ArticlePDF Available

An analysis pattern for invoice processing

Authors:
Eduardo B. Fernández at Florida Atlantic University
Eduardo B. Fernández
Xiaohong Yuan
Xiaohong Yuan
Xiaohong Yuan
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Download full-text PDF
Read full-text
Download citation

Abstract and Figures

We discuss an analysis pattern for invoice processing. The pattern describes events such as the creation and validation of an invoice, followed by the payment process. This pattern is composed of two simpler patterns that describe the creation and payment of the invoice, respectively. The composite pattern represents a minimum application so that it can be applied to a variety of situations and it can be combined with other related patterns to describe more complex applications. The component patterns have value of their own and can be used independently.
Figures - uploaded by Eduardo B. Fernández
Author content
All figure content in this area was uploaded by Eduardo B. Fernández
Content may be subject to copyright.
Content uploaded by Eduardo B. Fernández
Author content
All content in this area was uploaded by Eduardo B. Fernández on Nov 17, 2014
Content may be subject to copyright.
1
An Analysis Pattern for Invoice Processing
Eduardo B. Fernandez1 and Xiaohong Yuan2
1Department of Computer Science and Engineering
Florida Atlantic University, Boca Raton, FL
2Department of Computer Science
North Carolina A&T State University, Greensboro, NC
Abstract
We discuss an analysis pattern for invoice processing. The pattern describes events such as the
creation and validation of an invoice, followed by the payment process. This pattern is composed of
two simpler patterns that describe the creation and payment of the invoice, respectively. The
composite pattern represents a minimum application so that it can be applied to a variety of
situations and it can be combined with other related patterns to describe more complex applications.
The component patterns have value of their own and can be used independently.
1. Introduction
Invoices are used in all places where services or products are provided and they usually contain a
list of charges for the services or products rendered. In some environments, e.g. a supermarket,
invoices are delivered right away, or they can be delivered via email or post mail. After the invoice
has been received, it must be paid, which involves different methods from which one can choose.
We present here an analysis pattern that describes the processing of an invoice, including its
creation and its payment. This pattern is an example of a Semantic Analysis Pattern as it expresses
semantic aspects of the model. Following the concepts behind this type of pattern [Fer00a], we
describe a set of use cases that together illustrate its idea. The pattern is a composite pattern and we
present first its two components, Invoice Creator and Invoice Payment, which we combine later into
an Invoice Processing pattern. The component patterns have value of their own and can be used
independently; however, if both aspects are needed the composite pattern presents some advantages
over the independent application of each one. Notice that we do not care about the specific contents
of the invoice, there are many varieties which are discussed in books such as [Fow97, Hay96,
Sil01]; our emphasis is on the needed processing.
The intents of the presented patterns are:
Invoice Creation. Describe the process of creating and preparing an invoice for a product or
service, followed by its validation.
Invoice Payment. Allow a client to make a payment for an invoice corresponding to services used
and/or products bought.
Invoice Processing. Describe the conceptual steps of invoice processing, including its creation,
preparation, validation, and payment.
2
2. Invoice Creation
Describe the process of creating and preparing an invoice for a product or service, followed by its
validation.
2.1 Context
This pattern is valuable for institutions or enterprises of any type that require payment for products
or services. In some cases the customers may have registered or opened accounts with these
institutions but that is not a necessary condition.
2.2 Problem
In order for a client to pay for the services provided or for the products she bought, an invoice needs
to be created that describes what should be paid, including rules and conditions. The process of
preparing such an invoice can be rather complex and also time consuming. Different systems deal
with this process in a different way, but they all have common aspects; however, we need a
systematic and uniform way of preparing invoices.
The following forces affect the solution:
In the creation of an invoice, there can be more than one actor involved, so some ordering of
actions between these parties has to be defined.
Items in an invoice can have different discounts and can belong to various categories which are
managed differently, so the preparation of the invoice needs to be done according to specified
procedures and policies.
The invoice may specify different ways of payment and other conditions, so we must define
them explicitly.
We need to validate that the invoice is complete and in a valid state before we send it.
Preparation and validation should be done by different people (separation of duty).
We need to keep track of who created an invoice.
