auditor. Ele, então, pode pesquisar através das entradas e ver que as entradas correspondem à palavra-chave. Para as entradas de log de auditoria que correspondem à palavra-chave, o investigador pode descriptografar a entrada e exibir seu conteúdo, conforme figura 4.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Segurança da informação de produção e operações: um estudo sobre trilhas de auditoria em sistemas de banco de dados
725
Figura 3: Esquema de busca em registros de log criptografados (WATERS et al. 2004). 6.2.1.
Funcionamento do Sistema
As operações no regime assimétrico são significativamente mais caras do que as do regime simétrico. Os principais gargalos são os cálculos de exponenciação modular de emparelhamento para cada palavra-chave (Waters et al. 2004). No entanto, se as mesmas palavras-chaves são usadas com frequência, os resultados intermediários podem ser reutilizados. O modelo assimétrico corrige muitos dos inconvenientes do regime simétrico (Waters et al. 2004). Uma vez que cada servidor armazena apenas parâmetros públicos, não existem chaves secretas para um invasor roubar. Este modelo não permite ao atacante pesquisar ou decifrar nenhuma entrada no log de auditoria que já foram geradas e armazenadas. No referido trabalho foi implementado um sistema de banco de dados de log de auditoria que cria entradas assimetricamente criptografadas e pesquisáveis. O agente de log é implementado como um servidor proxy MySQL. O servidor proxy, ao receber uma consulta, registra a consulta, além de passá-la para o servidor de banco de dados MySQL. O proxy foi desenvolvido em uma plataforma Linux e é multi-threaded para que vários usuários possam ser atendidos simultaneamente em que o componente de log é executado em paralelo com o resto do sistema. O servidor de log de auditoria atribui a data e a hora para a cada entrada de log de auditoria. As entradas de log são escritas em outro servidor de banco de dados MySQL, que é dedicado para armazenar as entradas de log. O software tem um servidor de cache que é usado para reutilizar buscas. Ele é implementado como uma tabela hash simples que associa o resultado com a palavra buscada. Também foi implementado o método check pointing da cadeia hash. O servidor de log de auditoria calcula o valor atualizado da cadeia de hash para cada entrada de log que constrói. O valor de hash atual pode ser lido a qualquer momento. Uma parte que lê este valor pode usá-la mais tarde para verificar a integridade do log. Nesta pesquisa os autores apresentaram a implementação de um modelo que permite fazer buscas através de palavras-chaves nos registro de log e garante a proteção destes registros através do modelo de chaves assimétricas. 7.
SOLUÇÕES PARA SEGURANÇA DE LOGS EM SGBDS
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
726
Roratto, R., Dias, E. D.
Segurança e funcionalidade é o maior problema em qualquer SGBD (Jangra et al. 2010). Existem muitos no mercado de DBMS. Atualmente, temos diversos bancos de dados onde, como exemplo, pode-se citar: Alpha Five, DataEase, Oracle database, IBM DB2, Adaptive Server Enterprise, FileMaker, Firebird, Ingres, Informix, Mark Logic, Microsoft Access, Microsoft SQL Server, Microsoft VisualFoxPro, MonetDB, MySQL, PostgreSQL, Progress, SQLite, Teradata, CSQL, OpenLink Virtuoso, Daffodil DB, OpenOffice.org Base etc. Dentre estes bancos apresentados, os que são mais presentes no mercado são: Oracle, IBM e DB2 (JANGRA et al. 2010). A seguir são apresentados os recursos que cada um oferece para a gestão dos registros de auditoria. 7.1.
Oracle® Database Vault
Oracle® Database Vault, na versão 11g, ajuda a proteger dados confidenciais de aplicativos até mesmo do acesso dos usuários privilegiados. Dessa forma, os clientes podem aumentar a proteção de seus dados confidenciais em aplicativos do acesso não autorizado de qualquer usuário, inclusive os altamente privilegiados, incluindo DBAs de aplicações potentes e outros, de acessar a dados e aplicações sensíveis nas bases de dados Oracle fora do âmbito das suas responsabilidades (ORACLE, 2010). Por exemplo, você pode restringir o acesso administrativo para salários de funcionários, registros de clientes médicos, ou outras informações confidenciais. Pode ser usado ainda para determinar a separação de obrigações dentro do banco de dados, por exemplo, bloqueando o acesso do DBA a dados confidenciais dos aplicativos, porém permite que ele execute as operações do dia a dia como backup e recuperação, ajuste e replicação do banco de dados. Permite consolidar os bancos de dados dos aplicativos e determinar fronteiras e políticas sólidas em torno do acesso a esses dados. Regulamentações como Sarbanes-Oxley (SOX), Healthcare Insurance Portability and Accountability Act (HIPAA), Basiléia II e Data Security Standards (DSS) da Payment Card Industry (PCI) exigem que as empresas considerem a separação de obrigações e controles rigorosos de acesso para as informações confidenciais conforme tabela 1 (ORACLE, 2010). Tabela 1: Os regulamentos que ameaças potenciais à segurança (ORACLE, 2010). Regulamento
Ameaça potencial à segurança
Sarbanes-Oxley Section 302 - Seção 302 da Alteração não autorizada de dados Sarbanes-Oxley Sarbanes-Oxley Section 404 - Seção 404 da A modificação de dados, acesso não Sarbanes-Oxley autorizado Sarbanes-Oxley Section 409 - Seção 409 da A negação de serviço, acesso não Sarbanes-Oxley autorizado JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Segurança da informação de produção e operações: um estudo sobre trilhas de auditoria em sistemas de banco de dados
727
Regulamento
Ameaça potencial à segurança
Gramm-Leach-Bliley - Gramm-Leach-Bliley
O acesso não autorizado, modificação ou divulgação
Health Insurance Portability and Accountability Acesso não autorizado a dados Act (HIPAA) 164.306 - Portabilidade de Seguros de Saúde e Accountability Act (HIPAA) 164,306 HIPAA 164.312 HIPAA 164,312
Acesso não autorizado a dados
Basel II – Internal Risk Management - Basiléia Acesso não autorizado a dados II - Gestão de Riscos Internos CFR Part 11- CFR Part 11 Japan Privacy Law Privacidade
-
Acesso não autorizado a dados Japão
Direito
de Acesso não autorizado a dados
EU Directive on Privacy and Electronic Acesso não autorizado a dados Communications - Directiva da UE relativa à privacidade e às comunicações electrónicas Payment Card Industry Data Security Standard Alteração não autorizada de dados (PCI DSS) - Payment Card Industry Data Security Standard (PCI DSS)
Este sistema permite criar políticas de segurança flexíveis para o banco de dados. Por exemplo, qualquer usuário do banco de dados, tais como SYSTEM, que tem o papel DBA, pode fazer modificações em parâmetros básicos de um banco de dados. Suponha que um administrador inexperiente, que tem privilégios de sistema, decida iniciar um novo arquivo de log, mas não percebe que fazendo isso em um determinado momento pode causar problemas para o banco de dados. Com o Oracle Database Vault, você pode criar uma regra para evitar este comando do usuário de fazer essas modificações, limitando o seu uso do ALTER SYSTEM SWITCH LOGFILE (ORACLE, 2010). Esta ferramenta também permite anexar regras a regra de comando para restringir ainda mais a atividade, como limitar a execução da instrução. A consolidação de banco de dados pode resultar em várias contas de usuário poderoso que residem em um único banco de dados. Isso significa que, além do banco de dados DBA geral, o esquema proprietário de aplicativos individuais também podem ter privilégios poderosos. Revogar alguns privilégios podem afetar negativamente os aplicativos existentes. O Database Vault possui o sistema chamado Reinos, que permite o acesso às aplicações através de um caminho confiável, evitando que os usuários do banco de dados que não tenham sido especificamente autorizados tenham privilégios e acesso aos dados dos aplicativos. Por exemplo, um DBA que tem o privilégio SELECT ANY
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
728
Roratto, R., Dias, E. D.
TABLE pode ser impedido de utilizar esse privilégio para ler dados do aplicativo (ORACLE, 2010). O Database Vault é contra o acesso não autorizado a dados de aplicativos, bem como a alterações no banco de dados realizadas por qualquer usuário, até mesmo por privilegiados como o DBA, de forma intencional ou acidental que possam de alguma forma serem danosas, levando em consideração vários fatores, como horário, autenticação, aplicativo e outros. 7.2.
