Constructing Institutional Measures: Indicators of Political and Property Rights in Mozambique, 1900-2005

In this paper we focus on the role of political and economic institutions in Mozambique’s development. We produce a set of institutional indicators for Mozambique for the period 1900 through to 2005. The first index tracks political freedoms and is unique in its duration and complexity. The second index is a measure of property rights for Mozambique and such a measure has not existed previously and certainly not for this length of time. The construction of these indices is a painstaking process through historical records but it provides us with a richness of institutional data previously not available. The new institutional indices will allow us to explore the role of the institutional environment in determining economic growth and development in Mozambique over time.Political Rights, Property Rights, Insitutional Indicators, Mozambique

MapCAST : Real-Time Collaboration With Concept Maps

This thesis describes the development of the application mapCAST, a computer-based concept-mapping tool that allows synchronous collaboration via TCP/IP networks, such as the Internet The useability and feasibility of mapCAST as a computer-based tool was examined and analysed in a real world situation. Results indicate that mapCAST is successful as a collaborative tool in a situations involving knowledge organisation, but lacks certain functionality that many Macintosh users are accustomed to

Fourth Conference on Artificial Intelligence for Space Applications

Proceedings of a conference held in Huntsville, Alabama, on November 15-16, 1988. The Fourth Conference on Artificial Intelligence for Space Applications brings together diverse technical and scientific work in order to help those who employ AI methods in space applications to identify common goals and to address issues of general interest in the AI community. Topics include the following: space applications of expert systems in fault diagnostics, in telemetry monitoring and data collection, in design and systems integration; and in planning and scheduling; knowledge representation, capture, verification, and management; robotics and vision; adaptive learning; and automatic programming

Penetration Testing Frameworks and methodologies: A comparison and evaluation

Cyber security is fast becoming a strategic priority across both governments and private organisations. With technology abundantly available, and the unbridled growth in the size and complexity of information systems, cyber criminals have a multitude of targets. Therefore, cyber security assessments are becoming common practice as concerns about information security grow. Penetration testing is one strategy used to mitigate the risk of cyber-attack. Penetration testers attempt to compromise systems using the same tools and techniques as malicious attackers thus, aim to identify vulnerabilities before an attack occurs. Penetration testing can be complex depending on the scope and domain area under investigation, for this reason it is often managed similarly to that of a project necessitating the implementation of some framework or methodology. Fortunately, there are an array of penetration testing methodologies and frameworks available to facilitate such projects, however, determining what is a framework and what is methodology within this context can lend itself to uncertainty. Furthermore, little exists in relation to mature frameworks whereby quality can be measured. This research defines the concept of “methodology” and “framework” within a penetration testing context. In addition, the research presents a gap analysis of the theoretical vs. the practical classification of nine penetration testing frameworks and/or methodologies and subsequently selects two frameworks to undergo quality evaluation using a realworld case study. Quality characteristics were derived from a review of four quality models, thus building the foundation for a proposed penetration testing quality model. The penetration testing quality model is a modified version of an ISO quality model whereby the two chosen frameworks underwent quality evaluation. Defining methodologies and frameworks for the purposes of penetration testing was achieved. A suitable definition was formed by way of analysing properties of each category respectively, thus a Framework vs. Methodology Characteristics matrix is presented. Extending upon the nomenclature resolution, a gap analysis was performed to determine if a framework is actually a framework, i.e., it has a sound underlying ontology. In contrast, many “frameworks” appear to be simply collections of tools or techniques. In addition, two frameworks OWASP’s Testing Guide and Information System Security Assessment Framework (ISSAF), were employed to perform penetration tests based on a real-world case study to facilitate quality evaluation based on a proposed quality model. The research suggests there are various ways in which quality for penetration testing frameworks can be measured; therefore concluded that quality evaluation is possible

A REFERENCE ARCHITECTURE OF HUMAN CYBER-PHYSICAL SYSTEMS – PART III: SEMANTIC FOUNDATIONS

he design and analysis of multi-agent human cyber-physical systems in safety-critical or industry-critical domains calls for an adequate semantic foundation capable of exhaustively and rigorously describing all emergent effects in the joint dynamic behavior of the agents that are relevant to their safety and well-behavior. We present such a semantic foundation. This framework extends beyond previous approaches by extending the agent-local dynamic state beyond state components under direct control of the agent and belief about other agents (as previously suggested for understanding cooperative as well as rational behavior) to agent-local evidence and belief about the overall cooperative, competitive, or coopetitive game structure. We argue that this extension is necessary for rigorously analyzing systems of human cyber-physical systems because humans are known to employ cognitive replacement models of system dynamics that are both non-stationary and potentially incongruent. These replacement models induce visible and potentially harmful effects on their joint emergent behavior and the interaction with cyber-physical system components