There are invoices which are not bills of sale, like for example the 'shipping invoice' which
details all the parts that are included in the specific order. So, some information that we include
into the invoice has to be optional, while other information has to be mandatory.
2.3 Solution
First, a user creates and prepares the invoice according to predefined institution procedures; then
another user validates it. The stakeholders that participate in this process are the creator of the
Invoice and the Invoice Validator. The following use cases correspond to these situations:
1) Create and Prepare Invoice. After the purchasing of products and delivering of services, a
document is issued, which incorporates all the relevant items and their costs. This step can be
done automatically or manually either by a person or by a group of persons. After an invoice has
been created, we have to add the products or services to it and supply additional information
regarding every item from the invoice.
3
2) Validate Invoice. After an invoice has been created and prepared, it has to be validated by either
a system or a person. This step ensures that the quality and completeness of the invoice are met.
Figure 1 is a class diagram for the realization of these use cases. Class InvoiceCreator defines an
interface for creating an invoice. It also provides a way of preparing the invoice by adding or
deleting items from it, specifying different properties, which are used to derive the final scope of
the invoice. Class Invoice represents the document in which all the goods or services are
incorporated together with the nature of each item. Class InvoiceValidator is used to ensure that
the invoice that resulted from the steps described above is in a consistent form that complies with
the trade usage [Cro]. Classes BillingPolicy and Validation Rule include business policies that
apply to the preparation and validation of invoices.
Figure 1. Class diagram for Invoice Creation
Figure 2 shows a sequence diagram for creating, preparing and validating an invoice. After created,
the invoice may be initialized. The creator adds items and other specific information until there are
no more items to be added to the invoice. After each item is added the cumulative amount is
calculated. Once all the items have been supplied, the invoice signals the validator that the invoice
is complete. After validation the invoice is ready to be sent.
2.4 Consequences
<<interface>>
InvoiceCreator
type
Invoice
invoiceID
date
time
itemsBought
totalAmount
discounts
isValid
isValidInvoice
1 *
*
1
validate
<<interface>>
InvoiceValidator
create and prepare
name
Employee
date
Billin
g
Polic
y
*
*
create
*
*
validate
*
*
*
1
ValidationRule
date
*
*
appliesTo
appliesTo
4
The pattern provides the following benefits:
It describes an abstract invoice preparation process that can be tailored to different specific
situations.
We can separate specific stages of preparation along the invoice preparation process and their
ordering.
The creator and the validator of the invoice are roles; that is they can be performed by the same
or different individuals. They can also be performed by groups of people.
We can apply the separation of duty principle by having different users perform creation and
validation through different interfaces with access control.
We can keep track of who prepared and who validated an invoice.
Every characteristic of the use case is represented in this pattern, without providing any
implementation aspects, which leaves it open to different possibilities.
There are many ways of preparing an invoice, this pattern defines an abstract view of its
essential aspects and it can be adapted so that it fits any scenario.
We can add explicit authorizations to each action; in particular, creation and validation can be
restricted to specific actors.
Several liabilities of the pattern can be defined in terms of the aspects that were not covered, such
as:
Different types of creators and validators. This depends on the system, and can range from
creators that are individuals to creators that are software programs or institutions (parties).
The specific contents of the invoice depend on accounting practices. [Hay96] and [Sil01]
provide details of these aspects.
Figure 2. Creating, preparing and validating an invoice
<<actor>>
:Creator
:Invoice
<<actor>>
:InvoiceValidator
create()
initialize()
addItem(item)
[complete]
validate()
loop -[more items]-
calculateAmount()
5
2.5 Known uses
Some examples of use for this pattern are:
A point-of-sale system in any department store that sells products, such as Macy’s.
An on-line shopping store, where people use the Internet to log onto an on-line shop in order to
buy different items, e.g. Amazon.
Monthly invoicing for telephone or internet service, e.g. Comcast.
SAP has an Invoice management product where they create and prepare invoices [SAP].
2.6 Related patterns
Creation of invoices may use a Factory pattern [Gam94] in the design stage.
The Account pattern [Fer02] defines accounts where the invoice costs may be charged.
A Strategy pattern [Gam94] can be used to select different ways to calculate prices [Pie].
Billing policies can be defined using a Business Rule pattern [Ars00].
