A platform for discovering and sharing confidential ballistic crime data.

Criminal investigations generate large volumes of complex data that detectives have to analyse and understand. This data tends to be "siloed" within individual jurisdictions and re-using it in other investigations can be difficult. Investigations into trans-national crimes are hampered by the problem of discovering relevant data held by agencies in other countries and of sharing those data. Gun-crimes are one major type of incident that showcases this: guns are easily moved across borders and used in multiple crimes but finding that a weapon was used elsewhere in Europe is difficult. In this paper we report on the Odyssey Project, an EU-funded initiative to mine, manipulate and share data about weapons and crimes. The project demonstrates the automatic combining of data from disparate repositories for cross-correlation and automated analysis. The data arrive from different cultural/domains with multiple reference models using real-time data feeds and historical databases

A Survey on Understanding and Representing Privacy Requirements in the Internet-of-Things

People are interacting with online systems all the time. In order to use the services being provided, they give consent for their data to be collected. This approach requires too much human effort and is impractical for systems like Internet-of-Things (IoT) where human-device interactions can be large. Ideally, privacy assistants can help humans make privacy decisions while working in collaboration with them. In our work, we focus on the identification and representation of privacy requirements in IoT to help privacy assistants better understand their environment. In recent years, more focus has been on the technical aspects of privacy. However, the dynamic nature of privacy also requires a representation of social aspects (e.g., social trust). In this survey paper, we review the privacy requirements represented in existing IoT ontologies. We discuss how to extend these ontologies with new requirements to better capture privacy, and we introduce case studies to demonstrate the applicability of the novel requirements

Domain Modeling to Support Anti-cyber Crime Education

This paper describes an approach to a computer-based learning of educational material. We define a model for the class of subjects of our interest - teaching of investigation and prevention of computer crimes, (those including both theoretical and practical issues). From this model, specific content outlines can be derived as subclasses and then instanced into actual domains. The last step consists in generating interactive documents, which use the instanced domain. Students can explore these documents through a web browser. Thus, an interactive learning scenario is created. This approach allows reusing and adapting the contents to a variety of situations, students and teaching purposes

Design of a Controlled Language for Critical Infrastructures Protection

We describe a project for the construction of controlled language for critical infrastructures protection (CIP). This project originates from the need to coordinate and categorize the communications on CIP at the European level. These communications can be physically represented by official documents, reports on incidents, informal communications and plain e-mail. We explore the application of traditional library science tools for the construction of controlled languages in order to achieve our goal. Our starting point is an analogous work done during the sixties in the field of nuclear science known as the Euratom Thesaurus.JRC.G.6-Security technology assessmen

The application of a business intelligence tool for service delivery improvement : the case of South Africa

Abstract: The global environment requires organisations to adapt and respond quickly to the complexity of its nature. Responding to such an environment depends on real-time information. In the last decade, organisations have relied much on human expertise to extract and analyse and process data into meaningful information for decision making. Many will probably agree with the assertion that the complexity of the globalisation has led to a complexity in modern data analysis, which encompasses different elements (technology and innovation, internet of things and influx of data to name but few), resulting in modern scientific problems. It is evident that organisational knowledge has become the enabling factor for decision-making in both the private and public sector. Yet, the study of the opinion that the advancement of technology and internet of things has complicated matters further for humankind to interpret complex and vast amounts of data at the speed required to keep up with the demands of the global environment in which they operate. Therefore, it is likely that the discovered knowledge may be inaccurate at times. In responding to these dynamics, organisations require computational intelligence systems to transform the data they acquire into real-time meaningful information in order to make informed decisions. ..D.Phil. (Engineering Management

Separated by a Common Language: Awareness of Term Usage Differences Between Languages and Disciplines in Biopreparedness

