Score
Designing and operating large-scale business systems with enterprise requirements such as multi-tenancy, integration (APIs, ESB), SSO/IAM (SAML, OAuth), RBAC, audit/compliance (SOX, GDPR), scalability, high availability, and hardened deployment patterns including network segmentation, intrusion detection, and patch/upgrade strategies.
This study addresses critical challenges faced by regulated enterprises—including cross-system data inconsistencies, reconciliation difficulties, asset record drift, and overreliance on manual audits—by proposing the GERA framework. GERA innovatively integrates deterministic reconciliation, robust anomaly detection based on Z-Score and its variants, governance-driven semantic standardization, and NIST CSF 2.0 security controls within a four-layer architecture comprising ingestion, staging, core modeling, and semantic services. Empirical validation across banking, broadband service providers, and technology firms demonstrates that the framework significantly enhances reconciliation automation and audit readiness, effectively mitigating 39% of compliance deficiencies identified during PCAOB inspections.
This study addresses the lack of systematic guidance for enterprise software teams in choosing between monolithic and microservices architectures. The work proposes a decision-making framework that integrates technical and organizational factors, evaluating the trade-offs of each architecture across dimensions such as scalability, reliability, deployment efficiency, and organizational complexity. The assessment is grounded in system scale, business requirements, operational maturity, and long-term maintainability. Through architectural pattern analysis, a structured evaluation model, and multiple case studies, the authors develop a practical selection methodology tailored to real-world engineering contexts. This approach offers enterprises clear architectural evolution pathways and actionable guidelines aligned with their developmental stages, thereby significantly enhancing the rationality and sustainability of system design decisions.
Facing the dual challenges of cloud-first business model expansion and increasingly stringent global data compliance requirements, this paper proposes an ISO/IEC 27001/27017/27018 certification service framework tailored for mid-sized, high-growth technology enterprises. Methodologically, it introduces a modular audit template, a certification-readiness toolkit, and a cross-mapped control framework integrating SOC 2 and CIS controls—enabling standardized, replicable, and rapid delivery. The approach encompasses compliance gap analysis, risk-based audit design, client empowerment workshops, and a digital readiness assessment tool. Within one year, the framework successfully enabled certification for over 20 clients, generating >$1M in revenue and achieving 150% client growth. Results demonstrate its efficacy in enhancing compliance efficiency, reducing implementation costs, and strengthening trust-based service branding. This work establishes a scalable, transferable practice paradigm for SMEs seeking internationally recognized cybersecurity certifications.
Conventional requirements engineering tools lack direct access to SysML architecture models, leading to redundant requirement definitions, semantic fragmentation, and broken traceability. Method: This paper proposes an executable, structured requirements metamodel that integrates INCOSE requirements writing practices with SysML modeling capabilities. Strictly aligned with ISO/IEC/IEEE 29148 and INCOSE guidelines, it leverages a SysML Profile extension, an MBSE integration framework, and a compliance rule engine to enable native interoperability between requirements and architecture models. Contribution/Results: The metamodel was deployed and validated on two real-world NASA JPL space systems. It significantly improves requirement semantic completeness and verifiability, enhances coverage of the NASA Systems Engineering Handbook checklist, and—critically—provides the first empirical evidence of rapid improvement in requirements expression quality. The evaluation also identifies key bottlenecks in current toolchains regarding automated support for such integrated practices.
Contemporary BI systems face three critical challenges in the LLM era: legacy functionalities inadequately support dynamic analytical requirements; single-turn SQL generation impedes iterative, clarifying multi-turn interactions; and cross-domain adaptation incurs prohibitively high customization costs. To address these, we propose SiriusBI—the first end-to-end, LLM-augmented BI system designed for industrial deployment. It introduces an application-oriented multi-turn dialogue query module, a dual-path SQL generation mechanism balancing accuracy and deployment efficiency, and a full-stack BI orchestration engine spanning data preparation, analysis, and visualization. Built on a cloud-native microservice architecture, SiriusBI has been deployed across Tencent’s financial, advertising, and cloud business units, achieving SQL accuracy rates of 97%, 89%, and 91%, respectively. As a standalone cloud service, it supports dozens of external enterprises, demonstrating industrial-grade practicality, robustness, and scalability.
This study addresses the lack of systematic methodologies for selecting data architectures in modern organizations grappling with vast, heterogeneous data environments. To this end, it proposes the DATER conceptual framework, which establishes a unified taxonomy of technical requirements and systematically examines the historical evolution, core characteristics, and applicability boundaries of six prominent data architectures: data warehouses, data lakes, lakehouses, data fabrics, and data meshes. Through conceptual modeling and multidimensional comparative analysis, the framework clarifies overlaps and distinctions among these architectures, articulating their respective strengths and limitations. By offering a structured evaluation tool, DATER significantly enhances the strategic alignment and contextual appropriateness of data architecture design for both researchers and practitioners.
This work addresses the lack of user-centric integration in existing decentralized identity systems, which obscures the delineation of responsibilities and dependencies among stakeholders concerning security and privacy. To bridge this gap, the paper proposes the first role-oriented, structured architectural model grounded in self-sovereign identity principles. It decomposes complex non-functional requirements into 24 distinct attributes and systematically assigns them across four key roles: data owner, issuer, verifier, and system. By integrating requirements engineering with trust modeling, the approach achieves a coherent alignment between user-centered needs and system design. This unified framework provides both theoretical grounding and architectural support for developing decentralized identity systems that are more secure, transparent, and user-controllable.
In multi-stakeholder platforms, software architecture decisions often implicitly entrench conflicting requirements without systematic support for mapping governance principles to technical design. This work proposes the first governance-architecture alignment framework, explicitly linking five core governance principles to the space of architectural decisions, thereby rendering implicit governance stances identifiable and contestable. The framework also exposes how default technical choices can obscure underlying value commitments. Feasibility is preliminarily demonstrated through a constructive case study of a pig-farming knowledge platform in Rwanda. Future work will employ pre- and post-intervention user judgment studies to evaluate the framework’s impact on actual governance outcomes.
Enterprise multi-agent systems often suffer from governance failures and uncontrolled complexity due to the absence of design principles centered on capability alignment. This work proposes the CEAD architecture, which introduces capability alignment as a foundational design paradigm, prioritizing agent design as the primary abstraction. CEAD explicitly defines capability boundaries, autonomy allocation, interaction protocols, tool permissions, stateful memory, and human-agent collaboration mechanisms, integrating the benefits of service-oriented architecture without conflating services with agents. Empirical evaluation on enterprise-scale tasks involving tens of thousands of operations demonstrates that CEAD achieves a safety success rate of 70.6%, substantially outperforming both monolithic single-agent systems (45.2%) and ungoverned ensembles of micro-agents (23.1%), thereby validating its effectiveness in enhancing system reliability and governability.
This work addresses the lack of reproducible evaluation methodologies in decentralized identity (DI) and self-sovereign identity (SSI) systems, which stems from the failure to translate their core security and privacy principles into explicit functional requirements. For the first time, this study systematically operationalizes SSI principles through requirements engineering and formal modeling techniques, yielding a verifiable set of functional requirements and a comprehensive functional model that spans common use cases. The resulting requirements specification and formal model establish a foundational framework for DI/SSI system evaluation, thereby filling a critical gap in the current landscape and providing a rigorous basis for future system development and reproducible assessments.