Fowler [Fow97], Hay [Hay96], and Silverston [Sil01] deal with accounts and describe how
invoices are produced but don’t show their handling.
3. Invoice Payment
Allow a client to make a payment for an invoice corresponding to services used and/or products
bought.
3.1 Context
This pattern is valuable for institutions or enterprises of any type that require payment for products
or services. In some cases the customers may have registered or opened accounts with these
institutions but that is not a necessary condition.
3.2 Problem
A client has to be able to pay an invoice in a way convenient to him; this implies that different
payment methods have to be incorporated in the payment process, so that a client can elect the best
option that fits his needs. Such a payment has to be validated in order for both the client and the
system to have confirmation that the payment has been done in an appropriate way.
The solution is affected by the following forces:
We need to provide different possibilities to make a payment for an invoice; otherwise we might
lose customers.
The system and the client need a convenient way of keeping track of the payments made.
Validation of every received payment has to be made to ensure that the client’s information is
correct and in accordance to the requirements and regulations of each system.
6
We need to keep track of who validated a payment.
3.3 Solution
Separate the validation approach from the payment so we can apply different validation approaches.
It should be noticed that an invoice could be sent before or after the actual payment has been made.
Such flexibility is incorporated in the design by separating this process.
Figure 3 shows the class diagram for Invoice Payment. The Invoice class represents the amount that
must be paid by the customer. The Payment class represents the payment made by the client for the
products and/or services incorporated in the invoice. It should incorporate information related to the
invoice for which the payment is being made, the payment method chosen, the id of the client that
makes the payment. The PaymentValidator validates payments according to ValidationRules.
Employee keeps track of who validated a payment. The Customer class represents the customer
that makes payments for the given invoice.
Figure 3 Class Diagram for Invoice Payment
Figure 4 shows the sequence diagram for payment of an invoice. A Client initiates the payment
process by making a payment according to the total sum in the invoice. The Payment is validated by
the PaymentValidator, according to the validation rules, after which the status of the payment is
returned to the client.
Invoice
idInvoice
Customer
*
1
itemsBought
totalSum
discounts
<<interface>>
idValidPaymen
t
PaymentValidator
idClient
Payment
idPaymentMethod
*
1
p
ay
1
*
validates
*
p
aymentFo
r
ValidationRule
date
Employee
name validate appliesTo
1
*
*
*
7
Figure 4 Sequence diagram for Invoice Payment
A Payment can be in the following states: Active, Paid, and Validated. When the invoice is sent,
payment is activated. After the customer has paid (Payment in Paid state), his payment needs to be
validated. After the validation process has been completed, the payment is closed.
3.4 Consequences
This pattern has the following advantages:
It allows to control and keep track of who validated payments.
The payments can be related to its corresponding invoice.
We can apply different validation rules to a payment.
We can indicate different ways to pay an invoice by adding classes to Payment as in [Hay96] or
[Sil01].
In the liabilities we can mention that aspects such as payment in installments or payments by check,
have been left out.
3.5 Known uses
Some examples of use for this pattern are:
A point-of-sale system in any department store that sells products, such as Macy’s.
An on-line shopping store, where people use the Internet to log onto an on-line shop in order to
buy different items, e.g. Amazon.
8
Monthly invoicing for telephone or internet service, e.g. Comcast.
SAP has an Invoice management product where they create and prepare invoices [SAP].
3.6 Related patterns
This pattern may include a Factory pattern [Gam94] to create payments.
The Validation Rule could be an instance of the Business Rule pattern [Ars00].
Fowler [Fow97], Hay [Hay96], and Silverston [Sil01] deal with accounts and describe how
invoices are produced but don’t show their handling.
A pattern Pay For The Resource Transaction [Bra99], describes the process of paying a bill in
installments.
4. Invoice Processing
Describe the conceptual steps of invoice processing, including its creation, preparation, validation,
and payment.
4.1 Context
This pattern is valuable for institutions or enterprises of any type that require payment for products
or services. In some cases the customers may have registered or opened accounts with these
institutions but that is not a necessary condition.
4.2 Problem
There are many systems where we need to combine the functions of creating and preparing an
invoice, and paying that invoice, including the corresponding validations. How do we represent this
process in a general and abstract manner?
The solution is affected by the following forces:
The creation, preparation, and validation of an invoice requires specific actors, actions in
specific sequences, and must follow specific rules.
