Designing fuzzy expert system for chief privacy officer in government and businesses E-transactions

Document Type: Research Paper


1 Associate Prof., Information Technology Management Department, Faculty of Management and Economic, Tarbiat Modares University, Tehran, Iran

2 MSc. in Information Technology Management, Faculty of Management and Economic, Tarbiat Modares University, Tehran, Iran

3 Associate Prof., Private Law Department, Faculty of Law, Tarbiat Modares University, Tehran, Iran


The Chief Privacy Officers (CPO) are faced with many and varied responsibilities and roles. In this paper, a fuzzy expert system is designed, called "Chief Privacy Officer Fuzzy Expert System (CPOFEX)", to inform the Chief Privacy Officer about "the Status of the Privacy of Government and Businesses (G-B) E-Transactions". To develop the research model and knowledge base of the mentioned expert system, the concepts of “the Chief Privacy Officers (CPO) Capability“, “Electronic Crimes Intents“, “Type of Government and Business E-Transactions“, “Professional Ethics-Orientation in E-Transactions Parties“, “Privacy Protector Technologies in Enterprise“ were identified, as components of "the Status of the Privacy of Government and Businesses E-Transactions". To validate the mentioned expert system, the outputs of the system were compared with the experts views. This system can help to analyze "the status of the privacy of government and businesses e-transactions", and provide more accurate advices.


Main Subjects

Arias-Aranda, D., Castro, J.L., Navarro, M., Sánchez, J.M., Zurita, J.M. (2010). A Fuzzy expert system for business management. Expert Systems with Applications, 37 (12): 7570–7580.

Aslani, H.R. (2006). Information Technology Laws. Tehran: Mizan Publications.
(in Persian)

Awazu, Y. & Desouza, K. C. (2004). The Knowledge Chiefs: CKOs, CLOs and CPOs. European Management Journal, 22(3): 339–344.

Azar, A, Fani, A.A. & Dajkhosh, S.S. (2013). Modeling Business Ethics Using Fuzzy Analytic Network Process. Ethics in Science & Technology, ???(3): ???-???. (in Persian)

Bamberger, K.A. & Mulligan, D.K. (2011). New governance, chief privacy officers, and the corporate management of information privacy in the United States: An initial inquiry. Law & Policy, 33(4): 477-508.

Belanger, F. & Hiller, J.S. (2006). A framework for e-government: privacy implications. Business process management journal, 12 (1): 48-60.

Beldad, A., de Jong, M. & Steehouder, M. (2010). Reading the least read? Indicators of users' intention to consult privacy statements on municipal websites. Government Information Quarterly, 27(3): 238-244.

Bella, G., Giustolisi, R. & Riccobene, S. (2011). Enforcing privacy in e-commerce by balancing anonymity and trust. Computers & Security, 30 (8): 705-718.

Damghanian, H. & Siahsarani Kojuri, M. A. (2012). A Study on the Effect of Perceived Security on the Trust of Female Customers in the Internet Banking: (A Survey of the SADERAT BANK in Semnan). Journal of Information Technology Management, 4(13): 71-88. (in Persian)

Den Butter, F. A. G., Liu, J., & Tan, Y.H. (2012). Using IT to engender trust in government-to-business relationships: The Authorized Economic Operator as an example. Government Information Quarterly, 29(2): 261-274.

Dimick, C. (2012). The new privacy officer. Journal of AHIMA/American Health Information Management Association, 83(4): 20-25.

Dinev, T. & Hart, P. (2006). An extended privacy calculus model for e-commerce transactions. Information Systems Research, 17 (1): 61-80.

Elahi, Sh. & Hassanzadeh, A. (2009). A framework for evaluating electronic commerce adoption in Iranian companies. International Journal of Information Management, 29(1): 27–36.

Elahi, Sh., Khadivar, A. & Hassanzadeh, A. (2012). Designing a Decision Support Expert System for Supporting the Process of Knowledge Management Strategy Development . ???, 3(8): 43-62. (in Persian)

Ghodselahi, A. (2011). Designing a Fuzzy Expert system for Risk Management in Banking Industry‎. [Master thesis]. Supervisor: Elahi, Sha’ban. Tehran: Tarbiat Modares University, Faculty of Management and Economic.
(in Persian)

Hasangholipour, T., Amiri, M., Fahim, F.S. & Ghaderi Abed, A. (2013). Effects of Consumer Characteristics on their Acceptance of Online Shopping: A Survey in Faculty of Management, University of Tehran. Journal of Information Technology Management, 5(4): 67-84. (in Persian)

Hashemi, M. & Malek, M.R. (2012). Protecting location privacy in mobile geoservices using Fuzzy inference systems. Computers. Environment and Urban Systems, 36(4): 311–320.

Hochberg, J., Jackson, K., Stallings, C., McClary, J.F., DuBois, D. & Ford, J. (1993). NADIR: An automated system for detecting network intrusion and misuse. Computers & Security, 12(3): 235-248.

Hosseini Dolwlat Abadi, F. (2001). The Ethical Conscience and ways of fostering it. [Master thesis]. Supervisor: Dr Hojati. Tehran: Tarbiat Modares Uni.
(in Persian)

Jensen, C., Potts, C. & Jensen, C. (2005). Privacy practices of Internet users: Self-reports versus observed behavior. International Journal of Human-Computer Studies, 63(1–2): 203–227.

