C A M I M

bumpedappleMobile - Wireless

Nov 21, 2013 (3 years and 10 months ago)

68 views

1






Canada

-

European Union Program for

Co
-
operation in Higher Education,

Training and Youth




a Research Seminar

on



Cross Atlantic Partnership in

Net
work Systems

and

Information Management




Abstracts





5
th June,
2013


University of Pécs, Hungary

Faculty of Business and Economics



A Trans
-
Atlantic Exchange Programme




C

A

M

I

M

2


Participants and
universities




Université de Moncton, Canada


Sid
-
Ahmed Selouani, Project Director,
P
rofessor

Lucille Landry, Canadian Coordinator


University of Ontario Institute of Technology, Canada


Stephen Rose, Associate Dean

Miguel Vargas Martin, Associate Professor


The University of Manitoba, Canada


Bob
Travica, Project Coordinator, Professor


Université de Bretagne
-
Sud, France


Giuseppe Berio, Project Director, Professor

Sandra Vessier, European Coordinator


Turku University of Applied Sciences, Finland


Anu Härkönen, International Coordinator

Esko V
a
inikka, Professor


University of Pécs,
Faculty of Business,
Hungary




Peter Dobay, Project Coordinator, Professor


Ferenc Kruzslicz, Associate Professor


Ádám Horváth, teaching assistant


Judit Trombitás, International Coordinator



3


PROGRAMME


Date
: 5th
June, 2013


Venue
: PTE KTK Faculty of Business; B 323/1


09.00



Address from the Faculty of Business leadership



Address from hosting department, Peter Dobay

RESEARCH SESSION


09.30

Lucille Landry
(
UdeM
):

Summary of activities of the CAMIM Project

10.00

Kruzslicz, F. (UofP)


Shi, Wei
(
UOIT):

The iWiW Case Study

10.30

Vainikka, E.

(
TUAS
)
:

Penetration Testing Learning Environment

11.30

Selouani, S
-
A.:

Information Era : Challenges and Perspectives

12.00

Martin, Miguel Vargas


Jarkko Paavola


K.

El
-
Khatib:

Developing the Canadian TV White Space Database

12.30

Buffet lunch

EDUCATION SESSION


13.30

Giuseppe Berio

(UBS)
:

CAMIM Talk


14.00

Vainikka, E.
(
TUAS
)
:

Information Security for SME sector companies,

14.30

Travica, B.
(
UofM
)



Dobay, P.

(
UofP
)
:

Understanding IM/TM Corporate Strategy through I
n-
ternational Cases

15.00

Video lecture from Turku

and Salo
, Finland

Jarkko Paavola:

Capture the Flag (CfT) information


security competition

Video report from Salo , Finland,

Jaana
Kallio
-
Gerlander:

Experiences of about Business Academy in Salo

16.00

Summary and closing




4



The CAMIM Program: A Short Overview

The CAMIM Program is a Trans
-
Atlantic cooperation between Canadian and
European universities, under the framework of “Canada
-
European Union

Program for Co
-
operation in Higher Education, Training and Youth”.

as
a result of a decision of t
he E
U
Commission
and the Government of Can
a-
da
. The

parties
established a framework for cooperation in higher education,
training and youth, signed December 5th 2006,
providing

financial assistance
to support projects that promote
higher education
student mobility
.
Applying

universities gained a funding in 2010 to foster international knowledge tran
s-
fer in applied information sciences.

The participating universities, faculties are the following:

Main coordinator:

Université de Moncton,
and Campus at Shippagan,
Canada

European coordinator:

Université de Bretagne
-
Sud,
Campus de Vannes,
France

P
art
ner institutes
:

University of Ontario Institute of Technology,
Oshawa Campus,
Canada

University of Manitoba,
Asper School of Business,
Canada

Turku University of Applied Sciences,
Turku


Salo,
Finland

University of Pécs,
Faculty of Business and Economics,
Hungary





The Project title “
Cross Atlantic Partnership in Network Systems and

Information Management (CAMIM)
” expresses

the main topic, as to explore
and promote higher education training and research in information networking
and business information management.