Preparation and validation should be done by different people (separation of duty).
There should be flexibility about who is responsible for a payment and how the payments will
be made.
The system and the client need a convenient way of keeping track of the payments made.
Validation of every prepared invoice and every received payment has to be made to ensure that
the client’s information is correct and in accordance to the requirements and regulations of each
system.
We need to keep track of who created an invoice, who validated it, and who validated a payment
4.3 Solution
Combine the solutions of the two component patterns, Invoice Creator and Invoice Payment. Figure
6 shows the class model of this pattern as a combination of the two previous class models. The
9
sequence diagrams of Figures 2 and 4 still apply. Figure 7 shows the activity diagram of creating
and paying for an invoice.
4.4 Consequences
This pattern combines the consequences of its component patterns plus:
The actors, the sequence of their actions, and the corresponding business rules can be changed
easily.
We can control who performs specific actions on invoices and we can keep track of who
performed these actions.
It is easy to add new payment methods or types of customers.
Clients and systems can keep track of the payments made.
We can conveniently validate the preparation of invoices and the reception of payments.
We can show the required sequence of the activities in both component patterns.
We can define a secure version of this pattern applying instances of the Role-Based Access
Control pattern as we have done for analysis patterns describing law applications [Fer07] and
others.
The pattern has the following liabilities:
We left out details of the customers. Those can be found in [Hay96] or [Sil01].
We did not consider specific ways of payment. They also can be found in [Hay96] or [Sil01].
We did not consider physical delivery and storage of invoices. They are considered in [Net09].
4.5 Known uses
Some examples of use for this pattern are:
A point-of-sale system in any department store that sells products, such as Macy’s.
An on-line shopping store, where people use the Internet to log onto an on-line shop in order to
buy different items, e.g. Amazon.
Monthly invoicing for telephone or internet service, e.g. Comcast.
SAP has an Invoice management product where they create and prepare invoices [SAP].
4.6 Related patterns
Creation and payment of invoices may use a Factory pattern [Gam94].
The Account pattern [Fer02, Fow97] defines accounts where the invoice costs may be charged.
A Strategy pattern [Gam94] can be used to select different ways to calculate prices or discounts.
Billing and payment policies can be defined using a Business Rule pattern [Ars00].
The Order and Shipment pattern [Fer00b], describes how a customer can place an order for a
product and the subsequent shipment of the product.
Internet shops may require invoicing [Fer01].
The contents of invoices can be found in [Fow97], [Hay96], and [Sil01].
Creation and delivery of invoices is considered in [Net09].
10
Acknowledgements
Mihai Fonoage started this pattern as a class project. Our shepherd, Rosana T. Braga provided
valuable comments.
Figure 5. Class diagram for Invoice and Payment
Employee
name
Invoice
invoiceID
date
time
itemsBought
totalAmount
discounts
Payment
Customer
<<interface>>
InvoiceCreator
BillingPolicy
date
<<interface>>
InvoiceValidator
Validation Rule
<<interface>>
PaymentValidator
idValidPayment
date
isValidInvoice
create
1 *
1
*
type
create
*
*
*
*
validate
*
*
a
liesTo
*
*
*
1
validatedBy
accountableFor
*
*
*1
validatedBy
1
*
isPai
d
B
y
idPaymentMethod
idClient
idClient
*
1isPaidBy
*
*
a
pp
lies
validate
a
pp
lies
11
Figure 6. Activity diagram for Invoice and Payment
References
[Ars00] A. Arsanjani. "Rule Object Pattern Language". Proceedings of PLOP2000.
[Bra99] R.T.V. Braga, F.S.R. Germano, and P.C. Masiero, “A Pattern Language for Business
Resource Management”, Proceedings of the 6th Annual Conference on Pattern Languages of
Programs (PLOP'99), v7, 1-33, Monticello, Illinois, USA, August 1999.
[Cro] Crowley Maritime Corporation, Definition of the term Invoice. http://www.crowley.com/
[Fer00a] E. B. Fernandez and X. Yuan, “Semantic analysis patterns”, Proceedings of the 19th Int.
