Showing posts with label IT security. Show all posts
Showing posts with label IT security. Show all posts

28 February 2019

QFD Security Deployment

finger vein authentication system
- graphic by nih.org
In 2007 International Symposium on QFD, a case study was presented involving the development of a finger vein authentication device for the financial and security industries.

Initially designed for medical device, this technology captures high-contrast maps of finger veins from an image obtained from light transmission, with the help of artificial intelligence, and matches them to the pre-registered vein patterns to authenticate the identity of an individual.

At that time, the company, Hitachi Omron Terminal Solutions, Ltd., believed that their system made forgery very difficult because it was the only type of authentication methods that used internal physiological characteristics that are invisible externally and hard to reproduce.

Fast forward, in December 2018, German researchers reported that they were able to hack this particular security system by replicating a human hand's veins by using off-the-shelf materials.

So here is yet another example of the never ending cat-and-mouse game played by technologies and hackers.

How can QFD / ISO 16355 help to build-in better security designs during the produce development process?

Like in many Systems Engineering problems, it is useful to begin by separating the problem space from the solution space. By creating a vertical Security Deployment, we can look at the problem space from multiple perspectives.

Here are some possible charts that may be used:
  1. Security Tree Analysis (STA)
  2. Customer Needs - Security Matrix
  3. Functional Requirements - Security Matrix
  4. Function - Security Technology Matrix
  5. System/Subsystem - Security Matrix
  6. Component - Security Matrix
  7. Build - Security Table

More details on such QFD Security Deployment process are explained at qfdi.org

Also, the QFD Institute is now developing these new tools for training in a number of industries including health care and IT products and services.

Today security concern is everybody's business today, not limited to the responsibility of IT and engineering, since a single security breach could wreck an otherwise well-designed new product or a business plan.

To begin your journey to understanding how ISO QFD tools could be useful for your work, we invite you to the upcoming training.

© QFD Institute & Glenn Mazur



27 July 2013

QFD for cloud computing security, e-learning systems, service industry, FMEA, VOC codification

This continues a preview of the upcoming The 19th International Symposium on QFD (ISQFD) on September 6-7 in Santa Fe, New Mexico USA.

The 2-day symposium welcomes people of all levels QFD, from the beginner to the experienced, people of countries and industries. It is complimentary to the attendees of QFD Green Belt® Certificate Course and QFD Black Belt® Certificate Course  We hope you will join us!

See the previous posts:



QFD and Requirements Prioritization: A Survey on Security Requirements for Cloud Computing

(image - Clound Computing security)Prioritization is an essential task within QFD, and QFD is highly suitable for the development of Cloud Computing (CC) applications where non-functional requirements play a main role. Many of them are security requirements, often the main concern for CC investments. This paper introduces the usage of QFD for Cloud Computing (CC). In this research, CC security requirements were prioritized by pairwise comparison, showing that not all security requirements are equally important. With this finding, the appropriate usage of QFD for CC development will be discussed.

Keywords: QQFD, Requirements Prioritization, Security Requirements, Cloud Computing, GERMANY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Improving a Learning Management System based on QFD and Service Oriented Architecture (SOA)

(photo - Service Oriented Architecture QFD for e-learning system)This paper reports how to improve web-based Learning Management Systems (LMS) through integration of the elements of Service Oriented Architecture (SOA) and Quality Function Deployment (QFD).
The users of an LMS are typically invisible to the systems developers and administrators, However, understanding the user needs has high priority in any networked learning systems, in order to develop and implement effective virtual learning services that meet diverse expectations of the users. An example will be presented based on a Turkish platformed LMS.

Keywords: Learning Management System, Service, Service Oriented Architecture (SOA), QFD (Quality Function Deployment), TURKEY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

A Study of Service Quality Improvement Using the Theories of Nonverbal Communication, FMEA and QFD

(image - customer service)Study of service industry presents unique challenges because of soft issue measurements such as quality evaluation and service quality.
With this in mind, the authors propose a quality improvement process specifically for service industry. The presentation will include a case study using non-verbal communication, FMEA, and QFD.

Keywords: Service Quality Improvement, QC story, QFD, JAPAN

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

A Statistical Engineering Approach to Codifying the Voice of the Customer

(image - HOQ whats and hows)Virtually all design projects involve the collection/processing of the Voice of the Customer to develop a set of requirements to which the producer designs their process/product.Approaches to efficiently and effectively deriving those requirements involve multiple techniques from the fields of market research, quality engineering, design engineering, and inferential statistics. This paper proposes a way to create a logical flow for the Voice of the Customer processing by codifying a series of tools into a linear statistical engineering road-map, and thereby more efficiently populating the House of Quality matrix that uses the "whats" (functions) and "hows" (functional requirements) approach. The exposition is supplemented with a lucid hypothetical example.

Keywords: Voice of Customer, Function Analysis, Kano classification, Analytic Hierarchy Process, Function Requirements, Specifications, Quality Function Deployment, USA



View more papers & presentations

QFD Courses at this symposium

How to Attend