The main focus of the project is to foster undergraduate and graduate student
exchanges in the various academi
c areas embedded in promoting the deve
-
lopment of network systems and information management. The collaboration
between the consortium partner institutions will allow: credit transfer for st
u-
dents; professional opportunities and competence in work, and the

manag
e-
ment of research; an effort of the consortium so as to combine skills and
share resources; the exchange of knowledge and expertise in higher educ
a-
tion and training; the added values of European and Canadian transatlantic
cooperation in higher educat
ion, training and youth.

Within this 3
-
years cooperation 21 students have had a possibility for a seme
s-
ter
-
long study abroad program and about a dozen short visits have taken
place to develop joint research and training programs by faculty members.


Lucille Landry

Spécialiste de la mobilité
étudiantes internationale

à l’U
iversité de Moncton.


Sandra Vessier


Directrice du Service des


Affaires Internationales,


Université de Bretagne
-
Sud




5


Information era:

challenges and perspective

Sid
-
Ahmed Selouani
,
sid
-
ahmed.selouani@umoncton.ca

University of Moncton, Campus Shippagan

Abstract

In our present
context, it is impossible to ignore the prodigious growth of ne
t-
work
-
based information services, messaging and also the huge amount of the
different types of information generated from various communication cha
n-
nels. This dramatic increase requires that bo
th individuals and organizations
take steps to cope with this unprecedented scale of worldwide information
overabundance. With this ever
-
growing mass of information, the organizations
need to plan for employing ever
-
more sophisticated techniques to manage
the
additional information that is being generated every day. This exponential
growth will change the way professionals do their jobs and the way they deal
with the challenge of “information governance”. Therefore, it becomes vital to
provide appropriate i
nformation management skills to employees and profe
s-
sionals. Consequently, higher education institutions are challenged to e
n-
hance and integrate those skills within their curriculum in order to provide
methods and capabilities to set up strategies for mana
ging structured and u
n-
structured data and information for the next decades. This presentation f
o-
cuses on the issue of how to prepare competent professionals to meet the
challenges of information management and network systems in the context of
the global k
nowledge
-
based economy.

About the presenter

Sid
-
Ahmed Selouani

is a full Professor of Information
Management at Univers
i
té de Moncton, Shippagan
campus, Canada. He has a threefold educational
background: Human
-
Computer Interaction, Info
r-
mation Management,

and A
r
tificial Intelligence. He
received his B.E degree in 1987 and his M.S. degree in
1991 both in electronics engineering from the Algiers
University of Technol
o
gy. He joined the Université J
o-
seph Fourier of Grenoble taking part in the A
l
gerian
-
French d
ouble degree program, and then he received
a Docteur es Science degree in electrical engineering
in 2000. He is the founder of the r
e
search lab. in Human

System Interaction
(LARIHS)) at Université de Moncton. He is also an invited Professor at INRS
-
Telecom
munications (Montreal, Can
a
da). He is a senior IEEE member and
CompTia certified. Prof. Selouani wrote two books, contributed to seven cha
p-
ters in collective books, and is author or co
-
author of more than 180 peer
-
reviewed papers. His last publication is a

book entitled “Soft Computing and
Speech Processing” edited by Springer in 2011. Among others he was i
n-
volved in intensive research on information co
d
ing and compression in wir
e-
less systems. He undertook several individual and collective projects, some of

which are funded by the Natural Sciences and Engineering Research Council
of Canada (NSERC), the Social Sciences and Humanities Research Council
(SSHRC), and Canadian Foundation for Innov
a
tion (leader fund). Other pr
o-
jects are funded by national and inter
national i
n
stitutions.


6


The

iWiW

case

study

Kruzslicz, Ferenc


Shi, Wei

University of Pécs, University of Ontario IT

kruzslicz@ktk.pte.hu


shi@uoit.edu.ca

Abstract

The iWiW

case study was developed for undergraduate students either stud
y-
ing in the
information technology or the business domain. Background info
r-
mation and factual data are based on the initial success of an existing real
Hungarian firm. The development process and the lifecycle of the system is
introduced together with the continuous c
hange of the business environments
and the market. The case especially suitable for classroom activities among
teams having members of different domains and expertise.