Preparedness for bioterrorism is based on communication between people in organizations who are educated and trained in several disciplines, including law enforcement, health, and science. Various backgrounds, cultures, and vocabularies generate difficulties in understanding and interpretating terms and concepts, which may impair communication. This is especially true in emergency situations, in which the need for clarity and consistency is vital. The EU project AniBio- Threat initiated methods and made a rough estimate of the terms and concepts that are crucial for an incident, and a pilot database with key terms and definitions has been constructed. Analysis of collected terms and sources has shown that many of the participating organizations use various international standards in their area of expertise. The same term often represents different concepts in the standards from different sectors, or, alternatively, different terms were used to represent the same or similar concepts. The use of conflicting terminology can be problematic for decision makers and communicators in planning and prevention or when handling an incident. Since the CBRN area has roots in multiple disciplines, each with its own evolving terminology, it may not be realistic to achieve unequivocal communication through a standardized vocabulary and joint definitions for words from common language. We suggest that a communication strategy should include awareness of alternative definitions and ontologies and the ability to talk and write without relying on the implicit knowledge underlying specialized jargon. Consequently, cross-disciplinary communication skills should be part of training of personnel in the CBRN field. In addition, a searchable repository of terms and definitions from relevant organizations and authorities would be a valuable addition to existing glossaries for improving awareness concerning bioterrorism prevention planning

Security Enhanced Applications for Information Systems

Every day, more users access services and electronically transmit information which is usually disseminated over insecure networks and processed by websites and databases, which lack proper security protection mechanisms and tools. This may have an impact on both the users’ trust as well as the reputation of the system’s stakeholders. Designing and implementing security enhanced systems is of vital importance. Therefore, this book aims to present a number of innovative security enhanced applications. It is titled “Security Enhanced Applications for Information Systems” and includes 11 chapters. This book is a quality guide for teaching purposes as well as for young researchers since it presents leading innovative contributions on security enhanced applications on various Information Systems. It involves cases based on the standalone, network and Cloud environments

RISK REDUCTION THROUGH TECHNOLOGICAL CONTROL OF PERSONAL INFORMATION

Abuse and harm to individuals, through harassment and bullying, coexist with Identity Theft as criminal behaviours supported by the ready availability of personal information. Incorporating privacy protection measures into software design requires a thorough understanding about how an individual's privacy is affected by Internet technologies. This research set out to incorporate such an understanding by examining privacy risks for two groups of individuals, for whom privacy was an important issue, domestic abuse survivors and teenagers. The purpose was to examine the reality of the privacy risks for these two groups. This research combined a number of approaches underpinned by a selection of foundation theories from four separate domains: software engineering; information systems; social science; and criminal behaviour. Semi-structured interviews, focus groups, workshops and questionnaires gathered information from managers of refuges and outreach workers from Women's Aid; representatives from probation and police domestic violence units; and teenagers. The findings from these first interactions provided specific examples of risks posed to the two groups. These findings demonstrated that there was a need for a selection of protection mechanisms that promoted awareness of the potential risk among vulnerable individuals. Emerging from these findings were a set of concepts that formed the basis of a novel taxonomy of threat framework designed to assist in risk assessment. To demonstrate the crossover between understanding the social environment and the use of technology, the taxonomy of threat was incorporated into a novel Vulnerability Assessment Framework, which in turn provided a basis for an extension to standard browser technology. A proof-of-concept prototype was implemented by creating an Internet Explorer 7.0 browser helper object. The prototype also made use of the Semantic Web protocols of Resource Description Framework and the Web Ontology Language for simple data storage and reasoning. The purpose of this combination was to demonstrate how the environment in which the individual primarily interacted with the Internet could be adapted to provide awareness of the potential risk, and to enable the individual to take steps to reduce that risk. Representatives of the user-groups were consulted for evaluation of the acceptability of the prototype approach. The favourable ratings given by the respondents demonstrated the acceptability of such an approach to monitoring personal information, with the provision that control remained with the individual. The evaluation exercise also demonstrated how the prototype would serve as a useful tool to make individuals aware of the dangers. The novel contribution of this research contains four facets: it advances understanding of privacy protection for the individual; illustrates an effective combination of methodology frameworks to address the complex issue of privacy; provides a framework for risk assessment through the taxonomy of threat; and demonstrates the novel vulnerability assessment framework through a proof-of-concept prototype