IBM InfoSphere Guardium
Os sistemas de banco de dados DB2 fornecem um mecanismo de auditoria para ajudar na detecção de acesso desconhecida ou imprevista aos dados. A instalação de auditoria DB2 gera e permite a manutenção de uma trilha de auditoria para uma série de eventos pré-definidos no banco de dados. Para os sistemas de proteção de missão crítica, a maioria das organizações tem políticas de mudança formal de controle que determinam como e quando os empregados e prestadores de serviços podem fazer alterações nas bases de dados de produção. No entanto, é difícil detectar violações, fazendo com que as políticas sejam de difícil aplicação. Como solução, a IBM oferece a ferramenta Guardium InfoSphere, que promete enviar em tempo real, alertas de segurança sempre que forem feitas alterações importantes no sistema. Dentre as funcionalidades estão (IBM, 2010): • Proteção de Fraude para Sistemas SAP: Desde dados do cliente até ERP e informação pessoal, os sistemas SAP muitas vezes contêm informações sigilosas que precisam ser monitoradas para propósitos de regulação e auditorias. As empresas conseguem detectar fraudes em tempo real através do monitoramento de todas as atividades do utilizador incluindo atividades dos administradores e pessoal subcontratado. O InfoSphere Guardium fornece informação mais detalhada acerca dos utilizadores SAP, tornando mais fácil para as empresas detectar atividades fraudulentas sem executar quaisquer mudanças nas suas bases de dados ou aplicações. • Proteção de ficheiros SharePoint: Os repositórios SharePoint muitas vezes contêm informações sigilosas tais como os resultados financeiros da empresa ou propriedade intelectual valiosa, mas não existem os meios necessários para prevenir um uso incorreto por parte dos funcionários. • Suporte para o Mainframe: oferece capacidades reforçadas de monitorização da atividade verificada nas bases de dados IBM DB2 ao rodar o System Z, permitindo às empresas proteger informação crítica de acesso não autorizado por parte dos administradores. Por exemplo, se um administrador de uma base de dados numa companhia de seguros tentar obter o número de segurança social de um cliente, salário e histórico médico, o sistema irá imediatamente gerar um alerta para o pessoal de segurança e regulamentação. Além disso, as empresas podem realizar uma série de testes automatizados para avaliar vulnerabilidades de segurança, tais como permissões fracas que possam levar a organização a expor-se a perdas de dados ou falhas em auditorias de regulação.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Segurança da informação de produção e operações: um estudo sobre trilhas de auditoria em sistemas de banco de dados
729
• Melhoria de Regulação e Auditoria de processos: o novo software permite que as empresas tenham mais flexibilidade para definir fluxos de trabalho personalizados e partilhar informação específica de auditoria com audiências relevantes nas suas organizações. Juntamente com o relatório de software préempacotado de regulações comuns tais como SOX, HIPAA e PCI, esta capacidade ajudará as empresas a poupar tempo e dinheiro ao reduzir significativamente o tempo necessário a reunir e relatar os dados de regulação requeridos pelos auditores. • Bloqueio e Quarentena avançados: As empresas podem bloquear seletivamente utilizadores individuais para não acessarem o sistema por um determinado período de tempo no caso de atividade suspeita ou não autorizada, evitando assim a perda de dados valiosos até que a atividade possa ser investigada. Por exemplo, se um administrador de uma base de dados num hospital acessar dados confidenciais de um paciente, o acesso deste funcionário será automaticamente bloqueado, sem ser necessária qualquer mudança manual, dispendiosa ou propensa ao erro das bases de dados e aplicações.
O InfoSphere Guardium permite a simplificação da regulação e segurança das organizações com um único conjunto de controles centralizados e automatizados para uma larga gama de aplicações e base de dados das empresas (IBM, 2010). Para além das suas capacidades de monitorização automatizada, o novo software ajuda os clientes a cumprir com a regulação mais facilmente ao fornecer controle mais preciso das informações, assegurando a privacidade e a integridade de dados corporativos e simplificando auditorias. 8. CONCLUSÕES Este trabalho apresenta a importância de se garantir a segurança, inviolabilidade e integridade das informações contidas em um sistema informatizado de gestão. Fez-se um levantamento e descrição das principais pesquisas na área que propõem mecanismos para a proteção dos registros de auditoria. Com isto, conclui-se que com a dependência cada vez maior dos sistemas de armazenamento de dados críticos, deve-se desenvolver novas soluções para o monitoramento e proteção destes dados. Atualmente, existem alguns estudos na área com algumas implementações, mas nenhum deles se apresentou como uma solução ótima para o problema de segurança de logs. Também foram apresentados dois sistemas comerciais da Oracle e da IBM que prometem resolver os problemas, como acessos indevidos a informações sigilosas e integridade dos registros de auditoria. Com base nesta investigação, percebe-se que esta é uma área muito promissora e importante de estudo, sendo recomendado a realização de novas pesquisas na área de controle e segurança da informação por meio da utilização de tecnologias de Business Intelligence.
REFERÊNCIAS Bellare, Mihir; Yeey, S., Bennet. Forward Integrity For Secure Audit Logs. Dept. of Computer Science & Engineering, Mail Code 0114, University of California at San Diego, 1997. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
730
Roratto, R., Dias, E. D.
Bosworth, Seymour; Kabay, M.E. COMPUTER SECURITY HANDBOOK Fourth Edition. John Wiley & Sons, Inc. 2002 Canada. ISBN 0-471-41258-9.p. 28-846. Elmasri, Ramez; Navathe B. Shamkant. FUNDAMENTALS OF DATABASE SYSTEMS 4th ed. Copyright © 2004 by Pearson Education, Inc. ISBN 0-321-122267.p. 735. Hawthorn, P., , B., Clifton, C., Wagner, D., Bellovin, S. M., Wright, R. N., Rosenthal, A., Poore, R. S., Coney, L., Gellman, R., e Hochheiser, H. (2006). Statewide databases of registered voters: a study of accuracy, privacy, usability, security, and reliability issues. Communications of the ACM, 49(4):26–28. Holt, E.,Jason. Logcrypt: forward security and public verification for secure audit logs. Internet Security Research Lab, Brigham Young University. ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research Volume 54. IBM. IBM InfoSphere Guardium. Encontrado 01.ibm.com/software/data/guardium/, na data de: 20/12/2010.
em:
http://www-
Jangra, A.; Bishla, D.; Bhatia, Komal; Priyanka. Functionality and Security Analysis of ORACLE, IBM-DB2 & SQL Server. Global Journal of Computer Science and Technology. Vol. 10 Issue 7 Ver. 1.0 September 2010. p. 8. MCDOWALL, R.D. Validation of Spectrometry Software — Audit Trails for Spectrometer Software. Spectroscopy 22(4) April 2007. p.16-18. http://spectroscopyonline.findanalytichem.com/spectroscopy/data/articlestandard/spectrscopy/ 172007/421873/article.pdf.
Menezes J. Alfred; Van Oorschot C. Paul; Vanstone A. Scott.HANDBOOK of APPLIED CRYPTOGRAPHY. Massachusetts Institute of Technology June 1996. p.560. Oracle.
Apresentação
do
Oracle
Database
Vault.
Encontrado
em:
http://download.oracle.com/docs/cd/B28359_01/server.111/b31222/dvintro.htm&prev=_t&rurl=translat e.google.com.br&twu=1&usg=ALkJrhjnhkUAHhpz2vIjNKVO8sXgsNt0kw#CEGCIECD , na data de
10/11/2010. Peterson, N. J. Zachary; Burns Randal; Ateniese, Giuseppe; BONO Stephen. Design and Implementation of Verifiable Audit Trails for a Versioning File System. Proceeding FAST '07 Proceedings of the 5th USENIX conference on File and Storage Technologies 2007. Sallachl, D. L. (1992).A deductive database audit trail. In Proceedings of the 1992.acm/SIGAPP Symposium on Applied computing (SAC’92), p. 314–319. Schneier, Bruce; Kelsey, John. “Secure audit logs to support computer forensics”. ACM Transactions on Information and System Security, 2(2), 1999. p.159-176. Simon, Fernando; Dos Santos, L., Aldri; Hara S. Carmem. Um Sistema de Auditoria baseado na Análise de Registros de Log. Departamento de Informática Universidade Federal do Paraná (UFPR). Escola Regional de Banco de Dados (ERBD'2008), Florianópolis-SC, Abril 2008. Waters R. Brent; Balfanz, Dirk; Durfee, Glenn; Smetters, D. K. Building an Encrypted and Searchable Audit Log. CiteSeerX - Scientific Literature Digital Library and Search Engine (United States). 2004.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Segurança da informação de produção e operações: um estudo sobre trilhas de auditoria em sistemas de banco de dados
731
Xu, Wensheng; Chadwick, David; Otenko Sassa. A PKI Based Secure Audit Web. In IASTED Communications, Network and Information and CNIS, Phoenix, USA, November 2005. Encontrado em: http://www.oracle.com/global/br/corporate/press/2008_mar/Oracle_Database_Vault.html
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
732
Roratto, R., Dias, E. D.