By working on the case study participants can learn about social networking,
system dev
elopment, database design, software localisation and even privacy
concerns. Since most of the illustrations and supporting data available only in
Hungarian, only the core information were translated in the study. Students
are suggested to use computer aide
d translation tools during their prepar
a-
tion.

The case study may be used as a standalone one, but the core part of it can
be easily compared to other international situations. Finally it is possible to
discuss scalability problems as well of a continuousl
y and unpredictable
growing system.

About the presenters

Wei Shi

is an assistant Professor of Business and Info
r-
mation Technology at University of Ontario, Canada. B
e-
fore she worked for the National Information Security Ce
n-
tre in China and for Beijing
Founder Order Computer Sy
s-
tem Ltd. As a project manager in the latter enterprise, she
led a team of 30 progra
m
mers developing an online we
l-
fare registration and distribution system for the Chinese
Ministry of Civil Affairs. Her research interests are in: i
nte
l-
ligent di
s
tributed interactive systems, secure wireless
sensor networks, software tes
t
ing and patient privacy pr
o-
tection.

Ferenc Kruzslicz

is an associate Pr
o-
fessor of Business I
n
formatics Department at University
of Pécs, Hungary. After working as th
e program leader of
the undergraduate correspondent courses of Faculty of
Economics, he was elected to manage Business Info
r-
mation Technology BSc program at Faculty of Sciences.

He has practical experience in content management and
participated in the dev
elopment of Springer's news di
s-
tribution system, and Webstar's intelligent product cla
s-
sification search engine prototype.

His research areas are: project management and sche
d-
uling, database design and applications, information retrieval, combined data
and

text (duo) mining.


7


Penetration Testing Learning Environment

Vainikka, Esko

Turku University of Applied Sciences

esko.vainikka@turkuamk.fi

Abstract

Penetration testing (pen testing) has at least two other names such as Ethical
Hacking and White Hat
Hacking. The term hacking has, however, somewhat
bad reputation so it is better to use the term penetration testing (the abbrevi
a-
tion is pen test). When talking about penetration testing we must always u
n-
derline the ethical and juridical issues concerning

it. Pen testing is nowadays
a very popular topic in several training organizations’ course offerings; some
courses are good, but some are quite poor. Perhaps the best courses are gi
v-
en by SANS organization (
www.sans.org
); the latest course is taking place
during week 23 in Berlin, Germany. It is also possible to certify for pen testing
by achieving e.g. CEH (Certified Ethical Hacker) certificate provided by the
International Council of E
-
Commerce Consultants (EC
-
Council)

or applicable
GIAC (Global Information Assurance Certification) certificate.


There is an unofficial standard for Penetration testing available named Pen
e-
tration Testing Execution Standard (PTES) which can be found on the www
-
page
www.pentest
-
standard.org
. That standard describes the 7 phases of pen
testing which are: Pre
-
engagement Interactions, Intelligence Gathering,
Threat Modeling, Vulnerability Analysis, Exploitation, Post Exploitation and
Reporting. Th
e standard explains the content of each phase quite deeply so it
is very easy to apply it.


The ultimate goal of our Penetration Testing Learning Environment in TUAS is
to get the students familiar with what kind of activities real
-
world attackers
have and

what kind of tools they use and, of course, how to protect against
them. The students will learn how to find different kinds of vulnerabilities in
operational systems and software applications and how the attackers exploit
them. According to Chinese mythi
cal general Sun Zu “Know your enemy and
know yourself, then your victory is never at risk”. We utilize our environment
also in the laboratory work of our other information security courses like the
basic course ‘Information Security’ and the courses ‘Web A
pplication Secur
i-
ty’ and ‘Virus and Malware Protection’.


Our learning environment consists of two different parts that are located in
our laboratory environment. These two parts have been connected with each
other by our laboratory’s data communications
network but they have diffe
r-
ent purposes. One part (let’s say Part 1) consists of over 20 powerfulwor
k-
stations and its purpose is to serve as an environment where the students
learn different kinds of tools and attack methods. The other part (Part 2) co
n-
si
sts of two powerful server solutions. Both parts utilize virtualization tec
h-
nique for e.g. tool sets and target systems. The division of our environment in
two parts clarifies our learning objectives. It enables also the use of different
kinds of network s
et
-
ups (wired, wireless) and firewall & IDS/IPS systems b
e-
tween the pen tester and the target environment (as it is in the real world).

