Context-Aware and Adaptive Usage Control Model

Information protection is a key issue for the acceptance and adoption of pervasive computing systems where various portable devices such as smart phones, Personal Digital Assistants (PDAs) and laptop computers are being used to share information and to access digital resources via wireless connection to the Internet. Because these are resources constrained devices and highly mobile, changes in the environmental context or device context can affect the security of the system a great deal. A proper security mechanism must be put in place which is able to cope with changing environmental and system context. Usage CONtrol (UCON) model is the latest major enhancement of the traditional access control models which enables mutability of subject and object attributes, and continuity of control on usage of resources. In UCON, access permission decision is based on three factors: authorisations, obligations and conditions. While authorisations and obligations are requirements that must be fulfilled by the subject and the object, conditions are subject and object independent requirements that must be satisfied by the environment. As a consequence, access permission may be revoked (and the access stopped) as a result of changes in the environment regardless of whether the authorisations and obligations requirements are met. This constitutes a major shortcoming of the UCON model in pervasive computing systems which constantly strive to adapt to environmental changes so as to minimise disruptions to the user. We propose a Context-Aware and Adaptive Usage Control (CA-UCON) model which extends the traditional UCON model to enable adaptation to environmental changes in the aim of preserving continuity of access. Indeed, when the authorisation and obligations requirements are fulfilled by the subject and object, and the conditions requirements fail due to changes in the environmental or the system context, our proposed model CA-UCON triggers specific actions in order to adapt to the new situation, so as to ensure continuity of usage. We then propose an architecture of CA-UCON model, presenting its various components. In this model, we integrated the adaptation decision with usage decision architecture, the comprehensive definition of each components and reveals the functions performed by each components in the architecture are presented. We also propose a novel computational model of our CA-UCON architecture. This model is formally specified as a finite state machine. It demonstrates how the access request of the subject is handled in CA-UCON model, including detail with regards to revoking of access and actions undertaken due to context changes. The extension of the original UCON architecture can be understood from this model. The formal specification of the CA-UCON is presented utilising the Calculus of Context-aware Ambients (CCA). This mathematical notation is considered suitable for modelling mobile and context-aware systems and has been preferred over alternatives for the following reasons: (i) Mobility and Context awareness are primitive constructs in CCA; (ii) A system's properties can be formally analysed; (iii) Most importantly, CCA specifications are executable allowing early validation of system properties and accelerated development of prototypes. For evaluation of CA-UCON model, a real-world case study of a ubiquitous learning (u-learning) system is selected. We propose a CA-UCON model for the u-learning system. This model is then formalised in CCA and the resultant specification is executed and analysed using an execution environment of CCA. Finally, we investigate the enforcement approaches for CA-UCON model. We present the CA-UCON reference monitor architecture with its components. We then proceed to demonstrate three types of enforcement architectures of the CA-UCON model: centralised architecture, distributed architecture and hybrid architecture. These are discussed in detail, including the analysis of their merits and drawbacks

Quality-aware model-driven service engineering

Service engineering and service-oriented architecture as an integration and platform technology is a recent approach to software systems integration. Quality aspects ranging from interoperability to maintainability to performance are of central importance for the integration of heterogeneous, distributed service-based systems. Architecture models can substantially influence quality attributes of the implemented software systems. Besides the benefits of explicit architectures on maintainability and reuse, architectural constraints such as styles, reference architectures and architectural patterns can influence observable software properties such as performance. Empirical performance evaluation is a process of measuring and evaluating the performance of implemented software. We present an approach for addressing the quality of services and service-based systems at the model-level in the context of model-driven service engineering. The focus on architecture-level models is a consequence of the black-box character of services

