Repository logo
 
Profile Picture
Person

S. Mamede, Henrique

Metadata only
7F17-9DAD-C007
0000-0002-5383-9884

Filters

2020 - 202451
Reset filters

Settings

End date: 2024 × Start date: 2020 ×

Search Results

Now showing 1 - 10 of 51
  • Combining low-code development with ChatGPT to novel no-code approaches: a focus-group study
    Publication . Martins, José; Branco, Frederico; São Mamede, Henrique
    Low-code tools are a trend in software development for business solutions due to their agility and ease of use. There are a certain number of vendors with such solutions. Still, in most Western countries, there is a clear need for the existence of greater quantities of certified and experienced professionals to work with those tools. This means that companies with more resources can attract and maintain those professionals, whilst other smaller organizations must rely on an endless search for this scarce resource. We will present and validate a model designed to transform ChatGPT into a low-code developer, addressing the demand for a more skilled human resource solution. This innovative tool underwent rigorous validation via a focus group study, engaging a panel of highly experienced experts. Their invaluable insights and feedback on the proposed model were systematically gathered and meticulously analysed.
    2023-11-01Journal article Restricted access Show more
  • Next generation of microservices for the 5G Service‐Based Architecture
    Publication . Moreira, João Bourbon; São Mamede, Henrique; Pereira, Vasco; Sousa, Bruno
    The architecture for 5G core includes a Service-Based Architecture for the diverse network functions (NFs), which relies on HTTP/2 for the SBI and TCP as the underlying transport protocol. The specifications of the HTTP family is moving towards more efficient and secure protocols, which are based on UDP to assure enhanced transport but using TLS to secure the communication channel. The next generation of microservices needs to be more secure, per- formant and easily manageable, where HTTP/3 and containers orchestration platforms (like Kubernetes) can provide significative contributions towards such goals. Different deployment approaches can be followed for services implemented in compliance to the 5G SBA. This paper contributes with the assessment of deployment models for services in 5G networks, where NFs are implemented following traditional architectures (all the functions in a VM) or as serverless architectures (with functions distributed in containers). The per- formance of microservices in Kubernetes is also evaluated. The evaluation con- ducted also considers the employment of different versions of HTTPs to empower the service-based interfaces of 5G services. Results demonstrate per- formance benefits of employing HTTP/3, based on QUIC protocol, in scenarios with networks characterised by losses or delay conditions. Despite such gain, deployment in 5G networks needs to carefully consider aspects related with connection tracking mechanisms to support high volumes of requests.
    2020Journal article Restricted access Show more
  • A survey on association rule mining for enterprise architecture model discovery
    Publication . Pinheiro, Carlos; Guerreiro, Sérgio; São Mamede, Henrique
    Association Rule Mining (ARM) is a field of data mining (DM) that attempts to identify correlations among database items. It has been applied in various domains to discover patterns, provide insight into different topics, and build understandable, descriptive, and predic- tive models. On the one hand, Enterprise Architecture (EA) is a coherent set of principles, methods, and models suit- able for designing organizational structures. It uses view- points derived from EA models to express different concerns about a company and its IT landscape, such as organizational hierarchies, processes, services, applica- tions, and data. EA mining is the use of DM techniques to obtain EA models. This paper presents a literature review to identify the newest and most cited ARM algorithms and techniques suitable for EA mining that focus on automating the creation of EA models from existent data in application systems and services. It systematically identifies and maps fourteen candidate algorithms into four categories useful for EA mining: (i) General Frequent Pattern Mining, (ii) High Utility Pattern Mining, (iii) Parallel Pattern Mining, and (iv) Distribute Pattern Mining. Based on that, it dis- cusses some possibilities and presents an exemplification with a prototype hypothesizing an ARM application for EA mining.
    2023-12-21Journal article Restricted access Show more
  • Transforming physical enterprise into a remote organization: transformation impact: digital tools, processes and people
    Publication . Saraiva, Celia; São Mamede, Henrique; Silveira, Maria Clara; Nunes, Marco