8


The learning consists of three main phases: Playing with the tools in order to
learn to utilize them, applying the tools

for penetration testing in the laborat
o-
ry environment, and conducting penetration testing to a real
-
world target (if
that exists). The last phase can come true either from our laboratory enviro
n-
ment through Internet to the customer’s environment or totall
y in their env
i-
ronment or it can be a mixture of them. The last phase can be realized also by
conducting pen testing to a customer’s software solutions installed in our e
n-
vironment.


It must be noticed that although the customer wants to have pen testing
to
his/her environment, both our data communications service provider and the
customer’s one (and also his/her other service providers) must accept that. If
not, then that pen testing session is illegal and we cannot execute it. Also,
other juridical issue
s must be taken into account. It is also typical that our
students (and responsible teachers) must sign NDA’s for pen testing.


About the presenter


Esko Vainikka

works as a principal lecturer at Turku Unive
r-
sity of Applied Sc
i
ences. He is also the person

of charge of
Business Data Communications and Information Security
specialization line. He holds a licentiate degree of ph
i
los
o-
phy from the field of cosmic radiation.

He has over 20
-
year
s

R&D experience dealing with digital
signal processing, ICT service

development and information
security. He has published over 60 academic publications
from digital signal processing concerning cosmic radiation
during his academic career.



Also h
e has over 20 years work experience in ICT field. He is
a
Certified Info
r-
ma
tion Systems Security Professional (CISSP) and his has also ITIL V2 Fou
n-
dation certificate. His current research interests include the whole information
security field, penetration testing, information security risk management and
information security awar
eness rising. He is also interested in tight integration
of teaching to R&D activities and to working life.



9


Developing the Canadian TV White Space

Martin, Miguel Vargas


Jarkko Paavola


K.

El
-
Khatib


Abstract

Canada transitioned from analog to digital TV during the summer of 2011. In
August 2011, Industry Canada issued a document entitled “Consultation on a
Policy and Technical Framework for the Use of Non
-
Broadcasting Applications
in the Television Broadcastin
g Bands Below 698 MHz,” where they called for
answers to questions related to the proper implementation of a geo
-
location
database to preserve the integrity and availability of usable channels. Through
the CAMIM program, the University of Ontario Institute

of Technology and the
Turku University of Applied Sciences joined efforts to create such database
and test it using the Protocol to Access WS database (PAWS) protocol. This
presentation focuses on outlining technical aspects while highlighting the l
o-
gisti
cs involved in the collaboration, as well as the work in progress and future
avenues to explore.

About the presenter

Dr. Vargas Martin

is the chief technology officer of an
R&D company that o
f
fers innovative web tools.
Former
he
was a post
-
doctoral
researcher at Alcatel Canada and
Carleton University in Ottawa, Ontario. He has reported
his work in more than 50 journals, book chapters, confe
r-
ence papers and technical r
e
ports, and so far has supe
r-
vised more than 20 students at the graduate and unde
r-
gra
duate level. He is the sole inventor of one full patent application in Canada
and the United States, and co
-
inventor in one provisional patent in the U.S.

H
is
major fields include intrusion detection and mitigation of disruptive traffic,
security issues of

voice over IP systems, and technical approaches for
fighting Internet child exploitation, an area that he pioneered at UOIT since
2004.
His

second research domain is the optimization of websites and virtual
learning environments
.




Dr. El
-
Khatib worked
former as a research assistant in the
Computer Science department at AUB,and later he joined
the Nortel Networks as a software d
e
signer. From Febr
u-
ary 2002, he was a research officer in the Network Co
m-
p
u
ting Group (today:Information Security Group) at the

National Research Cou
n
cil of Canada. He had joined UOIT
in July 2006.His research interests include: Biometrics;
Cloud computing; E
-
health; Feature interaction for VoIP;
IP t
e
lephony; Personal and service mobility; QoS for mu
l-
timedia applications; S
e
curi
ty and privacy issues in wir
e-
less sensor network and in mobile wireless ad hoc ne
t-
works (MANET); and Ubiquitous computing environments (smart spaces).