Clinical Pathways to Ethically Substantive Autonomy

There is no shortage of support for the idea that ethics should be incorporated into the academic and professional curriculum. There is a difference, however, between, on the one hand, teaching professionals about ethics, and, on the other, demanding that they give ethical expression to the range of professional skills they are expected to apply daily in their work. If this expression is not to be perfunctory, ethical judgement must be genuinely integrated into the professional skill set. The mark of integration in this regard is the capacity for autonomous judgement. Ethical autonomy cannot be achieved by a mechanical, rule-bound and circumstance-specific checklist of ethical do’s and don’ts, and it is only partially achieved by a move from mechanistic rules to ‘outcome based’ processes. Rather, professional ethical autonomy presupposes not only a formal understanding of the requirements of an ethical code of conduct, but a genuine engagement with the substantive values and techniques that enable practitioners to interpret and apply principles confidently over a range of circumstances. It is not then, that ethical skill is not valued by the legal profession or legal education, or that the shortfall of ethical skill goes unacknowledged, it is rather that the language of professional ethics struggles to break free from the cautious circularity that is the mark of its formal expression. To require a professional to ‘act in their client’s interests’, or ‘act in accordance with the expectations of the profession’ or act ‘fairly and effectively’ are formal, infinitely ambiguous and entirely safe suggestions; to offer a substantive account of what, specifically, those interests might be, or what expectations we should have, are rather more contentious. Fears of dogma and a narrowing of discretion do, of course, accompany the idea of a search for ethical substance, and caution is to be expected in response to it. Notwithstanding these anxieties, there would appear to be no coherent alternative to the aspiration to substantive autonomy, and this must remain the goal of teaching legal ethics. In light of this, the problem facing educationalists is then perhaps expressed more diplomatically in terms of how ethical skill might be substantively developed, imparted, and integrated into a genuinely comprehensive conception of professional skill. Clinical education can go a long way to solving this problem: exposure to the practical tasks of lawyering is the surest and best way of raising consciousness in this regard: ‘Hands-on’ is good - and consciousness-raising is a step in the direction of autonomy, but raw experience and elevated awareness is not enough. We know that our most influential theories of learning tells us that it is in the process of reflection upon problem solving that the practitioner begins to take autonomous control of skill development. In the view of the author, reflection, requires content and direction, and in this paper, with the aid of three models of skill integration inspired by Nigel Duncan’s detailed analysis and video reconstruction of the ethical and technical skill deficiencies brought to light by R v Griffiths, we attempt to specify what might be understood in this regard: Reflective content refers to the discrete interests and values that compete to produce tension in what we will refer to the ‘matrix’ of concerns that feature in all forms of dispute resolution; reflective direction points to an engagement with the resources and techniques that can empower critical and autonomous judgment. In the context of a clinical process broadly structured by the insights of Wenger and by Rest’s model of ethical skill, guided reflection so specified thus serves as an interface between on the one hand, indeterminate ethical form, and, on the other, the substantive ethical wisdom to be found in the repository of values that underpin the very idea of the legal enterprise

Semantic reasoning for intelligent emergency response applications

Emergency response applications require the processing of large amounts of data, generated by a diverse set of sensors and devices, in order to provide for an accurate and concise view of the situation at hand. The adoption of semantic technologies allows for the definition of a formal domain model and intelligent data processing and reasoning on this model based on generated device and sensor measurements. This paper presents a novel approach to emergency response applications, such as fire fighting, integrating a formal semantic domain model into an event-based decision support system, which supports reasoning on this model. The developed model consists of several generic ontologies describing concepts and properties which can be applied to diverse context-aware applications. These are extended with emergency response specific ontologies. Additionally, inference on the model performed by a reasoning engine is dynamically synchronized with the rest of the architectural components. This allows to automatically trigger events based on predefined conditions. The proposed ontology and developed reasoning methodology is validated on two scenarios, i.e. (i) the construction of an emergency response incident and corresponding scenario and (ii) monitoring of the state of a fire fighter during an emergency response

Enterprise engineering using semantic technologies

Modern Enterprises are facing unprecedented challenges in every aspect of their businesses: from marketing research, invention of products, prototyping, production, sales to billing. Innovation is the key to enhancing enterprise performances and knowledge is the main driving force in creating innovation. The identification and effective management of valuable knowledge, however, remains an illusive topic. Knowledge management (KM) techniques, such as enterprise process modelling, have long been recognised for their value and practiced as part of normal business. There are plentiful of KM techniques. However, what is still lacking is a holistic KM approach that enables one to fully connect KM efforts with existing business knowledge and practices already in IT systems, such as organisational memories. To address this problem, we present an integrated three-dimensional KM approach that supports innovative semantics technologies. Its automated formal methods allow us to tap into modern business practices and capitalise on existing knowledge. It closes the knowledge management cycle with user feedback loops. Since we are making use of reliable existing knowledge and methods, new knowledge can be extracted with less effort comparing with another method where new information has to be created from scratch

Rewiring strategies for changing environments

A typical pervasive application executes in a changing environment: people, computing resources, software services and network connections come and go continuously. A robust pervasive application needs adapt to this changing context as long as there is an appropriate rewiring strategy that guarantees correct behavior. We combine the MERODE modeling methodology with the ReWiRe framework for creating interactive pervasive applications that can cope with changing environments. The core of our approach is a consistent environment model, which is essential to create (re)configurable context-aware pervasive applications. We aggregate different ontologies that provide the required semantics to describe almost any target environment. We present a case study that shows a interactive pervasive application for media access that incorporates parental control on media content and can migrate between devices. The application builds upon models of the run-time environment represented as system states for dedicated rewiring strategies