頁籤選單縮合
題 名 | Trust in Merged ERP and Open Data Schemes in the “Cloud” |
---|---|
作 者 | 劉音妙; 張碩毅; | 書刊名 | 電腦稽核 |
卷 期 | 30 2014.07[民103.07] |
頁 次 | 頁72-89 |
專 輯 | 資通安全治理與數位鑑識 |
分類號 | 494.542 |
關鍵詞 | 企業資源規劃; 雲端運算; Enterprise resource planning; Cloud computing; |
語 文 | 英文(English) |
中文摘要 | 企業資源規劃系統正迅速結合“巨量資料”的分析流程和公開的“開放資料集”,這些通常是超過企業的業務範疇,透過提供現有客戶更好的服務,以擴大業務範圍和識別新的機會。這些行為正廣泛地透過建立在“雲端運算”環境中的相關軟體系統進行中。然而,有一句流傳超過50年和對電腦系統不信任有關的諺語,即“垃圾進,垃圾出”是用來描述資訊系統不合格和無條件地依賴性問題。然而,一個比“垃圾進,垃圾出”更能貼切形容基於大規模資訊系統的ERP和開放資料集以及“巨量資料”分析的形容詞在稍後被提出,即“垃圾進,真理出”。特別是在雲端環境中,要驗證所使用之資料集真實性和完整性是幾乎不可能的。進而,這很容易導致我們所做的決策是基於這些可疑且無法驗證的結果。將非法的資料“假冒”和修改成合法資料集可能成為現實,在同一時間能稽核分析任何所衍伸出之結果的能力是一重要的需求,特別是在公部門。在這個新興的環境下迫切需要提高對身份、可靠性、真實性和稽核服務的需求,包括命名和定址服務都在本文中進行了討論。目前是提供了一些當代和適當的技術,但同時這些技術也還在被驗證。然而,在解決這些問題時發現了一些嚴重的限制,所以本文提出及建譯未來必要的研究。 |
英文摘要 | Enterprise resource planning (ERP) systems are rapidly being combined with "big data" analytics processes and publicly available "open data sets", which are usually outside the arena of the enterprise, to expand activity through better service to current clients as well as identifying new opportunities. Moreover, these activities are now largely based around relevant software systems hosted in a "cloud computing" environment. However, the over 50-year old phrase related to mistrust in computer systems, namely "garbage in, garbage out" or "GIGO", is used to describe problems of unqualified and unquestioning dependency on information systems. However, a more relevant GIGO interpretation arose sometime later, namely "garbage in, gospel out" signifying that with large scale information systems based around ERP and open datasets as well as "big data" analytics, particularly in a cloud environment, the ability to verify the authenticity and integrity of the data sets used may be almost impossible. In turn, this may easily result in decision making based upon questionable results which are unverifiable. Illicit "impersonation" of and modifications to legitimate data sets may become a reality while at the same time the ability to audit any derived results of analysis may be an important requirement, particularly in the public sector. The pressing need for enhancement of identity, reliability, authenticity and audit services, including naming and addressing services, in this emerging environment is discussed in this paper. Some current and appropriate technologies currently being offered are also examined. However, severe limitations in addressing the problems identified are found and the paper proposes further necessary research work for the area. (Note: This paper is based on an earlier unpublished paper/presentation "Identity, Addressing, Authenticity and Audit Requirements for Trust in ERP, Analytics and Big/Open Data in a 'Cloud' Computing Environment: A Review and Proposal" presented to the Department of Accounting and IT, College of Management, National Chung Chen University, 20 November 2013.) |
本系統中英文摘要資訊取自各篇刊載內容。