10


Information Security for SME sector companies

Vainikka, Esko

Turku University of Applied Sciences

esko.vainikka@turkuamk.fi

Abstract

Every company or organization has information and data that must be pr
o-
tected. This information can be e.g. personal data, business secrets, etc. (let’s
call them information or business assets) and it can be owned by
them or by
their customers, partners, etc. Furthermore the information or data can be
located in the companies’ own premises or in their service providers’ premi
s-
es.

If the company does not protect its information assets well enough the result
can be a lea
kage of information. That leakage can generate e.g. the loss of
company’s reputation, customers & partners and it can destroy the comp
a-
ny’s business opportunities. The result can also be juridical sanctions. One
example of possible sanctions is European Co
mmission’s proposal for the
new regulation for General Data Protection Regulation (2012/0011) in EU
which gives the public authorities a mandate to impose quite heavy monetary
sanctions to companies or organizations which violates that regulation (Article
79) 1. An example from lost business is the case where Dutch Certificate A
u-
thority Diginotar B.V. went into bankruptcy in September 2011 after it
emerged that some intruders were able to install their own software code in
Diginotar’s IT systems and to gene
rate several real digital certificates for their
purposes 2.

Large companies have by default better possibilities to take care of their i
n-
formation security and to

protect their information assets because they usua
l-
ly have more skilled ICT and information

security personnel. SME sector co
m-
panies do not necessarily have that kind of personnel at all. In spite of skilled
personnel also large companies have had problems with their information s
e-
curity. Good examples from that are e.g. data breaches in Sony Pl
aystation
network (April 2011) and RSA Security (also in 2011). A good place to find
personal data breaches happened in USA is Privacy Rights Clearinghouse
(
www.privacyrights.org/data
-
breach/new
)
. In EU we don’t have that kind of public
source so far.

According to Symantec Corp.’s new report ‘Internet Security Threat Report
2013’ globally 31% of all targeted attacks targeted companies with less than
250 employees
3
. One reason for this may be
that attackers have recognized
the lack of security controls and information security awareness in SME se
c-
tor companies. Aforementioned situation is really bad because it can form
some kind of avenue for attacks against SME sector companies’ larger par
t-
ner
s which have real “crown jewels”. Very often SME sector companies think
that they don’t have anything valuable for attackers but really they have. Sim
i-
lar or even more dramatic results can be found in Verizon Business’ report
‘2013 Data Breach Investigati
on Report’ which shows that SME sector co
m-
panies with 1


100 employees had globally most data breaches in the year
2012
4
.


11


Finnish Chambers of Commerce and Helsinki Region Chamber of Commerce
published in May 2012 report about their survey’ Preventing C
rime and Mi
s-
conduct in Business 2012’
5
. Unfortunately the report is available only in Fin
n-
ish. The results are somehow inconsistent with the aforementioned Syma
n-
tec’s and Verizon Business’ reports. The situation in Finnish SME sector co
m-
panies does not di
ffer so much from the global situation. Our students in TUAS
have conducted in practice some information security and risk assessments
in SME sector companies in Turku region. The preliminary results indicate that
the situation is similar as globally. The
level of the understanding information
security issues, information security risk management and awareness is quite
low.


We have recently established in TUAS a research group named as ‘Information
Security and Privacy’. One of our goals is to conduct a s
tudy with some of our
students what is the real level of information security in SME sector comp
a-
nies in Turku region. Based on the results we will plan further actions e.g. how
to raise awareness, how to get SME sector companies to understand the i
m-
portan
ce of information security issues to their business and how to improve
the usage of security controls. One very interesting research topic will be to
study whether SME sector companies understand information security risks
relating to outsourced ICT servic
es and cloud computing. One goal is of
course to start to conduct scientific research in information security field. Our
aim is also to find suitable partners from the academic and business worlds,
and from the industry for our research.


For the final wor
ld we must always keep in mind that information security is an
enabler for business, not a preventer for it!

About the presenter



see former information above

References

1.