    This paper aims to define a problem to be studied and summarize previous research work done. Remote work or telework enterprise model has been a growing trend. The Covid-19 pandemic forced businesses to adopt a temporary remote-working mode. Now managers are investigating whether this “new” working-mode is, or not, a better approach than the traditional working mode known as the “office model”. The proposed framework will support the transformation process from a physical into a remote work model supported by applying digital tools and methods. Furthermore, the framework proposed in this work aims to help business decision makers to decide which organizational model they should adopt after Covid-19: full-remote; “hybrid” or partially remote; or physical, also known as “going back to the office”. A simple and pragmatic framework is proposed to help organizations: understand if it’s possible to transform a business from a physical (“at the office”) to a full or partial remote model; define the main goals of this transformation; create a simple template to map the new digital enterprise architecture in terms of tools, data management, business processes and human resources (job functions and digital skills).
    2021Conference object Restricted access Show more
  • Framework for designing business continuity: multidisciplinary evaluation of organizational maturity
    Publication . Russo, Nelson; Reis, Leonilde; Silveira, Clara; São Mamede, Henrique
    In a competitive business environment, strongly supported on Information and Communication Technologies (ICT), organizations increasingly need to be prepared to cope with disruptions in their activity and business processes. Business Continuity Management (BCM) encompasses effective planning for the relaunch of business processes in the short term, through the implementation of a Business Continuity Plan (BCP), which constitutes a decisive management factor for the continuity of value creation or guarantee of delivery of goods or services, to safeguard the business survival. This work addresses this issue, supported by a preliminary literature review oriented to identify and relate the common basis of components and activities of the BCM in the normative references, models and libraries of good practices, in order to explore the identification of its gaps in driving an achievable instrument to all organization sizes, considering each component of the BCM, allowing to assess the stage of preparedness, implementation and appraisal of the essential elements, with greater focus on ICT systems, that guide the BCM and the design of a BCP tailored to an organization.
    2021Conference object Restricted access Show more
  • Towards a comprehensive framework for the multidisciplinary evaluation of organizational maturity on business continuity program management: a systematic literature review
    Publication . Russo, Nelson; Reis, Leonilde; Silveira, Clara; São Mamede, Henrique
    Organizational dependency on Information and Communication Technology (ICT) drives the preparedness challenge to cope with business process disruptions. Business Continuity Management (BCM) encompasses effective planning to enable business functions to resume to an acceptable state of operation within a defined timeframe. This paper presents a systematic literature review that communicates the strategic guidelines to streamline the organizational processes in the BCM program, culminating in the Business Continuity Plan design, according to the organization’s maturity. The systematic literature review methodology follows the Evidence- Based Software Engineering protocol assisted by the Parsifal tool, using the EbscoHost, ScienceDirect, and Scopus databases, ranging from 2000 to February 2021. International Standards and Frameworks guide the BCM program implementation, however, there is a gap in communicating metrics and what needs to be measured in the BCM program. The major paper result is the confirmation of the identified gap, through the analysis of the studies that, according to the BCM components, report strategic guidelines to streamline the BCM program. The analysis quantifies and discusses the contribution of the studies on each BCM component to design a framework supported by metrics, that allows assessing the organization’s preparedness in each BCM component, focusing on Information Systems and ICT strategies.
    2023Journal article Open access Show more
  • Automation of enterprise architecture discovery based on event mining from API Gateway logs: state of the art
    Publication . Pinheiro, Carlos Roberto; Guerreiro, Sergio; São Mamede, Henrique
    Enterprise Architecture (EA) is defined as a coherent set of principles, methods, and models used to design an organizational structure, containing business processes, information systems (IS), IT infrastructure, and other artefacts aiming the alignment of business, IT, and other organizational dimensions with the strategic objectives of a company. One of the most critical in Enterprise Architecture Management (EAM) is creating EA models representing different viewpoints for managing various company concerns on its IT landscape. At the same time, the speed of changes pressures EAM to automate modeling activities. In this context, architects need adequate tools to discover the current state of EA, enabling analyzing improvement opportunities and support architectural decisions making in a fast and agile way with more precision about the real conditions. EA Mining is the use of data mining techniques to automate the creation or update of EA models with data collected from different data sources. This work presents an exploratory review of the literature to gather the state of art on EA mining models from applications logs pursuing to automate the architecture modeling. Through this literature review, we identified the main aspects, techniques, and challenges of EA modeling automation.