APPENDIX 1
No
1 2 3 4 5
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
Table 1. MCDA methods (Adapted from Guitouni and Martel (1998)) Method Author(s) Linear weighting and elementary methods Weighted Sum Churchman and Ackoff (1954) Lexicographic method Roy and Hugonnard (1982) Conjunctive method Hwang and Youn (1981) Disjunctive method Chen and Hwang (1992) Maximin method Hwang and Youn (1981) Single synthesizing criterion or utility theory TOPSIS Hwang and Youn (1981) MAVT Keeney and Raifa (1976) UTA Jacquet-Lagreze and Siskos (1982) SMART Edwards (1971) MAUT Bunn (1984) AHP and ANP Saaty (1980), Saaty (2005) DEA Talluri et al. (1999) COPRAS Zavadskas et al. (2007); Chatterjee et al. (2011) Outranking methods ELECTRE De Boer et al. (1998); Dulmin and Mininno (2003) ELECTRE I Roy (1968) ELECTRE IS Roy and Bouyssou (1993) ELECTRE II Roy and Bertier (1971) ELECTRE III Roy (1978) ELECTRE IV Roy and Hugonnard (1982) ELECTRE TRI Yu (1992); Mousseau et al. (2000) PR OMETHEE Dulmin and Mininno (2003) PROMETHEE TRI Figueira et al. (2004) PROMETHEE/GAIA technique Dulmin and Mininno (2003) NAIADE Munda (1995) ELECCALC Kiss et al. (1994) UTADIS Doumpos et al. (2001) MELCHIOR Leclerc (1984) ORESTE Roubens (1980) REGIME Hinloopen and Nijkamp (1982) PROMSORT Araz and Ozkarahan (2007) EVAMIX Voogd (1983) QUALIFLEX Paelinck (1978) Fuzzy methods Fuzzy relationship hierarchy Lin and Chen (2004) Fuzzy set approach Sarkar and Mohapatra (2006) Fuzzy suitability index (FSI ) Bevilacqua et al. (2006) Fuzzy weighted sum Baas and Kwakernaak (1977) Fuzzy miximini Bellman and Zadeh (1970) Ng and Skitmore (1995); Vokurka et al. (1996); Kwong et AI methods al. (2002); Choy et al. (2002); Choy et al. (2003); Choy et al. (2005) CBR Ng and Skitmore (1995); Choy et al. (2003) Mixed methods Martel and Zaras method Martel and Zaras (1990); Martel and Zaras (1995) Fuzzy conjunctive/ disjunctive Dubois, Prade and Testemale (1988) method
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
Segurança da informação de produção e operações: um estudo sobre trilhas de auditoria em sistemas de banco de dados
733
APPENDIX 2 Operational requirements identified for the purpose of criteria-based evaluation are as follows: 1. The maximum tender for the evaluation is MVR1.500,000.00. 2. The minimum tender for the evaluation is MVR25.000.00. 3. Different cost bands are evaluated differently. 4. Public announcement should be made for every procurement costing more than MVR25.000.00. 5. There is a minimum of two criteria for evaluation. 6. There can be more criteria for evaluation based on the procurement. 7. Allocation of criteria and weights are based on the needs of the organisation. 8. A pre-bid meeting is compulsory and it needs to be announced. 9. Specification should be provided to potential bidders during the pre-bid meeting. 10. Marking criteria with weights are provided in advance in pre-bid meeting. 11. All required documents should be submitted with the bid and the requirements need to be informed to bidders. 12. If any bidder requires, calculations procedures are explained. 13. All bids are submitted on specific date and time. All the documents are checked verified during the submission process. 14. It requires minimum three BEC members to evaluate bids. 15. Basis for evaluation solely depends on the information provided in pre-bid meeting. 16. Suppliers’ bids need to be verified for correct information. 17. Suppliers’ previous jobs are evaluated based on available information. 18. Submitted support documents are primary source of information and they are assessed. 19. Assess the bid price compare to the expected work. 20. Suppliers’ performances are evaluated based on the criteria provided and according to the weights and marks in allocated schemes provided in advance. 21. Marks are allocated based on the criteria and weights provided during pre-bid meeting in relation to performances of suppliers. 22. Technical expertise is used to get advice and explanations on procurement of technical good and services. 23. A through check is made if the proposed goods or services meet the specified standard. 24. Every criterion is assessed independently from one another. 25. All the criteria need to be evaluated. 26. No ranking can be made in evaluation; rather, marks are allocated in evaluation. 27. Pair wise comparison cannot be done. 28. In evaluation stage no changes to criteria, weights and requirements should be made. 29. Incomplete bids should be rejected. 30. Evaluation calculations are shown to bidders if requested. 31. BEC needs to approve of the winner. Evaluation analysis does not grant awarding the bid to the winner. 32. BEC need to state the reason for selection of the specific bid. 33. Bidders are informed the winner but not marks. JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
734
Roratto, R., Dias, E. D.
34. If any bidder wants more clarification, evaluation calculations are shown. 35. No discrimination in evaluation. 36. Evaluation method needs to be accurate. 37. Evaluation method should be using reasonable amount of resources and provide reasonable results. 38. Evaluation method should comply with procurement rules and regulations. 39. Evaluation method should provide no chance of manipulation from both sides. 40. Evaluation method needs to help minimise complaints. 41. Evaluation method needs to support utility concept. 42. Evaluation method should be clear and easily understandable.
JISTEM, Brazil Vol. 11, No. 3, Sept/Dec., 2014 pp. 717-734
www.jistem.fea.usp.br
JISTEM Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol.11, No.3, Sep/Dec, 2014, pp. 735 ISSN online: 1807-1775
Congresso / Conference
12th CONTECSI International Conference on Information Systems and Technology Management May 20-22, 2015 USP/São Paulo/SP FEA USP São Paulo, Brazil The 12th International Conference on Technology and Information Systems Management CONTECSI is an event focusing Technology and Information Systems Management under a multidisciplinary view. CONTECSI aims at putting together academics and professionals involved in IT and Systems management for a state-of-the-art discussion. International researchers are expected to contribute for the integration between the academic and the professional communities. The Conference welcomes papers submission for presentation and panel discussions. Major topics on interest include, but are not limited to: Information Society, Open Systems, Systems Interfacing and Integration, Wireless Computing, Entrepreneurship in IT and IS, Accounting Information Systems, E-Commerce / E-Business, Software Engineering, ERP Systems, Financial Management in Information Systems, IT Strategic Management. All papers will be subject to a blind review process and full papers will be published (CD) in the Conference Proceedings.
More information: http://www.tecsi.fea.usp.br/eventos/contecsi Coordination: Prof. Edson Luiz Riccio. PhD – FEA USP and TECSI Contact: contecsi@usp.br
Submission Papers Deadline: January 15th , 2014
12º CONTECSI Congresso Internacional de Gestão da Tecnologia e Sistemas de Informação 20 a 22 de Maio de 2015 USP/São Paulo/SP FEA USP São Paulo, Brasil O 12º Congresso Internacional de Gestão da Tecnologia e Sistemas de Informação CONTECSI visa reunir acadêmicos e profissionais envolvidos com a temática de gestão para discussão do Estado-da-arte deste campo. Atualmente este campo encontrase disperso em áreas específicas, carecendo de uma visão holística e integrada do assunto. O CONTECSI contará com a presença de palestrantes de renome, bem como estará aberto para a recepção de trabalhos para serem apresentados em sessões paralelas e painéis. Assim como compareceram nos anos anteriores, são esperados personalidades, professores e pesquisadores do Brasil e do exterior, principalmente de Universidades da França, Inglaterra, Espanha, México, Portugal, Chile, Argentina, Colômbia, Uruguai, Venezuela entre outras. Os foco de interesse deste congresso inclui todas as abordagens referentes à gestão de Tecnologia e dos Sistemas de Informação nas instituições publicas e privadas e na sociedade em geral.