Commission proposes a comprehensive reform of the data protection
rules. European
Commission. 2012. Referred 20.5.2013. Available on
http://ec.europa.eu/justice/newsroom/data
-
protection/news/120125_en.htm.

2.

DigiNotar Files for Bankruptcy in Wake of Devastating Hack. The Wired.
2011. Referred 20.5.2013. Available on
http://www.wired.com/t
hreatlevel/2011/09/diginotar
-
bankruptcy/.

3.

Internet Security Threat Report 2013 Volume 18. Symantec Corporation.
2013. Referred 20.5.2013. Available on
http://www.symantec.com/security_response/publications/threatreport.jsp
?inid=us_ghp_hero1_istr
-
2013.

4.

2013 Data Breach Investigations Report. Verizon Business. 2013. Referred
20.5.2013. Available on
http://www.verizonenterprise.com/DBIR/2013/
.

5.

Preventing Crime and Misconduct in Business 2012. Finnish Chambers of
Commerce and Helsinki Region Chamber of Com
merce. 2012. Referred
20.5.2013. Available on
http://kauppakamari.fi/hankkeet/julkaisut/yritysten
-
rikosturvallisuus/
.




12


Camim Talk

Giuseppe Berio

Université

de Bretagne
-
Sud

Giuseppe.Berio
@
univ
-
ubs.fr

Abstract

Information (and knowledge) is nowadays a key

for effectively and successfu
l-
ly managing organisations both in private and public sectors. Therefore, i
n-
formation management and related areas, such as knowledge management,
are, by consequence, key issues for all organisations. We think that current
and

future students need to be formed for specific jobs related to information
management: currently information management is very often studied within
traditional disciplines without providing to students a quite complete and us
e-
ful global vision and unders
tanding. In our case, computer science and eng
i-
neering curricula are quite oriented to computer based infrastructures and
tools required to manage information.


Curricula in mathematics and statistics, while addressing some computer r
e-
lated issues, remain

quite disciplinary and students are not aware enough of
what they eventually manage (i.e. information). Finally, concerning curricula in
enterprise management, economy and accounting, enrolled students are very
focused on specific types of information and

they remain users of computer
based infrastructures and tools. We think that we really need to address sp
e-
cific topics in a specific manner for delivering key competencies to students.


These competencies, which, we think, are still an open question and
probably
need to be discovered, are basically related to data, their formats, their pr
o-
duction and storage, their quality, their interpretation (turning data into info
r-
mation) and governance. Then, a very central point is how to use all existing
techniques

for joining, merging or integrating data from disparate data
sources. Automated information and knowledge extraction, visualisation in
adapted tools and other specific tasks should also suggest key competencies.


Specific usages of available information
(and knowledge) should also suggest
key competencies. Finally, the “why dimension” (why we need to address
some data and may be no other ones, some sources, some techniques, and so
on) and the benefits (such as profitability, leadership, managing risks and

costs, and so on) should also suggest key competencies.


However, we think that it will be difficult for a student to acquire all suggested
competencies, also because some of those competencies may be tightly co
n-
nected to specific usages and applications
. As a consequence, our current
proposal has been to create one adapted curriculum. This curriculum is not
intended to deliver all those competencies to students but to complement
their competencies, related to information management, acquired within one
d
iscipline (and one curriculum)


with competencies acquired when working
with other students belonging to other disciplines (and curricula) on common
projects. In this sense, the adapted curriculum is strongly based on acquiring
competencies through “learni
ng by doing”.

13


In practice, a student enrolled in one of the existing curricula, quite discipl
i-
nary (such as computer science), will be also enrolled in the adapted curric
u-
lum and in adapted modules of the adapted curriculum. The adapted modules
are existi
ng modules specifically redesigned to be included in the adapted
curriculum.


The objective of this talk is to present how the adapted curriculum has been
designed in more detail and its current status. A special attention will be d
e-
voted to discuss how
the adapted curriculum fits better incoming internatio
n-
al student mobility.

About the presenter

Giuseppe Berio

is p
rofessor of Computer Science

at the
Université de Br
e
tagne
-
Sud
.

His
fields of i
nterest:

languages and methodologies for information
systems
design, En
terprise model
ing and
ICT architectures
.