Conf. on Conceptual Modeling, ER2000, Lecture Notes in Computer Science 1920, Springer 2000,
183-195. Also available from: http://www.cse.fau.edu/~ed/SAPpaper2.pdf
[Fer00b] E.B. Fernandez, B. Yuan, X. and S. Brey, “An Analysis Pattern for Order and Shipment of
a Product,” Procs. of the 7th Pattern Languages of Programs (PLoP) Conference. http://st-
www.cs.uiuc.edu/~plop/plop00, August, 2000.
[Fer01] E. B. Fernandez, Y. Liu, and R.Y. Pan, “Patterns for Internet shops “, Procs. of PLoP 2001,
http://jerry.cs.uiuc.edu/~plop/plop2001/accepted_submissions/accepted-papers.html
Invoice Payment
create
validate payment
create
receive payment
p
repare
validate
send
make payment
12
[Fer02] E.B.Fernandez and Y.Liu, "The Account Analysis Pattern", Procs. of EuroPLoP (Pattern
Languages of Programs). http://www.hillside.net/europlop/EuroPLoP2002/
[Fer07] E. B. Fernandez, D. L. laRed M., J. Forneron, V. E. Uribe, and G. Rodriguez G. A secure
analysis pattern for handling legal cases”, Procs. of the 6th Latin American Conference on Pattern
Languages of Programming ( SugarLoafPLoP’2007), 178-187.
http://sugarloafplop.dsc.upe.br/AnaisSugar2007_WEB.pdf
[Fow97] M. Fowler, Analysis Patterns-Reusable Object Models, Addison-Wesley, 1997.
[Gam04] Gamma, E., Helm, R., Johnson, R. and Vlissides, J.: Design patterns –Elements of
reusable object-oriented software, Addison-Wesley 1995.
[Hay96] D.Hay, Data model patterns-- Conventions of thought, Dorset House Publ., 1996. Chapter
7: Accounting.
[Net09] M.Netter and G.Pernul, "Integrating security patterns into the electronic invoicing process",
accepted for the Third Int. Workshop on Secure System Methodologies using Patterns (SPattern
2009).
[Pie] John Pierce, Design patterns, Cal State University, San Jose, CA
http://www.cs.sjsu.edu/faculty/pearce/oom/patterns/behavioral/strategy.htm
[SAP] SAP United States, http://www.sap.com/usa/solutions/solutionextensions/invoice-
management/index.epx
[Sil01] L. Silverston, The data model resource book (revised edition), Vol. 1, Wiley 2001, Chapter
7, vol. 1: Invoicing.
... Alguns padrões de análise documentados através de modelos podem ser encontrados nos trabalhos de Lisboa-Filho et al. (2002) e Fernandez e Yuan (2009). Um modelo para a documentação de padrões é apresentado por Meszaros e Doble (1997), sendo este modelo composto pelos tópicos: name, problem, context, motivation, solution, participants and related patterns. ...
Um Editor de Metadados para Documentar Padrões de Análise em uma Infraestrutura de Reuso
Conference Paper
Full-text available
  • Jan 2014
The software development process often encounters obstacles to reuse analysis patterns due to difficult access to these computational artifacts. The lack of both a computational tool to support the analysis patterns documentation process and a digital repository to store these patterns contributes negatively on the retrieval and reuse of them. This paper presents the tool DC2AP Metadata Editor. This tool is a metadata editor for analysis patterns based on the Dublin Core Application Profile for Analysis Patterns (DC2AP). To organize the analysis patterns documentation process, and facilitate their retrieval by software developers, the DC2AP Metadata Editor uses the idea of Semantic Web, and provides an environment for documentation of analysis pattern metadata as Linked Data, thus allowing the knowledge stored in these artifacts to be shared and automatically interpreted by software, facilitating the process of patterns retrieval through search engines, for instance. The system is a Web-based SaaS system developed under the concepts of Cloud Computing, and provides some of its functionality through Web services, so that these services can be used in other tools with similar purpose. Resumo. O processo de desenvolvimento de software muitas vezes encontra obstáculos na reutilização padrões de análise devido ao difícil acesso a estes artefatos computacionais. A falta de uma ferramenta que facilite o processo de documentação de padrões de análise, e de um repositório digital para armazená-los, contribui negativamente na recuperação e reuso dos mesmos. Este trabalho apresenta a ferramenta DC2AP Metadata Editor. Esta ferramenta é um editor de metadados para padrões de análise baseada no modelo Dublin Core Application Profile for Analysis Patterns (DC2AP). Para organizar o processo de documentação dos padrões de análise, e facilitar sua recuperação por desenvolvedores de software, o DC2AP Metadata Editor utiliza da ideia da Web Semântica, e fornece um ambiente para documentação dos metadados de padrões de análise na forma de Linked Data, permitindo assim que o conhecimento armazenado nesses artefatos sejam compartilhados e automaticamente interpretados por software, facilitando o processo de recuperação de padrões através de motores de busca, por exemplo. O sistema é um SaaS desenvolvido com tecnologia Web baseado nos conceitos de Computação nas Nuvens, e fornece algumas de suas funcionalidades através de serviços Web, de forma que estes serviços possam ser utilizados em outras ferramentas com propósito semelhante.