Mais informações no site: http://www.tecsi.fea.usp.br/eventos/contecsi Coordenação: Prof. Dr. Edson Luiz Riccio – FEA USP e TECSI Contato: contecsi@usp.br Data final para envio de trabalhos: 15 de Janeiro de 2015
JISTEM Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação ISSN online: 1807–1775
Every four months/Quadrimestral
1) Paper Submission Guidelines Register at "Online Submissions" and submit your paper accordingly to JISTEM guidelines at www.jistem.fea.usp.br a) Manuscript style Articles must be submitted in English, Spanish, Portuguese or French in MS-Word format. Authors must translate the final version of the article to English. Fill the submission form with: title of the article, author's full name, affiliation, full address, telephone, email, fax and brief curriculum vitae. Limit of 3 co-authors per article. First page must present: title of the article, abstract in the original language of the article of about 100 words, title, area and 5 keywords (if accepted an abstract in English and keywords will be required), Articles must be limited to 30 pages in double-space, Arial or times new roman, 12 points; Authors must include figures and graphics in high-resolution 300 dpi (jpg or gif). They must be numbered (Arabic) and with the complete title. References to each table or figure have to be made in the text. Authors must submit the questionnaires and research results to the editor and review purposes. Acknowledgments to institutions regarding financial support can be included only in the final accepted version. We do not accept articles published elsewhere, except Conference proceedings. b) Structure Style Articles should clearly present the Abstract, Introduction, Objectives, Justification, Question, literature review, research method, results, conclusion, recommendation and limitation, plus references; References are to follow the American Psychological Association (APA) guidelines. More detailed explanations and examples of these guidelines can be found at the following locations: http://www.apastyle.org/faqs.html or Publication Manual of the American Psychological Association (6th ed., 2010) American Psychological Association (APA).A list of reference must be presented in alphabetical order. A glossary can be included in the end of the article if needed. 2) Book Review Book review should be sent by Prof. Edson Luiz Riccio at jistem@usp.br
JISTEM, Brazil Vol. 11, No.3, Sep/Dec. 2014, pp. 736-737
www.jistem.fea.usp.br
Contributions / Submissão de Artigos
737
1) Instruções para submissão de artigo a) Quanto à Formatação Os artigos submetidos para publicação, em inglês, espanhol, português ou francês, devem ser enviados em formato MS-Word. Após aceito, os autores devem traduzir o artigo para o idioma inglês. Incluir no sistema de submissão online: título, subtítulo (se houver), tema, nome, instituição, departamento, endereço, telefone, fax e e-mail do autor e co-autores (máximo de 3 co-autores) e breve curriculum que indique sua formação, instituição/empresa a que pertence e sua área atual de trabalho.; Na primeira página do artigo deve constar: título, subtítulo (se houver), tema e resumo na língua original do artigo, com 100 palavras aproximadamente e 5 (cinco) palavras-chaves. Se o artigo for aceito para publicação será solicitado o envio do título, abstract e palavras-chave em inglês; Os artigos deverão ter no máximo 30 páginas em espaço duplo, fonte arial ou times new roman, tamanho 12; As figuras e gráficos devem estar em alta qualidade com resolução de 300 dpi (figuras) e extensão jpg e/ou gif no artigo. Cada ilustração deve conter numeração e legenda. Deve ser feita referência à figura ou tabela no corpo do texto. Questionários e resultados da pesquisa devem ser enviados para a avaliação do Editor e pareceristas. Agradecimentos a órgãos de financiamento da pesquisa devem ser incluídos apenas na versão final do artigo, após o aceite. A JISTEM só aceita artigos inéditos. b) Quanto à Estrutura Os artigos enviados devem conter em seus tópicos os seguintes itens: Resumo, Introdução, Objetivos, Justificativa, Problema/Questão, Revisão da Literatura, Metodologia, Resultados, Conclusão, Recomendações, Limitações e Referência Bibliográfica; As citações e referências devem seguir o estilo da APA (http://www.apastyle.org/l) As referências deverão ser apresentadas no corpo do texto, incluindo o sobrenome do autor, a data de publicação e o número de página (se for o caso), conforme normas da APA. Referências bibliográficas completas do(s) autor (es) citados deverão ser apresentadas em ordem alfabética, no final do texto, de acordo com as normas da APA. Para maiores informações: American Psychological Association (APA). (2001). Publication Manual of the American Psychological Association (5th ed.). Washington, DC Poderá ser incluído um glossário ao final do artigo, caso o autor julgue necessário; 2) Sugestões de livros para Resenha Resenhas devem ser enviadas para o Prof. Edson Luiz Riccio pelo e-mail: jistem@usp.br JISTEM, Brazil Vol. 11, No.3, Sep/Dec. 2014, pp. 736-737
www.jistem.fea.usp.br
JISTEM Journal of Information Systems and Technology Management Revista de Gestão da Tecnologia e Sistemas de Informação Vol.11, No.3, Sept/Dec, 2014, pp. 738- 751 ISSN online: 1807-1775
Editor E.L.Riccio (2004-presente/present) Avaliadores Ad Hoc – 2014 Ad Hoc Reviewers – 2014
Adolfo Alberto Vanti Adriane A. Oliveira Adriane Maria Arantes de Carvalho Adriano Proença Alexandre Reis Graeml Alex Sandro Romeo de Souza Poletto Ana Carolina Riekstin Ana Cristina de Faria Ana Maria Nelo Angela Brodbeck Antônio Augusto Gonçalves Antônio Geraldo da Rocha Vidal Barbara Chaparro Carlo Gabriel Porto Bellini Carlos Serrao Cesar Augusto Biancolino Claudia Sa Malbouisson Andrade Cristiana Fernandes De Muylder Cristiane Sonia Arroyo Daniel Estima Carvalho Dalton Martins Edson Luiz Riccio Eduardo Amadeu Dutra Moresi Eduardo Batista de Moraes Barbosa Elisabeth Costa Monteiro Elsa Mireya Rosalstrada Elvis Fusco Enock Godoy de Souza Ernesto Fernando Rodrigues Vicente Fabricio Ziviani Fernando Hadad Zaidan George Leal Jamil Gleison Samuel Nascimento Gilberto Perez Hamilton Pozo Hossein Sharifi Ilse Maria Beuren Ivam Ricardo Peleias Jackson Silva Medeiros Jan Capek Jayr Figueiredo de Oliveira
Editorial Information /Ad Hoc reviewers/ Content 2014
739