Distributed on-line safety monitor based on safety assessment model and multi-agent system

On-line safety monitoring, i.e. the tasks of fault detection and diagnosis, alarm annunciation, and fault controlling, is essential in the operational phase of critical systems. Over the last 30 years, considerable work in this area has resulted in approaches that exploit models of the normal operational behaviour and failure of a system. Typically, these models incorporate on-line knowledge of the monitored system and enable qualitative and quantitative reasoning about the symptoms, causes and possible effects of faults. Recently, monitors that exploit knowledge derived from the application of off-line safety assessment techniques have been proposed. The motivation for that work has been the observation that, in current practice, vast amounts of knowledge derived from off-line safety assessments cease to be useful following the certification and deployment of a system. The concept is potentially very useful. However, the monitors that have been proposed so far are limited in their potential because they are monolithic and centralised, and therefore, have limited applicability in systems that have a distributed nature and incorporate large numbers of components that interact collaboratively in dynamic cooperative structures. On the other hand, recent work on multi-agent systems shows that the distributed reasoning paradigm could cope with the nature of such systems. This thesis proposes a distributed on-line safety monitor which combines the benefits of using knowledge derived from off-line safety assessments with the benefits of the distributed reasoning of the multi-agent system. The monitor consists of a multi-agent system incorporating a number of Belief-Desire-Intention (BDI) agents which operate on a distributed monitoring model that contains reference knowledge derived from off-line safety assessments. Guided by the monitoring model, agents are hierarchically deployed to observe the operational conditions across various levels of the hierarchy of the monitored system and work collaboratively to integrate and deliver safety monitoring tasks. These tasks include detection of parameter deviations, diagnosis of underlying causes, alarm annunciation and application of fault corrective measures. In order to avoid alarm avalanches and latent misleading alarms, the monitor optimises alarm annunciation by suppressing unimportant and false alarms, filtering spurious sensory measurements and incorporating helpful alarm information that is announced at the correct time. The thesis discusses the relevant literature, describes the structure and algorithms of the proposed monitor, and through experiments, it shows the benefits of the monitor which range from increasing the composability, extensibility and flexibility of on-line safety monitoring to ultimately developing an effective and cost-effective monitor. The approach is evaluated in two case studies and in the light of the results the thesis discusses and concludes both limitations and relative merits compared to earlier safety monitoring concepts

Information security compliance in a healthcare setting: A user behavior pilot study

Human behavior is known to be one of the weakest links to information security and a likely cause of incidents that may lead or contribute to the loss or compromise of sensitive information (Ahmad, & Ismail, 2010; Akhunzada, Kam, 2015; Aloul, 2012; Cain, Edwards, & Still, 2018; Long, 2013; Narayana, Sookhak, & Anuar, 2015; Pike, 2011; Seidenberger, 2016). The Health Insurance Portability and Accountability Act (1996) requires healthcare organizations to comply with national standards to reduce the likelihood of a privacy breach. Online stolen data markets, where cybercriminals operate in the dark web, advertise, sell, share, and trade sensitive personally identifiable information for nefarious purposes (Chertoff, 2017; Holt et al., 2016). The 29-statement pilot study survey replicates the Safa et al. (2015) survey and was administered to 39 UW Medicine (UWM) employees via the UWM Research Electronic Data Capture online survey application. The survey statements are based on the Theory of Planned Behavior, the Protection Motivation Theory, and the Safa et al. (2015) employee information security conscious care behavior model. The UWM pilot study statements were modified, and results are presented (n = 32). Descriptive statistics are provided, as well as lessons learned, which will be incorporated into a larger-scale survey deployment. This is a timely study to determine how best to reduce the likelihood of a user error or a cyber adversary exploiting a weakness that could lead to or cause a global catastrophic cyber event that could potentially trigger further political, economic, and social volatility