View
... Some analysis patterns documented through templates can be found in the work of Lisboa-Filho et al. (2002) and Fernandez and Yuan (2009). Meszaros and Doble (1997) present in their work a template composed of topics: name, problem, context, motivation, solution, participants and related patterns. ...
A Machine-Processable Dublin Core Application Profile for Analysis Patterns to provide Linked Data
Article
Full-text available
  • Jan 2012
Analysis patterns are reusable computational artifacts aimed at the analysis stage of the software development process. Although the analysis patterns can facilitate the work of analysts and developers, the access to them is still very poor because of the way they are usually described and made available. The Analysis Patterns Reuse Infrastructure (APRI) was proposed in order to reduce these deficiencies for supporting, cataloging and encouraging the reuse of analysis patterns. This infrastructure comprises a repository of analysis patterns documented through a specific metadata profile and that can be accessed via Web services. Based on the proposal of APRI, this article presents the specific metadata profile to the documentation of analysis patterns called Dublin Core Application Profile for Analysis Patterns (DC2AP). This application profile is described by RDF files and identified via URI, thus providing Linked Data that increase the potential for reuse of the analysis patterns.
View
... Usually a template is composed of essential topics such as context, problem, motivation and solution (Fowler, 1997), combined with other specific topics as defined by their authors. Some examples of analysis patterns that are documented through templates can be found in the works of Lisboa-Filho et al. (2002) and Fernandez and Yuan (2009). In the work of Lisboa-Filho et al. (2002), the analysis patterns presented are documented using a template as proposed by Meszaros and Doble (1997). ...
A Dublin core application profile for documenting analysis patterns in a reuse infrastructure
Article
  • Jan 2013
Analysis patterns are reusable computational artefacts aimed at the analysis stage of the software development process. Although analysis patterns can facilitate the work of analysts and developers, the access to them is still very poor because of the way they are usually described and made available. In order to reduce these limitations as well as to support the cataloguing and to encourage the reuse of analysis patterns, the Analysis Patterns Reuse Infrastructure (APRI) was proposed. This infrastructure comprises a repository of analysis patterns documented through a specific metadata profile that can be accessed via web services. Based on the proposal of APRI, this paper introduces a machine-processable metadata profile suited to the documentation of analysis patterns, called Dublin Core Application Profile for Analysis Patterns (DC2AP). This metadata profile is described by RDF files identified via URI, thus providing linked data that increase the potential for reusing the analysis patterns.
View
... Usually a template is composed of essential topics such as context, problem, motivation and solution [3], combined with other specific topics defined by their authors. Some analysis patterns documented through templates can be found in [12] and [13]. Meszaros and Doble [14] present in their work a template composed of topics: name, problem, context, motivation, solution, participants and related patterns. ...
DC2AP: A Dublin Core Application Profile to Analysis Patterns
Conference Paper
Full-text available
  • Jan 2012
Analysis patterns are reusable computational artifacts, aimed at the analysis stage of the process of software development. Although the analysis patterns can facilitate the work of analysts and programmers adding value through reuse of proven useful and tested ideas, the access to them is still very poor because of the way they are usually described and made available. In order to reduce these deficiencies, supporting cataloging and encouraging the reuse of analysis patterns, it was proposed the Analysis Patterns Reuse Infrastructure (APRI). This infrastructure comprises a repository of analysis patterns documented through a specific metadata profile and accessed via web services. Based on the proposal of APRI, this article presents the specific metadata profile to the documentation of analysis patterns called Dublin Core Application Profile to Analysis Patterns (DC2AP).