Jin Peng João Augusto Mattar Neto João Luiz Pereira Marciano Joao Souza Neto José Carlos Cavalcanti José Celso Contador José Osvaldo De Sordi Joshua Onome Imoniana Jhon Francined Herrera Cubides Jun Dai Kelly Rosa Braghetto Leonel Cezar Rodrigues Lidia Angulo Meza Lídia de Jesus Oliveira Loureiro da Silva Ligia Capobianco Lourdes Francisca García Ávila Luis Hernan Contreras Pinochet Luisa Garcia González Maria Amélia de Mesquita Fetzner Maria Angelica de Andrade Leite Maria Helena Lima Baptista Braz María Verónica Alderete Mário Santos Nunes Marcos de Moraes Sousa Marcos Roberto Piscopo Marcus Vinicius Moreira Zittei Mamadou Dieng Marici Sakata Mauri Leodir Löbler Miklos Vasarhelyi Nivaldo Oliveira Octavio Mendonca Patricia Pérez Lorences Paulo Caetano da Silva Paulo Feofiloff Raquel Janissek Muniz Renato Balancieri Roberto Delgado Arteiro Serge Agostinelli Sukumar Senthil Kumar Takeshy Tachizawa Ueliton Costa Leonidio Valério Salomon Valmor Slomski Violeta Sun Walter Castelnovo Willy Hoppe Sousa Yóris Linhares Souza
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p.738-751
www.jistem.fea.usp.br
740 Editorial Information /Ad Hoc reviewers/ Content 2014
Editorial Information - Informações Editoriais Total of Published Texts / Total de Textos Publicados Articles / Artigos Inéditos Conference Reports / Relatórios de Conferências Authors from Brazil / Autores do Brasil Authors Outside Brazil / Autores do Exterior Articles in English / Artigos em Inglês Articles in Spanish / Artigos em Espanhol Articles in Portuguese (only)/ Artigos em Português Articles in French / Artigos em Francês
2014 35 34 1 53 (64%) 30 (36%) 27 (79%) 3 (9%) 2 (6%) 2 (6%)
Time from submission to feedback including review Tempo de submissão à resposta aos autores com revisão 1-16 semanas/weeks 15% 17-40 semanas/weeks 70% + 41 semanas/weeks 15% Tempo/Range 1-42 Indice de rejeição - Rejection rate 48%
Proofreading Services / Revisão Contact Language
Index per author 2014 / Indice por autor 2014
Author/Institution/Number
Article/Page
Volume 11: Number 1 / Volume 11: Número 1
2014
Content / Índice
1-2 3-4
Editorial 1
ALOMARI, Mohammad Kamel, College of Business and Economics, Qatar University, Doha, Qatar, DISCOVERING CITIZENS REACTION TOWARD E-GOVERNMENT: FACTORS IN E-GOVERNMENT ADOPTION, Volume 11 – Número 1 – Jan – Abr 2014
5-20
2
ARAÚJO FILHO, Frederico Wergne de Castro, Integrated Center of Manufacture and Technology – National Service of Industrial Learning – DR, Salvador, Bahia, Brazil, USE OF RFID TECHNOLOGY TO OVERCOME INEFFICIENCIES IN THE PRODUCTION PROCESS: AN ANALYSIS OF A MICROCOMPUTER COMPANY IN ILHÉUS – BAHIA, BRAZIL,
65-84
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p. 738-751
www.jistem.fea.usp.br
Editorial Information /Ad Hoc reviewers/ Content 2014
741
Volume 11 – Número 1 – Jan – Abr 2014 3
BELLINI, Carlo Gabriel Porto, Universidade Federal da Paraíba, PPGA/UFPB, MPGOA/UFPB, PPGCI/UFPB, Brasil, REPERTORY GRID, LADDERING, AND CONTENT ANALYSIS:A PSYCHOMETRIC APPROACH TO UNDERSTAND THE INFORMATION TECHNOLOGY WORKFORCE, Volume 11 – Número 1 – Jan – Abr 2014
215-232
4
BEUREN, Ilse Maria, Federal of Parana, Parana, Brazil, EVALUATION OF MANAGEMENT CONTROL SYSTEMS IN HIGHER EDUCATION INSTITUTION WITH THE PERFORMANCE MANAGEMENT AND CONTROL, Volume 11 – Número 1 – Jan – Abr 2014
169-192
5
BLOCH, Rebecca, Fairfield University, Connecticut, United States, USA, THE FUTURE OF AUDIT, Volume 11 - Número 1 – Jan – Abr 2014
21-32
6
CHUNG,Chap Kau Kwan, Universidad Americana, Asunción, Paraguay,
33-52
CRITICAL SUCCESS FACTORS FOR A COMPETITIVE ADVANTAGE IN ELECTRONIC COMMERCE: EMPIRICAL STUDY IN PARAGUAYAN COMPANIES, Volume 11 – Número 1 – Jan – Abr 2014 7
CRUZ, Rosario García, Universidad de Sevilla, Sevilla, España, CRITICAL
33-52
SUCCESS FACTORS FOR A COMPETITIVE ADVANTAGE IN ELECTRONIC COMMERCE: EMPIRICAL STUDY IN PARAGUAYAN COMPANIES, Volume 11 – Número 1 – Jan – Abr 2014
8
DA SILVA, Lúcio Melre, Catholic University of Brasilia, Brasília, Distrito Federal, METHOD FOR MEASURING THE ALIGNMENT BETWEEN INFORMATION TECHNOLOGY STRATEGIC PLANNING AND ACTIONS OF INFORMATION TECHNOLOGY GOVERNANCE, Volume 11 – Número 1 – Jan – Abr 2014
131-152
9
DE MOURA JUNIOR, Pedro Jácome, Universidade Federal da Paraíba, PPGA/UFPB, MPGOA/UFPB, PPGCI/UFPB, Brasil, REPERTORY GRID, LADDERING, AND CONTENT ANALYSIS:A PSYCHOMETRIC APPROACH TO UNDERSTAND THE INFORMATION TECHNOLOGY WORKFORCE, Volume 11 – Número 1 – Jan – Abr 2014
215-232
10
DE QUEIROZ, Josimeire Pessoa, Centro Universitário da FEI, São Paulo, Brazil, BENEFITS OF THE MARKETING INFORMATION SYSTEM IN THE CLOTHING RETAIL BUSINESS, Volume 11 – Número 1 – Jan – Abr 2014
153-168
11
DO PRADO, Hércules Antonio, Catholic University of Brasilia, BSB, Distrito Federal and Empresa Brasileira de Pesquisa Agropecuária, Brasil, ELICITING AND DEFINING REQUIREMENTS BASED ON METAEVALUATION: THE CASE OF THE CRAS 2008 CENSUS, Volume 11 – Número 1 – Jan – Abr 2014
193-214
12
FIGUEIREDO, Paulo S., Integrated Center of Manufacture and Technology – National Service of Industrial Learning – DR, Salvador, Bahia, Brazil, USE OF RFID TECHNOLOGY TO OVERCOME INEFFICIENCIES IN THE
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p.738-751
www.jistem.fea.usp.br
65-84
742 Editorial Information /Ad Hoc reviewers/ Content 2014
PRODUCTION PROCESS: AN ANALYSIS OF A MICROCOMPUTER COMPANY IN ILHÉUS – BAHIA, BRAZIL, Volume 11 – Número 1 – Jan – Abr 2014 13
FERNEDA, Edilson, Catholic University of Brasilia, BSB, Distrito Federal, Brasil, ELICITING AND DEFINING REQUIREMENTS BASED ON METAEVALUATION: THE CASE OF THE CRAS 2008 CENSUS, Volume 11 – Número 1 – Jan – Abr 2014
193-214
14
GADELHA, Marcelo Gomes, Ministério do Desenvolvimento Social e Combate à Fome, BSB, Distrito Federal, Brasil, ELICITING AND DEFINING REQUIREMENTS BASED ON METAEVALUATION: THE CASE OF THE CRAS 2008 CENSUS, Volume 11 – Número 1 – Jan – Abr 2014
193-214
15
HEDLER, Helga Cristina, Catholic University of Brasilia, Distrito Federal, Brasil, ELICITING AND DEFINING REQUIREMENTS BASED ON METAEVALUATION: THE CASE OF THE CRAS 2008 CENSUS, Volume 11 – Número 1 – Jan – Abr 2014
193-214
16
KIM, Eunhee Kim, Chonnam National University, Buk-gu, Gwangju, Korea, CONVERGENCE IN INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) USING PATENT ANALYSIS, Volume 11 – Número 1 – Jan – Abr 2014
53-64
17
KIM, Jaejon, Chonnam National University, Buk-gu, Gwangju, Korea, CONVERGENCE IN INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) USING PATENT ANALYSIS, Volume 11 – Número 1 – Jan – Abr 2014
53-64
18
KOH, Joon Koh, Chonnam National University, Buk-gu, Gwangju, Korea, CONVERGENCE IN INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) USING PATENT ANALYSIS, Volume 11 – Número 1 – Jan – Abr 2014
53-64
19
LOMBARDI, Danielle, Villanova University, Pennsylvania, United States, USA, THE FUTURE OF AUDIT, Volume 11 - Número 1 – Jan – Abr 2014