Teaching areas:

Design
, analysis, evaluation of model
ing langu
ages for
multi
-
perspective mode
ling and method

engineering
.


Some words on Université de B
r
etagne
-
Sud

The University of

South Brittany (UBS) is a French public scientific, vocational
and cultural institution. A medium
-
sized university with strong local ties, UBS
is network
-
based, multidisciplinary in outlook, modern in its culture of a young
university (opened in 1995) and

youthful in its staff and outlook.

With a teaching staff of 782 lecturers of whom 484 are professors and senior
lecturer
-
researchers, UBS has currently more than 8000 students enrolled
and offers some 100 degree courses, ranging from Bachelor's level to
doctoral
studies. Located over three sites in Lorient, Vannes and Pontivy, it possesses
more than 88 187 m
²
of built surface.

The university comprises

6 faculties and associated institutions each of which
possesses a certain degree of autonomy in their ac
tivities.

Each faculty or institution is presided over by a director (or dean in the case
of the Law a
nd Economics). The director is

elected by the council made up of
students, members of faculty, administrative and technical staff. The board
takes all t
he decisions which directly concern the department such as budget,
degrees programme contents, etc).

Faculties and institutions:


Faculty of
Sciences and Engineering Sciences


Faculty of Arts an
d

Social Sciences


Faculty of Law, Economics Sciences and Management


Lorient Institute of Technology


Vannes Institute of Technology


Engineering School (ENSIBS)




14


Cross Atlantic Method for Case Analysis and Writing
(CAMC)

Bob Travica
,

Péter Dobay

University of Pécs,

University of Manitoba

Abstract

CAMIM students have faced a
challenge of studying from teaching case stu
d-
ies that could not have been written for an international readership. In this a
r-
ticle we reflect on our experience with the case method and analyze a sample
of cases from the perspective of business process and
national/organizational
culture. We argue that the cases are deficient in addressing both the cultural
and business process aspects. To improve this, we propose a Cross Atlantic
Method for Case Analysis and Writing (CAMC). Two cases illustrating some of
ou
r ideas appear in Appendix.

In this contribution we shortly overview the progress of process
-
focused
managerial thinking, related to IT management
-

oriented cases used in bus
i-
ness education. We guess process approach indicates its vitality today and
symbolizes the intellectual cooperation between North America and Europe.
The advent of this approach could be traced back to North
-
American Frede
r-
ick Taylor, and to a French engineer and management writer Henry Fayol.


Today, effective “information proces
sing” is the essential role of corporate
information systems, monitoring organizational activities and automate co
n-
trol. Documentation is rather used in electronic form, data and information are
communicated through networks.


In our opinion organization
al culture is also insufficiently involved in case
studies, while a broader cultural perspective is missing, except when it is a
declared topic. This is problematic because students cannot understand the
context of business processes without invoking organ
izational culture. Also, if
a case writer misses to delineate organizational culture from a broader cu
l-
ture, students may make inappropriate generalizations. Case writers need to
be established the relationship between the two cultural layers with due car
e
in order to avoid invalid stereotyping.


We believe that the deficiencies in addressing the process and cultural a
s-
pects in teaching cases represent a significant educational problem. As the
management education is becoming global, it is important for st
udent to learn
a “universal language” in case analysis, which the process approach supplies.


The process approach is superior in identifying the angle of business problem
analysis that suits the perspective of IS. It is equally important for the st
u-
dents

to be sensitive to difference in organizational and national cultures.

According to CAMIM Project objectives we assumed comparison of “North
-
.American” and “Hungarian” style IT/IS cases whether they differ in handling
IT
-
supported processes. We do hope t
his type of cases would be successfully
used in those international student groups which we face at in mobility e
x-
change programs.



15


About the presenters

Bob Travica

received his Ph.D. in Information Sy
s-
tems, Syracuse University, 1995. His dissertation
title
was “
Information Technology and the Non
-
Traditional Organization: An Exploration into the
Accounting Industry
”.

Got his M.A. in Communication, SUNY
-
Albany, with
a thesis: “Computer Mediated Communicat
ion in
IBM: A Study of Electronic Mail and Computer
Conferencing” . Received his BA in Journalism, at
University of Belgrade, 1980.