View
View
View
Community-Acquired Pneumonia Among Smokers
Article
  • Dec 2013
Recent studies have left absolutely no doubt that tobacco increases susceptibility to bacterial lung infection, even in passive smokers. This relationship also shows a dose-response effect, since the risk reduces spectacularly 10 years after giving up smoking, returning to the level of non-smokers. Streptococcus pneumoniae is the causative microorganism responsible for community-acquired pneumonia (CAP) most frequently associated with smoking, particularly in invasive pneumococcal disease and septic shock. It is not clear how it acts on the progress of pneumonia, but there is evidence to suggest that the prognosis for pneumococcal pneumonia is worse. In CAP caused by Legionella pneumophila, it has also been observed that smoking is the most important risk factor, with the risk rising 121% for each pack of cigarettes smoked a day. Tobacco use may also favor diseases that are also known risk factors for CAP, such as periodontal disease and upper respiratory viral infections. By way of prevention, while giving up smoking should always be proposed, the use of the pneumococcal vaccine is also recommended, regardless of the presence of other comorbidities.
View
An Extensible Pattern-based Library and Taxonomy of Security Threats for Distributed Systems
Article
  • Jan 2013
  • COMPUT STAND INTER
Security is one of the most essential quality attributes of distributed systems, which often operate over untrusted networks such as the Internet to provide organizations and individuals with a range of data and computational services. To incorporate security features during the development of a distributed system requires a sound analysis of potential attacks or threats in various contexts, a process that is often termed “threat modeling”. To reduce the level of security expertise required, threat modeling can be supported by threat libraries (structured or unstructured lists of threats), which have been found particularly effective in industry scenarios; or attack taxonomies, which offer a classification scheme to help developers find relevant attacks more easily. In this paper we combine the values of threat libraries and taxonomies, and propose an extensible, two-level “pattern-based taxonomy” for (general) distributed systems. The taxonomy is based on the novel concept of a threat pattern, which can be customized and instantiated in different architectural contexts to define specific threats to a system. This allows developers to quickly consider a range of relevant threats in various architectural contexts as befits a threat library, increasing the efficacy of, and reducing the expertise required for, threat modeling. The taxonomy aims to classify a wide variety of more abstract, system- and technology-independent threats, which keeps the number of threats requiring consideration manageable, increases the taxonomy's applicability, and makes it both more practical and more useful for security novices and experts alike. After describing the taxonomy which applies to distributed systems generally, we propose a simple and effective method to construct pattern-based threat taxonomies for more specific system types and/or technology contexts by specializing one or more threat patterns. This allows for the creation of a single application-specific taxonomy, which in turn allows developers to consider the widest range of applicable threats in a given architectural context. We demonstrate our approach to specialization by constructing a threat taxonomy for peer-to-peer systems.
View
Understanding the effects of P2P dynamics on trust bootstrapping
Article
  • Jul 2013
  • INFORM SCIENCES
Reputation and trust systems rely on historical information to account for uncertainty about the intention of users to cooperate. In open, dynamic systems like peer-to-peer (P2P) networks, however, forming trust relationships is often a lengthy and time consuming effort due to the anonymous and discontinuous participation of users. For example, the flow of transactions may be interrupted by unexpected user departures, precluding trustors from gaining the necessary experience to make an accurate trust evaluation. The problem is further complicated in the case that no previous direct and reputational evidence is available. This happens, for instance, when a new user joins the system for the first time or users form short-term, ad hoc groups around a shared goal, which is very common in P2P networks. In these cases, the problem is how to minimize the time to bootstrap trust between volatile users who are unknown to one another.To shed light on this question, this paper presents an accurate model for capturing the influence of churn – the continuous process of node arrival and departure – on trust bootstrapping. Using our analytical model, we show that churn can be very problematic in real P2P systems and develop equations that allow system architects to compute the minimal transaction rate that achieves quick bootstrapping of trust. Also, we present an example of how our analytical framework can be used to design a viable solution for the trust bootstrapping problem in dynamic settings. The core idea is that users ask their social links to transact with strangers and together generate trust evaluations in a short time scale. Finally, we verify our theoretical results by simulation and confirm how a simple application of our framework can reduce bootstrapping times by 50% in environments with high churn rates.