21-32
20
OLIVEIRA, Braulio, PPGA Centro Universitário da FEI, São Paulo, Brazil, BENEFITS OF THE MARKETING INFORMATION SYSTEM IN THE CLOTHING RETAIL BUSINESS, Volume 11 – Número 1 – Jan – Abr 2014
153-168
21
PALMA, Marcelo Garrido, AMABLE - Laboratorio UX, Santiago, Chile, USABILITY MEASURE OF CHILEAN PUBLIC ONLINE SERVICES: AN E-GOVERNMENT CASE STUDY, Volume 11 – Número 1 – Jan – Abr 2014
85-104
22
PESSOA, Marcelo Schneck de Paula, University of São Paulo, POLI/USP, São Paulo, Brazil, TECHNOLOGICAL INNOVATION PROJECTS: PROPOSAL FOR AN INTEGRATIVE MODEL BETWEEN PROJECT MANAGEMENT AND KNOWLEDGE MANAGEMENT IN A CUSTOMER-SUPPLIER PERSPECTIVE, Volume 11 – Número 1 – Jan – Abr 2014
23
RODRIGUEZ-PEÑA, Nelson, AMABLE – E-gob., Santiago, Chile,
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p. 738-751
www.jistem.fea.usp.br
105-130
85-104
Editorial Information /Ad Hoc reviewers/ Content 2014
743
USABILITY MEASURE OF CHILEAN PUBLIC ONLINE SERVICES: AN E-GOVERNMENT CASE STUDY, Volume 11 – Número 1 – Jan – Abr 2014 24
SOUZA NETO, João, Catholic University of Brasilia, Brasília, Distrito Federal, METHOD FOR MEASURING THE ALIGNMENT BETWEEN INFORMATION TECHNOLOGY STRATEGIC PLANNING AND ACTIONS OF INFORMATION TECHNOLOGY GOVERNANCE, Volume 11 – Número 1 – Jan – Abr 2014
131-152
25
TAPIA, Claudio Lavín, CEAR, Facultad de Psicología, Universidad Diego Portales, Santiago, Chile, USABILITY MEASURE OF CHILEAN PUBLIC ONLINE SERVICES: AN E-GOVERNMENT CASE STUDY, Volume 11 – Número 1 – Jan – Abr 2014
85-104
26
TAVARES,Edval da Silva, Escola Superior Nacional de Seguros, Funenseg, São Paulo, Brasil, TECHNOLOGICAL INNOVATION PROJECTS: PROPOSAL FOR AN INTEGRATIVE MODEL BETWEEN PROJECT MANAGEMENT AND KNOWLEDGE MANAGEMENT IN A CUSTOMER-SUPPLIER PERSPECTIVE, Volume 11 – Número 1 – Jan – Abr 2014
105-130
27
TEIXEIRA, Silvio Aparecido, Regional University of Blumenau, Santa Catarina, Brazil, EVALUATION OF MANAGEMENT CONTROL SYSTEMS IN HIGHER EDUCATION INSTITUTION WITH THE PERFORMANCE MANAGEMENT AND CONTROL, Volume 11 – Número 1 – Jan – Abr 2014
169-192
28
TRAVASSOS, X. L., Integrated Center of Manufacture and Technology – National Service of Industrial Learning – DR, Salvador, Bahia, Brazil, USE OF RFID TECHNOLOGY TO OVERCOME INEFFICIENCIES IN THE PRODUCTION PROCESS: AN ANALYSIS OF A MICROCOMPUTER COMPANY IN ILHÉUS – BAHIA, BRAZIL, Volume 11 – Número 1 – Jan – Abr 2014
29
VASARHELYI, Miklos, Rutgers University, New Jersey, Unites States, USA, THE FUTURE OF AUDIT, Volume 11 - Número 1 – Jan – Abr 2014
Volume 11: Number 2 / Volume 11: Número 2
65-84
21-32
2014
Content / Índice 207-208 1
ADIL, Mohamed, Information School, University of Sheffield, Sheffield, UK, IDENTIFYING OPERATIONAL REQUIREMENTS TO SELECT SUITABLE DECISION MODELS FOR A PUBLIC SECTOR EPROCUREMENT DECISION SUPPORT SYSTEM, Volume 11 – Número 2 – May – Aug. 2014
211-228
2
AFONSO, Alexandre Ribeiro, University of Brasília/UnB, Brasília - DF, Brazil, AUTOMATED TEXT CLUSTERING OF NEWSPAPER AND
415-436
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p.738-751
www.jistem.fea.usp.br
744 Editorial Information /Ad Hoc reviewers/ Content 2014
SCIENTIFIC TEXTS IN BRAZILIAN PORTUGUESE: ANALYSIS AND COMPARISON OF METHODS, Volume 11 – Número 2 – May – Aug. 2014 3
BARBOSA, Sara C. Boni, University of Sao Paulo, USP/FEARP, Ribeirão Preto, SP, Brazil, Performance Measurement of Information Technology Governance in Brazilian Financial Institutions, Volume 11 – Número 2 – May
4
BERMEJO, Paulo Henrique de Souza, Federal University of Lavras, Lavras/MG, Brazil, USING THE BSC FOR STRATEGIC PLANNING OF IT (INFORMATION TECHNOLOGY) IN BRAZILIAN ORGANIZATIONS, Volume 11 – Número 2 – May – Aug. 2014
397-414
361-378
5
CALIXTO, Gustavo M., University of São Paulo, São Paulo, SP, Brazil, STATE OF THE ART: INTEGRATING SERVICES FOR MEGA EVENTS, Volume 11 – Número 2 – May – Aug. 2014
345-360
6
COBO, Angel, University of Cantabria, Santander, Spain, A FUZZY MULTICRITERIA APPROACH FOR IT GOVERNANCE EVALUATION, Volume 11 – Número 2 – May – Aug. 2014
257-276
7
DA SILVA, Washington Lopes, TecBan S/A, São Paulo, SP, Brazil, AUDITORIA CONTÍNUA DE DADOS COMO INSTRUMENTO DE AUTOMAÇÃO DO CONTROLE EMPRESARIAL, Volume 11 – Número 2 – May – Aug. 2014
437-460
8
DE ALMEIDA JR., Jorge Rady, University of São Paulo, São Paulo, SP, Brazil, AUDITORIA CONTÍNUA DE DADOS COMO INSTRUMENTO DE AUTOMAÇÃO DO CONTROLE EMPRESARIAL, Volume 11 – Número 2 – May – Aug. 2014
437-460
9
DE MEDEIROS JR., Alberto, Mackenzie Presbyterian University, São Paulo, SP, Brazil ,USING ANALYTIC NETWORK FOR SELECTION OF ENTERPRISE RESOURCE PLANNING (ERP) ALIGNED TO BUSINESS STRATEGY, Volume 11 – Número 2 – May – Aug. 2014
277-296
10
DE OLIVEIRA, Jayr Figueiredo, EAESP-FGV – Getúlio Vargas Foundation, São Paulo, SP, Brazil, THE EFFECT OF THE INTERNET ON THE PATIENT-DOCTOR RELATIONSHIP IN A HOSPITAL IN THE CITY OF SÃO PAULO, Volume 11 – Número 2 – May – Aug. 2014
327-344
11
DE PÁDUA, Silvia Inês Dallavalle, USP/FEARP, Ribeirão Preto, SP, Brazil, Performance Measurement of Information Technology Governance in Brazilian Financial Institutions, Volume 11 – Número 2 – May – Aug. 2014
397-414
12
DE SANTOS JR., Carlos, University of Brasilia, Brasilia, DF, Brazil, INFORMATION TECHNOLOGY GOVERNANCE IN PUBLIC ORGANIZATIONS: HOW PERCEIVED EFFECTIVENESS RELATES TO THREE CLASSICAL MECHANISMS, Volume 11 – Número 2 – May – Aug. 2014
297-326
13
DUQUE, Cláudio Gottschalg, University of Brasília/UnB, Brasília - DF, Brazil, AUTOMATED TEXT CLUSTERING OF NEWSPAPER AND SCIENTIFIC TEXTS IN BRAZILIAN PORTUGUESE: ANALYSIS AND COMPARISON OF METHODS, Volume 11 – Número 2 – May – Aug. 2014
415-436
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p. 738-751
www.jistem.fea.usp.br
Editorial Information /Ad Hoc reviewers/ Content 2014
745
14
FIGUEIREDO, Reginaldo Santana, Federal University of Goiás, GO, Brazil, CREDIT ANALYSIS USING DATA MINING: APPLICATION IN THE CASE OF A CREDIT UNION, Volume 11 – Número 2 – May – Aug. 2014
379-396
15
GARAY, Jorge R. B., University of São Paulo, São Paulo, SP, Brazil, STATE OF THE ART: INTEGRATING SERVICES FOR MEGA EVENTS, Volume 11 – Número 2 – May – Aug. 2014
345-360
16
HASAN, Layla, Department of Computer Information Systems, Zarqa University, Jordan, THE USEFULNESS OF USER TESTING METHODS IN IDENTIFYING PROBLEMS ON UNIVERSITY WEBSITES, Volume 11 – Número 2 – May – Aug. 2014
229-256
17
HEINDRICKSON, Gelson, Tribunal de Contas da União, Brasilia, DF, Brazil, INFORMATION TECHNOLOGY GOVERNANCE IN PUBLIC ORGANIZATIONS: HOW PERCEIVED EFFECTIVENESS RELATES TO THREE CLASSICAL MECHANISMS, Volume 11 – Número 2 – May – Aug. 2014