Since 2007 to present he is an associate Professor of
Management of

Info
r-
mation Systems, Asper School of Business, Universi
ty of Manitoba, Canada.
Since 2011
-
present: Visiting Professor, Faculty of Economics, University of
Ljubljana, Slovenia
.
Formerly between 1994
-
2001: Assistant Professor of I
n-
formation Science, Indiana University; Affiliate of Russian & East European
Insti
tute and of Center for Latin American & Caribbean Studies

1988
-
1993: Teaching & Research Assistant, Syracuse University and SUNY
-
Albany ; 1987
-
1988: Software entrepreneur, owner of a database development
company

His research interest is Informing

(Information); View of Organization

Information systems and new organizational designs ; The role of information
technology and systems in globalization and other .


Péter Dobay,

professor, PTE Faculty of Business and Ec
o-
nomics Head of D
e
partment of BIS, was
born in Pecs,

received his Masters diploma as teacher in Math & Physics
in Szeged, JATE, 1972. Founder of the Department of

Informatics of the Faculty in Pecs. His university doctoral
thesis
was defended on Computer Simulation Models

in
1975, and in 1989 he received his PhD in „Computer Aided

Systems in
Logistics”. He visited the US as a Soros
-

and
later as a Fulbright Scholar, teaching two semesters on
BIS

at Portland State, Oregon
. Has served as a vice
-
rector
for his University for

4 years and visited numerous EU

universities as a scholar between 1990 and 1998.

He has been active member in committees establishing the TEMPUS

exchange programs, the post
-
secondary education system and the Bologna
-
process

in Hungarian HE
. In 2000
-
200
3 he
served as

a Dean of the Faculty,
was a
founder of IveTar (Regional CIO Association)

in 2009,
now the vice
-
president of the John
von
Neumann
Computer
Society
. A
lso he is Hungarian
representative for IFIP TC9 “Human and Computers”.

In 2006 he was again a
visiting lecturer in
Kentucky,
USA.

His research fields, articles and books are on corporate information systems,
information and knowledge management, relations of business and the ICT
sector. Teaches in Hungarian and in English o
n BA, MA and PhD levels.

Received the „Baranya County Research & Education Award” in 2000, and
„Merit of Hungarian Republic” in 2005.


16


Online v
ideo lecture
s

(
from Turku

and Salo
, Finland
)

Capture the Flag (CfT) information
security competition

Jarkko
Paavola

(TUAS), Khalil El
-
Khatib (UOIT),

Garrett Hayes (UOIT)

Abstract

On Sunday February 10th, University of Ontario Institute of Technology (UOIT)
organized Capture the Flag (CfT) information security competition for st
u-
dents. The competition was
sponsored by Symantec and Sentry Metrics. The
aim of the competition is to allow students to capitalize on their comprehe
n-
sive knowledge of information security and networking technologies. In the
competition students acted as state
-
sponsored attackers, pu
tting their skills
to the test while trying to hack into an enterprise
-
level network. The motivation
of this competition is to raise security awareness while proving a real
-
world
scenario that can be used as a basis for secure system design.

UOIT put on h
ard effort to allow Turku University of Applied Sciences (TUAS)
student team to participate remotely with VPN connection. The effort was
success and TUAS student team engaged the competition from 4 pm to mi
d-
night Finnish time that Sunday night.

This proje
ct shows how beneficial international collaboration can be in the
best case. Students were enthusiastic about the opportunity and it gave huge
boost to their motivation to study information security related issues.

The competition was also acknowledged in

Finnish media.

http://news.uoit.ca/archives/2012/11/uoit
-
makes
-
its
-
mark
-
at
-
gta
-
security
-
conference.php



About the presenters

Jarkko Paavola,

Principal


lecturer

The Faculty of Life Sciences

and Business



Dr. Khalil El
-
Khatib,


Associate Professor,



UOIT FBIT



Garrett Hayes, IT Networking and Security
graduate, and current

Master of Science student (Computer Science).



Online video lecture

(
from
Salo
, Finland):

Experiences of about Business Academy in Salo

Jaana Kallio
-
Gerlander