View
View
Patterns for Internet shops
Article
Full-text available
  • Jan 2001
Shopping on the Internet has become common and any web site must provide convenient user interfaces for this purpose. An appropriate infrastructure is needed to support a variety of navigational views. We present two patterns that are part of the infrastructure of web shops: the Catalog pattern and the Shopping Process pattern. The Catalog pattern describes how to organize the information about products for a web shop, the Shopping Process pattern describes the steps required to buy something in the Internet. We also show the combination of these patterns in a web shop.
View
Integrating Security Patterns into the Electronic Invoicing Process
Conference Paper
Full-text available
  • Oct 2009
The increasing automation of business processes is one of the main benefits of the ongoing technological evolution. Regarding e-invoices this automation process is still not optimally supported despite the fact that recent studies indicate a high potential to save costs. Within this paper we identify the main obstacles and propose a multi-stage solution. Therein we classify the e-invoicing process using common security objectives and, since the process includes many security related elements, propose an initial solution based on security patterns. The approach takes advantage of the main benefits of security patterns to provide a domain-independent solution which is built upon expert knowledge.
View
Semantic Analysis Patterns
Conference Paper
Full-text available
  • Oct 2000
  • Lect Notes Comput Sci
The development of object-oriented software starts from requirements expressed commonly as Use Cases. The requirements are then converted into a conceptual or analysis model. Analysis is a fundamental stage because the conceptual model can be shown to satisfy the requirements and becomes the skeleton on which the complete system is built. Most of the use of software patterns until now has been at the design stage and they are applied to provide extensibility and flexibility. However, design patterns don't help avoid analysis errors or make analysis easier. Analysis patterns can contribute more to reusability and software quality than the other varieties. Also, their use contributes to simplifying the development of the analysis model. In particular, a new type of analysis pattern is proposed, called a Semantic Analysis Pattern (SAP), which is in essence a miniapplicatio n, realizing a few Use Cases or a small set of requirements. Using SAPs, a methodology is developed to build the conceptual model in a systematic way.
View
The Account Analysis Pattern.
Conference Paper
Full-text available
  • Jan 2002
View
A Pattern Language for Business Resource Management
Article
Full-text available
  • Jul 2000
A pattern language to deal with Business Resource Management is presented. It covers a great number of applications in business systems, including patterns for resource rental, trading and maintenance, and was designed based on practical experience in information systems development. Existing recurring patterns were applied to form patterns in our language, which were instantiated to this specific domain. The idea has been to make the language as complete as possible in order to be useful for the analysis of a wide variety of applications in this domain. Fifteen patterns are presented together with a diagram showing the precedence for checking the convenience of their utilization. Object models using UML notation are used both to present each pattern structure and a sample instantiation. The pattern language application to practical cases has shown that analysis is easily conducted, as it is a guideline for the work to be done.
View
View
View
View
Design Patterns: Elements of Reusable Object-Oriented Software
Article
  • Jan 1995
The book is an introduction to the idea of design patterns in software engineering, and a catalog of twenty-three common patterns. The nice thing is, most experienced OOP designers will find out they've known about patterns all along. It's just that they've never considered them as such, or tried to centralize the idea behind a given pattern so that it will be easily reusable.
View
Semantic Analysis Patterns
Article
  • Jun 2001
The development of object-oriented software starts from requirements expressed commonly as Use Cases. The requirements are then converted into a conceptual or analysis model. Analysis is a fundamental stage because the conceptual model can be shown to satisfy the requirements and becomes the skeleton on which the complete system is built. Most of the use of software patterns until now has been at the design stage and they are applied to provide extensibility and flexibility. However, design patterns don't help avoid analysis errors or make analysis easier. Analysis patterns can contribute more to reusability and software quality than the other varieties. Also, their use contributes to simplifying the development of the analysis model. In particular, a new type of analysis pattern is proposed, called a Semantic Analysis Pattern (SAP), which is in essence a miniapplication, realizing a few Use Cases or a small set of requirements. Using SAPs, a methodology is developed to build the conceptual model in a systematic way. 1
View