297-326
18
LEX, Sérgio, Mackenzie Presbyterian University, São Paulo, SP, Brazil, USING ANALYTIC NETWORK FOR SELECTION OF ENTERPRISE RESOURCE PLANNING (ERP) ALIGNED TO BUSINESS STRATEGY, Volume 11 – Número 2 – May – Aug. 2014
277-296
19
NUNES,Miguel Baptista, Information School, University of Sheffield, Sheffield, UK, IDENTIFYING OPERATIONAL REQUIREMENTS TO SELECT SUITABLE DECISION MODELS FOR A PUBLIC SECTOR EPROCUREMENT DECISION SUPPORT SYSTEM, Volume 11 – Número 2 – May – Aug. 2014
211-228
20
PENG, Guo Chao, Information School, University of Sheffield, Sheffield, UK, IDENTIFYING OPERATIONAL REQUIREMENTS TO SELECT SUITABLE DECISION MODELS FOR A PUBLIC SECTOR EPROCUREMENT DECISION SUPPORT SYSTEM, Volume 11 – Número 2 – May – Aug. 2014
21
211-228
PEREZ, Gilberto, Mackenzie Presbyterian University, São Paulo, SP, Brazil, USING ANALYTIC NETWORK FOR SELECTION OF ENTERPRISE RESOURCE PLANNING (ERP) ALIGNED TO BUSINESS STRATEGY, Volume 11 – Número 2 – May – Aug. 2014 ROCHA, Rocío, University of Cantabria, Santander, Spain, A FUZZY MULTICRITERIA APPROACH FOR IT GOVERNANCE EVALUATION, Volume 11 – Número 2 – May – Aug. 2014
277-296
23
RODELLO, Ildeberto Aparecido, USP/FEARP, Ribeirão Preto, SP, Brazil, Performance Measurement of Information Technology Governance in Brazilian Financial Institutions, Volume 11 – Número 2 – May – Aug. 2014
397-414
24
SOUSA, Marcos de Moraes, Instituto Federal Goiano Campus Ceres, GO, Brazil, CREDIT ANALYSIS USING DATA MINING: APPLICATION IN THE CASE OF A CREDIT UNION, Volume 11 – Número 2 – May – Aug. 2014
361-378
25
TONELLI, Adriano Olímpio, Instituto Federal de Educação, Ciência e Tecnologia de Minas Gerais, Formiga, MG, Brazil, USING THE BSC FOR
345-360
22
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p.738-751
www.jistem.fea.usp.br
257-276
746 Editorial Information /Ad Hoc reviewers/ Content 2014
STRATEGIC PLANNING OF IT (INFORMATION TECHNOLOGY) IN BRAZILIAN ORGANIZATIONS, Volume 11 – Número 2 – May – Aug. 2014 26
VANTI, Adolfo Alberto, University of Vale do Rio dos Sinos, São Leopoldo, RS, Brazil, A FUZZY MULTICRITERIA APPROACH FOR IT GOVERNANCE EVALUATION, Volume 11 – Número 2 – May – Aug. 2014
257-276
27
ZAMBALDE, André Luiz Zambalde, Federal University of Lavras, Lavras/MG, Brazil, USING THE BSC FOR STRATEGIC PLANNING OF IT (INFORMATION TECHNOLOGY) IN BRAZILIAN ORGANIZATIONS, Volume 11 – Número 2 – May – Aug. 2014
361-378
28
ZUFFO, Marcelo K., University of São Paulo, São Paulo, SP, Brazil, STATE OF THE ART: INTEGRATING SERVICES FOR MEGA EVENTS, Volume 11 – Número 2 – May – Aug. 2014
345-360
29
RESULTADOS DO 11º CONTECSI – CONGRESSO INTERNACIONAL DE GESTÃO DA TECNOLOGIA E SISTEMAS DE INFORMAÇÃO OUTCOMES OF THE 11th CONTECSI – INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGY MANAGEMENT Edson Luiz Riccio, University of São Paulo, São Paulo, SP, Brazil Marici Cristine G. Sakata, TECSI FEA USP, University of São Paulo, São Paulo, SP, Brazil Nelma Terezinha Zubek Valente, Universidade Estadual de Ponta Grossa, Paraná, Brasil Ligia Capobianco, TECSI University of São Paulo, São Paulo, SP, Brazil
461-510
Volume 11: Number 3 / Volume 11: Número 3
2014
Content / Índice
515-516
Editorial
517-518
1
ALLASSANI, Willian, University of Professional Studies, Department of Information Technology, Legon-Accra, Ghana, DETERMINANTS OF BANK EMPLOYEES’ READING HABITS OF INFORMATION SECURITY POLICIES, Volume 11 – Número 3 – Sep – Dec 2014
533-548
2
AL-MA’AITAH, Mohammad Atwah, Albalqa Applied University, Amman, Jordan, THE IMPACT OF E-TICKETING TECHNIQUE ON CUSTOMER SATISFACTION: AN EMPIRICAL ANALYSIS, Volume 11 – Número 3 – Sep – Dec 2014
519-532
3
ALSHIBLY, Haitham Hmoud, Albalqa Applied University, Amman, Jordan, THE IMPACT OF E-TICKETING TECHNIQUE ON CUSTOMER SATISFACTION: AN EMPIRICAL ANALYSIS, Volume 11 – Número 3 – Sep – Dec 2014
519-532
4
BAAZIZ, Abdelkader, IRSIC Laboratory, Aix-Marseille Université, Marseille,
645-676
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p. 738-751
www.jistem.fea.usp.br
Editorial Information /Ad Hoc reviewers/ Content 2014
747
France, L’INFORMATION BREVET AU SERVICE DE L’INDUSTRIE PETROLIERE: CAS DE CONCEPTION ET OPTIMISATION DES TREPANS PAR INGENIERIE INVERSEE, Volume 11 – Número 3 – Sep – Dec 2014 5
BLAGESKI JUNIOR, Elton José, Universidade do Vale do Itajaí, Biguaçu/SC, Brazil, ENVIRONMENTAL SCANNING, STRATEGIC BEHAVIOR AND PERFORMANCE IN SMALL COMPANIES, Volume 11 – Número 3 – Sep – Dec 2014
611-628
6
CANCELLIER, Éverton Luís Pellizzaro de Lorenzi, Universidade do Estado de Santa Catarina Itacorubi, Florianópolis/SC, ENVIRONMENTAL SCANNING, STRATEGIC BEHAVIOR AND PERFORMANCE IN SMALL COMPANIES, Volume 11 – Número 3 – Sep – Dec 2014
611-628
7
CÉSPEDES, Juan Manuel Sánchez Céspedes, Universidad Distrital Francisco José de Caldas Bogotá, Colombia, STANDARDIZATION INITIATIVES IN THE PRODUCTION OF VIRTUAL LEARNING OBJECTS, Volume 11 – Número 3 – Sep – Dec 2014
677-716
8
CUBIDES, Jhon Francined Herrera, Universidad Distrital Francisco José de Caldas Bogotá, Colombia, STANDARDIZATION INITIATIVES IN THE PRODUCTION OF VIRTUAL LEARNING OBJECTS, Volume 11 – Número 3 – Sep – Dec 2014
677-716
9
DANTAS, Mário Antônio Ribeiro, Federal University of Santa Catarina UFSC - Florianopolis, Santa Catarina, Brazil, CONTEXT MANAGEMENT: TOWARD ASSESSING QUALITY OF CONTEXT PARAMETERS IN A UBIQUITOUS AMBIENT ASSISTED LIVING ENVIRONMENT, Volume 11 – Número 3 – Sep – Dec 2014
569-590
10 11
DE ASSIS JR., Valter Moreno, Faculdades Ibmec-RJ, Rio de Janeiro – RJ, Brazil, THE CASE OF INCA´S NATIONAL TUMOR BANK MANAGEMENT SYSTEM IN BRAZIL, Volume 11 – Número 3 – Sep – Dec 2014
549-568
12
DIAS, Evandro Dotto, Universidade Federal de Santa Maria, RS/Brazil, SECURITY INFORMATION IN PRODUCTION AND OPERATIONS: A STUDY ON AUDIT TRAILS IN DATABASE SYSTEMS, Volume 11 – Número 3 – Sep – Dec 2014
717-734
13
GARCÍA, Nancy Yaneth Gelvez, Universidad Distrital Francisco José de Caldas Bogotá, Colombia, STANDARDIZATION INITIATIVES IN THE PRODUCTION OF VIRTUAL LEARNING OBJECTS, Volume 11 – Número 3 – Sep – Dec 2014
677-716
14
GONÇALVES, Antonio Augusto, Instituto Nacional de Câncer - INCA (Brazilian Nacional Cancer Institute) Information Technology Divistion, Rio de Janeiro – RJ, Brazil, THE CASE OF INCA´S NATIONAL TUMOR BANK MANAGEMENT SYSTEM IN BRAZIL, Volume 11 – Número 3 – Sep – Dec 2014
549-568
15
KHOUDI, Abdenacer, ENSP - Direction Fabrication & Travaux, Alger, Algeria, L’INFORMATION BREVET AU SERVICE DE L’INDUSTRIE PETROLIERE: CAS DE CONCEPTION ET OPTIMISATION DES
645-676
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p.738-751