    2021Conference object Restricted access Show more
  • Improving social engineering resilience in enterprises
    Publication . Ribeiro, Ricardo; Mateus-Coelho, Nuno; São Mamede, Henrique
    Social Engineering pose a significant problem for enterprises. Cybercriminals continue developing new and sophisticated methods to trick individuals into disclosing confidential information or granting unauthorized access to infrastructure systems. These attacks remain a significant threat to enterprise systems despite significant investments in technical architecture and security measures. User awareness training and other behavioral interventions are critical for improving Social Engineering resilience. Training and education programs for users are crucial in reducing the probability of these attacks. Compliance with security policies and procedures is significantly improved through education-based training. A security culture involving all stakeholders is also essential, as open, and honest communication from management can increase user awareness of potential threats. Emotional biases such as fear, trust, and curiosity also impact susceptibility to attacks, but personal traits that make individuals vulnerable require further investigation. This paper aims to research and identify effective interventions that improve SE resilience, addressing objectives such as examining the literature on behavioral, technical, and organizational by performing an SLR of factors that contribute to SE attacks in enterprises and their impact on cyber security and semi-structured interviews to give voice to employees on several vital roles, leveraging this way a theoretical and practical understanding on the difficulties and solutions enterprises face constantly. Furthermore, the objective is also to investigate the effectiveness of different enterprise interventions to improve SE resilience, including user awareness training, technical controls (filtering and monitoring), and organizational strategies (security culture interventions), and to identify factors that increase or prevent the success of these interventions and how they interact with each other to improve SE resilience. Therefore, it aims to provide a comprehensive assessment of the state of knowledge in this field and propose a framework by identifying best practices for improving Social Engineering resilience in organizations while supporting the development of new research studies to address this subject. Its goal is to help enterprises of any size leverage this framework to reduce the risk of successful Social Engineering attacks and improve their culture of security awareness.
    2023-08Journal article Open access Show more
  • Risk compliance and master data management in banking: a novel BCBS 239 compliance action-plan proposal
    Publication . Martins, José; São Mamede, Henrique; Correia, José
    For some years now, master data has become extremely relevant to business success and continuity in an increasingly competitive and global business environment. The banking sector is one example of how the implementation of well-structured and designed master data management policies and initiatives is crucial for reaching positive results. One of the areas in which banks need to ensure extremely fruitful master data management approaches and data governance procedures is when dealing with risk-related data, as it not only ensures accurate and well-supported management and decision-making, but also because banks are required to do so by imposed regulations, such as the BCBS 239. Drawing on a DSR methodology supported research project, where banking and IS-related expertise was continuously merged with existing theoretical knowledge on MDM and BCBS 239 related topics, and a permanent focus on the technical and functional complexity associated with implementing master data management and well-established data governance procedures that ensure regulatory compliance, we propose a novel, six-phase action plan that will allow banks to ensure compliance with BCBS 239 and, consequently, ensure efficient and effective risk data management and reporting.This work was supported by National Funds through the Portuguese funding agency, FCT - Fundação para a Ciência e a Tecnologia, within project LA/P/0063/2020
    2022-06Journal article Open access Show more
  • Phishing and advanced persistent threats
    Publication . Brandao, Pedro Ramos; São Mamede, Henrique
    The paper addresses one of the techniques mor used by Advanced Persistent Threats attacks, phishing. The paper demonstrates the complexity of the technique, explains how attacks can be carried out, and presents defense techniques, and strategies against phishing attacks. The article also presents a summary description of what an Advanced Persistent Threat attack is. This description characterizes this type of attack.
    2022Journal article Open access Show more