Jutla, D.N., Bodorik, P. & Zhang, Y. (2006). PeCAN: An architecture for users’ privacy-aware electronic commerce contexts on the semantic web. Information Systems, 31 (4): 295-320.

Kailay, M. P. & Peter, J. (1995). RAMeX: a prototype expert system for computer security risk analysis and management. Computers & Security, 14(5): 449–463.

Kalloniatis, Ch., Belsis, P. & Gritzalis, S. (2011). A soft computing approach for privacy requirements engineering: The Pris framework. Applied Soft Computing, 11(7): 4341–4348.

Karami, A. & Guerrero-Zapatab, M. (2015). A Fuzzy anomaly detection system based on hybrid PSO-Kmeans algorithm in content-centric networks. Neurocomputing, 149: 1253–1269.

Karat, J., Karat, C.M., Brodie, C. & Feng, J. (2005). Privacy in information technology: Designing to enable privacy policy management in organizations. International Journal of Human-Computer Studies, 63(1): 153-174.

Le Blanc, L. A. & Jelassi, T. (1991). an evaluation and selection methodology for expert system shells. Expert Systems with Applications, 2(2–3): 201–209.

Li, J., Li, J., Chen, X., Liu, Zh. & Jia, CH. (2014). Privacy-preserving data utilization in hybrid clouds. Future Generation Computer Systems. (30): 98–106.

Liao, SH. (2005). Expert system methodologies and applications-a decade review from 1995 to 2004. Expert Systems with Applications, 28 (1): 93-103.

Longley, D. & Rigby, S. (1992). An automatic search for security flaws in key management schemes. Computers & Security. 11(1): 75-89.

Majdalawieh, M. (2010). The Integrated Privacy Model: Building a Privacy Model in the Business Processes of the Enterprise. International Journal of Information Security and Privacy archive, 4 (3): 1-21.

Miah, Sh., Kerr, D. & Gammack, J.G. (2009). A methodology to allow rural extension professionals to build target-specific expert systems for Australian rural business operators. Expert Systems with Applications. 36(1): 735–744.

Naderi, A & Ghaseminezhad, Y. (2014). Investigating the Indicators Affecting the Success of Modern Banking Services Strategies from the View Point of Managers and Experts of Ansar Bank. Journal of Iranian Technology Management, 6(3): 487-504.

Qin, B., Zhou, X., Yang, J. & Song, C. (2006). Grey-theory based intrusion detection model. Journal of Systems Engineering and Electronics, 17(1): 230–235.

Reddick, C.G. & Roy, J. (2013). Business perceptions and satisfaction with e-government: Findings from a Canadian. Government Information Quarterly, 30(1): 1-9.

Reza Karimi, M., Sepandarand, S. & Haghshenas, F. (2012). Study of the Effects of Customers’ Perceptions of Security and Trust on their Use of the Agriculture Bank of Iran’s e-Payment System. Journal of Iranian Technology Management, 4(11): 135-154.

Rezmierski, V. E. & Marshall, R. S. (2002). University systems security logging: who is doing it and how far can they go? Computers & Security, 21 (6)1: 557–564.

Shamsi, Z. (2014). Designing a Fuzzy expert system for selecting new IT product development projects‎‎. [Master thesis]. Supervisor: Elahi, Sha’ban. Tehran: Tarbiat Modares University, Faculty of Management and Economic.
(in Persian)

Sivanandam, S. N., Sumathi, S. & Deepa, S.N. (2007). Introduction to Fuzzy Logic using MATLAB. Springer-Verlag Berlin Heidelberg.

Summers, R. C. & Kurzban, S.A. (1988). Potential applications of knowledge-based methods to computer security. Computers & Security, 7(4): 373–385.

Taghva, M.R. & Izadi, M. (2013). Investigating Security in Developed Information Systems through Service oriented Architecture (SOA). Journal of Information Technology Management, 5(3): 25-42. (in Persian)

Tajfar, A. H., Mahmoudi Maymand, M., Rezasoltani, F. & Rezasoltani, P. (2015). Ranking the barriers of implementing Information Security Management System and Investigation of readiness rate of exploration management. Journal of Information Technology Management, 6(4): 551-566. (in Persian)

Vaishnavi, V. K. & Kuechler, Jr. W. (2008). Design Science Research Methods and Patterns, Innovating Information and Communication Technology. Auerbach Publications, Taylor & Francis Group.

Vosough, M., Taghavi Fard, M. T. & Alborzi, M. (2015). Bank card fraud detection using artificial neural network. Journal of Information Technology Management, 6(4): 721-746. (in Persian)

Xidonas, P., Ergazakis, E., Ergazakis, K., Metaxiotis, K., Askounis, D., Mavrotas, G. & Psarras, J. (2009). On the selection of equity securities: An expert systems methodology and an application on the Athens Stock Exchange. Expert Systems with Applications, 36(9): 11966–11980.

Xu, D.L., Liu, J., Yang, J.B., Liu, G.P., Wang, J., Jenkinson, I. & Ren, J. (2007). Inference and learning methodology of belief-rule-based expert system for pipeline leak detection. Expert Systems with Application, 32(1): 103-113.