www.jistem.fea.usp.br
748 Editorial Information /Ad Hoc reviewers/ Content 2014
TREPANS PAR INGENIERIE INVERSEE, Volume 11 – Número 3 – Sep – Dec 2014 16
MACCARI, Emerson Antonio, UNINOVE, São Paulo, SP, Brazil, PROPOSITION OF AN ALUMNI PORTAL BASED ON BENCHMARKING AND INNOVATIVE PROCESS, Volume 11 – Número 3 – Sep – Dec 2014
591-610
17
NAZÁRIO, Débora Cabral, Federal University of Santa Catarina - UFSC Florianopolis, Santa Catarina, Brazil, Santa Catarina State University – UDESC - Joinville, Santa Catarina, Brazil, CONTEXT MANAGEMENT: TOWARD ASSESSING QUALITY OF CONTEXT PARAMETERS IN A UBIQUITOUS
569-590
18
PITASSI, Claudio, Faculdades Ibmec-RJ, Rio de Janeiro – RJ, Brazil, , THE CASE OF INCA´S NATIONAL TUMOR BANK MANAGEMENT SYSTEM IN BRAZIL, Volume 11 – Número 3 – Sep – Dec 2014
549-568
19
QTEISHAT, Mazen Kamal, Albalqa Applied University, Amman, Jordan, THE IMPACT OF E-TICKETING TECHNIQUE ON CUSTOMER SATISFACTION: AN EMPIRICAL ANALYSIS, Volume 11 – Número 3 – Sep – Dec 2014
519-532
20
QUONIAM, Luc, University of Sud Toulon-Var, France, L’INFORMATION BREVET AU SERVICE DE L’INDUSTRIE PETROLIERE: CAS DE CONCEPTION ET OPTIMISATION DES TREPANS PAR INGENIERIE INVERSEE, Volume 11 – Número 3 – Sep – Dec 2014
645-676
21
RORATTO, Rodrigo, Universidade Federal de Santa Maria, RS/Brazil, SECURITY INFORMATION IN PRODUCTION AND OPERATIONS: A STUDY ON AUDIT TRAILS IN DATABASE SYSTEMS, Volume 11 – Número 3 – Sep – Dec 2014
717-734
22
ROSSETTO, Carlos Ricardo, Universidade do Vale do Itajaí, Biguaçu/SC, Brazil, ENVIRONMENTAL SCANNING, STRATEGIC BEHAVIOR AND PERFORMANCE IN SMALL COMPANIES, Volume 11 – Número 3 – Sep – Dec 2014
611-628
23
TAHER, Youssef, Centre d'Orientation et de Planification de l'Education- Rue Azzaitoune, RABAT, Morocco , ARCHITECTURE D’UN SYSTEME D’INFORMATION DECISIONNEL ORIENTEE VERS LE PROCESSUS ELECTORAL, Volume 11 – Número 3 – Sep – Dec 2014
629-644
24
TEIXEIRA, Gislaine Cristina dos Santos, UNINOVE, São Paulo, SP, Brazil, PROPOSITION OF AN ALUMNI PORTAL BASED ON BENCHMARKING AND INNOVATIVE PROCESS, Volume 11 – Número 3 – Sep – Dec 2014
25
TODESCO, José Leomar, Federal University of Santa Catarina - UFSC Florianopolis, Santa Catarina, Brazil, CONTEXT MANAGEMENT: TOWARD ASSESSING QUALITY OF CONTEXT PARAMETERS IN A UBIQUITOUS AMBIENT ASSISTED LIVING ENVIRONMENT, Volume 11 – Número 3 – Sep – Dec 2014
591-610
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p. 738-751
www.jistem.fea.usp.br
569-590
Editorial Information /Ad Hoc reviewers/ Content 2014
749
Assistant Editor / Assistente Editorial Dra. Marici C.Gramacho Sakata, (2004-presente/present) Webmaster Henrique Schultz TECSI Team Website/e-mail www.jistem.fea.usp.br - jistem@usp.br Indexação - Index SciELO Redalyc Doaj ProQuest Latindex CLASE Dialnet Ebsco Gale Infotrac Portal de Revistas da USP Portal de Periódicos CAPES Ulrich’s Periodical Directory ISSN online: 1807-1775 Quadrimestral/Every four months Classificação Nacional/National Classification Qualis Capes – B1 - Administração e Turismo
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p.738-751
www.jistem.fea.usp.br
750 Editorial Information /Ad Hoc reviewers/ Content 2014
Authors Filiation / Origem Institucional dos Autores Brazil
Volume 11, Number 1, JanApr 2014
College of Business and Economics, Qatar University, Doha, Qatar Villanova University, Pennsylvania, United States, USA Fairfield University, Connecticut, United States, USA, The Future of Audit Rutgers University, New Jersey, Unites States, USA Universidad Americana, Asunción, Paraguay Universidad de Sevilla, Sevilla, España National University, Buk-gu, Gwangju, Korea Integrated Center of Manufacture and Technology – National Service of Industrial Learning – DR, Salvador, Bahia, Brazil Laboratorio UX, Santiago, Chile Universidad Diego Portales, Santiago, Chile E-gob., Santiago, Chile Escola Superior Nacional de Seguros, Funenseg, São Paulo, Brasil University of São Paulo, POLI/USP, São Paulo, Brazil Catholic University of Brasilia, Brasília, Distrito Federal Centro Universitário da FEI, São Paulo, Brazil Federal of Parana, Parana, Brazil Regional University of Blumenau, Santa Catarina, Brazil Ministério do Desenvolvimento Social e Combate à Fome, BSB, Distrito Federal, Brasil Universidade Federal da Paraíba, PPGA/UFPB, MPGOA/UFPB, PPGCI/UFPB, Brasil
Volume 11, Number 2, MayAug, 2014
University of Sheffield, Sheffield, UK Department of Computer Information Systems, Zarqa University, Jordan University of Cantabria, Santander, Spain University of Vale do Rio dos Sinos, São Leopoldo, RS Mackenzie Presbyterian University, São Paulo, SP Tribunal de Contas da União, Brasilia, DF, Brazil University of Brasilia, Brasilia, DF, Brazil EAESP-FGV – Getúlio Vargas Foundation, São Paulo, SP, Brazil University of São Paulo, São Paulo, SP, Brazil Instituto Federal de Educação, Ciência e Tecnologia de Minas Gerais, Formiga, MG Federal University of Lavras, Lavras/MG, Brazil Instituto Federal Goiano Campus Ceres, GO, Brazil Federal University of Goiás, GO, Brazil USP/FEARP, Ribeirão Preto, SP, Brazil TecBan S/A, São Paulo, SP, Brazil
TOTAL = 29
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p. 738-751
Outside Brazil
(4) SP (6) DF (1) PR (1) SC (3) BA (2) PB
(1) Qatar (3) USA (1) Paraguay (1) Spain (3) Korea (3) Chile
17 (1) RS (12) SP (4) DF (3) MG (2) GO
13 (3) UK (1) Jordan (2) Spain
www.jistem.fea.usp.br
Editorial Information /Ad Hoc reviewers/ Content 2014
Volume 11, Number 3, Sept. Dec., 2014
751
TOTAL = 28 Albalqa Applied University, Amman, Jordan University of Professional Studies, Department of Information Technology, Legon-Accra, Ghana Instituto Nacional de Câncer - INCA (Brazilian Nacional Cancer Institute) Information Technology Divistion, Rio de Janeiro – RJ, Brazil Faculdades Ibmec-RJ, Rio de Janeiro – RJ, Brazil Universidade Federal de Santa Maria, RS/Brazil Federal University of Santa Catarina - UFSC - Florianopolis, Santa Catarina, Brazil UNINOVE, São Paulo, SP, Brazil Universidade do Estado de Santa Catarina Itacorubi, Florianópolis/SC Universidade do Vale do Itajaí, Biguaçu/SC Centre d'Orientation et de Planification de l'Education- Rue Azzaitoune, RABAT, Morocco IRSIC Laboratory, Aix-Marseille Université, Marseille, France University of Sud Toulon-Var, France ENSP - Direction Fabrication & Travaux, Alger, Algeria Universidad Distrital Francisco José de Caldas Bogotá, Colombia TOTAL = 24
JISTEM, Brazil Vol.11, No. 3, Sept/Dec. 2014 p.738-751
22 (3) RJ (2) RS (6) SC (2) SP
www.jistem.fea.usp.br
13
6 (3) Jordan (1) Ghana (1) Morocco (2) France (1) Algeria (3) Colombia
11