Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems, cyber risk at the edge

The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture

Developing a goal-oriented SDI assessment approach using GIDEON - the Dutch SDI implementation strategy - as a case study

In 2008, the Dutch government approved the GIDEON document as a policy aiming at the implementation of the National Spatial Data Infrastructure (NSDI) in the Netherlands. The execution of GIDEON should take place by pursuing seven implementation strategies which lead to the achievement of the GIDEON goals. GIDEON also expresses the need to monitor the progress of implementing its strategies and realization of its goals. Currently, the work has been started on monitoring the GIDEON implementation strategies. However, there is still a lack of knowledge and methods to monitor GIDEON goals realization. The challenge is to come up with an approach to assess to what extent these goals are achieved. As a response to the challenge of assessing the GIDEON goals, this paper explores the possibility of using the Multi-view SDI assessment framework (Grus et al., 2007). This paper presents and discusses the method that applies the Multi-view SDI assessment framework, its indicators and measurement methods to create a GIDEON assessment approach. The method of creating a GIDEON assessment approach consists of several procedural steps: formulating specific GIDEON objectives, organizing a one-day workshop involving focus group of specific stakeholders responsible for creation and execution of NSDI, asking the workshop participants to select from a long list those indicators that best measure the achievement of each GIDEON goals. The key step of GIDEON approach is a one-day workshop. The workshop participants represented all organizations that cooperated and/or created GIDEON. The workshop consisted of two parts: first part explained the context of a challenge of assessing GIDEON, second part included participants activity to select and come to the consensus on the list of indicators that would best measure GIDEON goals realization. Additionally, the participants were asked to evaluate and express feedback on the usefulness of the method of creating GIDEON assessment approach. The results show that several indicators that relate to specific SDI goals could be selected by a significant number of workshop participants. The indicators that have been selected are not the final ones yet, but provide a guideline and form a base of what has to be measured when assessing GIDEON goals. Involving the representatives of all parties committed to GIDEON into the process of GIDEON assessment approach creation will strengthen its robustness and acceptance. The results of the feedback form filled by each participant show that the presented method is useful or very useful to create GIDEON assessment approach. Additionally, some of the participants provided already their own indicators which are very specific for Dutch SDI monitoring.The method presented in this research, assuming that SDI goals are defined and the organizations that participate in SDI creation are known, can be applied in any other country to develop country-specific and practical SDI assessment approach

Web Service Trust: Towards A Dynamic Assessment Framework

Trust in software services is a key prerequisite for the success and wide adoption of services-oriented computing (SOC) in an open Internet world. However, trust is poorly assessed by existing methods and technologies, especially in dynamically composed and deployed SOC systems. In this paper, we discuss current methods for assessing trust in service-oriented computing and identify gaps of current platforms, in particular with regards to runtime trust assessment. To address these gaps, we propose a model of runtime trust assessment of software services and introduce a framework for realizing the model. A key characteristic of our approach is the support that it offers for customizable assessment of trust based on evidence collected during the operation of software services and its ability to combine this evidence with subjective assessments coming from service clients

End-to-End QoS Support for a Medical Grid Service Infrastructure

Quality of Service support is an important prerequisite for the adoption of Grid technologies for medical applications. The GEMSS Grid infrastructure addressed this issue by offering end-to-end QoS in the form of explicit timeliness guarantees for compute-intensive medical simulation services. Within GEMSS, parallel applications installed on clusters or other HPC hardware may be exposed as QoS-aware Grid services for which clients may dynamically negotiate QoS constraints with respect to response time and price using Service Level Agreements. The GEMSS infrastructure and middleware is based on standard Web services technology and relies on a reservation based approach to QoS coupled with application specific performance models. In this paper we present an overview of the GEMSS infrastructure, describe the available QoS and security mechanisms, and demonstrate the effectiveness of our methods with a Grid-enabled medical imaging service

Innovative public governance through cloud computing: Information privacy, business models and performance measurement challenges

Purpose: The purpose of this paper is to identify and analyze challenges and to discuss proposed solutions for innovative public governance through cloud computing. Innovative technologies, such as federation of services and cloud computing, can greatly contribute to the provision of e-government services, through scaleable and flexible systems. Furthermore, they can facilitate in reducing costs and overcoming public information segmentation. Nonetheless, when public agencies use these technologies, they encounter several associated organizational and technical changes, as well as significant challenges. Design/methodology/approach: We followed a multidisciplinary perspective (social, behavioral, business and technical) and conducted a conceptual analysis for analyzing the associated challenges. We conducted focus group interviews in two countries for evaluating the performance models that resulted from the conceptual analysis. Findings: This study identifies and analyzes several challenges that may emerge while adopting innovative technologies for public governance and e-government services. Furthermore, it presents suggested solutions deriving from the experience of designing a related platform for public governance, including issues of privacy requirements, proposed business models and key performance indicators for public services on cloud computing. Research limitations/implications: The challenges and solutions discussed are based on the experience gained by designing one platform. However, we rely on issues and challenges collected from four countries. Practical implications: The identification of challenges for innovative design of e-government services through a central portal in Europe and using service federation is expected to inform practitioners in different roles about significant changes across multiple levels that are implied and may accelerate the challenges' resolution. Originality/value: This is the first study that discusses from multiple perspectives and through empirical investigation the challenges to realize public governance through innovative technologies. The results emerge from an actual portal that will function at a European level. © Emerald Group Publishing Limited

E-finance-lab at the House of Finance : about us

The financial services industry is believed to be on the verge of a dramatic [r]evolution. A substantial redesign of its value chains aimed at reducing costs, providing more efficient and flexible services and enabling new products and revenue streams is imminent. But there seems to be no clear migration path nor goal which can cast light on the question where the finance industry and its various players will be and should be in a decade from now. The mission of the E-Finance Lab is the development and application of research methodologies in the financial industry that promote and assess how business strategies and structures are shared and supported by strategies and structures of information systems. Important challenges include the design of smart production infrastructures, the development and evaluation of advantageous sourcing strategies and smart selling concepts to enable new revenue streams for financial service providers in the future. Overall, our goal is to contribute methods and views to the realignment of the E-Finance value chain. ..