2,246 research outputs found

    A Survey on Forensics and Compliance Auditing for Critical Infrastructure Protection

    Get PDF
    The broadening dependency and reliance that modern societies have on essential services provided by Critical Infrastructures is increasing the relevance of their trustworthiness. However, Critical Infrastructures are attractive targets for cyberattacks, due to the potential for considerable impact, not just at the economic level but also in terms of physical damage and even loss of human life. Complementing traditional security mechanisms, forensics and compliance audit processes play an important role in ensuring Critical Infrastructure trustworthiness. Compliance auditing contributes to checking if security measures are in place and compliant with standards and internal policies. Forensics assist the investigation of past security incidents. Since these two areas significantly overlap, in terms of data sources, tools and techniques, they can be merged into unified Forensics and Compliance Auditing (FCA) frameworks. In this paper, we survey the latest developments, methodologies, challenges, and solutions addressing forensics and compliance auditing in the scope of Critical Infrastructure Protection. This survey focuses on relevant contributions, capable of tackling the requirements imposed by massively distributed and complex Industrial Automation and Control Systems, in terms of handling large volumes of heterogeneous data (that can be noisy, ambiguous, and redundant) for analytic purposes, with adequate performance and reliability. The achieved results produced a taxonomy in the field of FCA whose key categories denote the relevant topics in the literature. Also, the collected knowledge resulted in the establishment of a reference FCA architecture, proposed as a generic template for a converged platform. These results are intended to guide future research on forensics and compliance auditing for Critical Infrastructure Protection.info:eu-repo/semantics/publishedVersio

    A forensics and compliance auditing framework for critical infrastructure protection

    Get PDF
    Contemporary societies are increasingly dependent on products and services provided by Critical Infrastructure (CI) such as power plants, energy distribution networks, transportation systems and manufacturing facilities. Due to their nature, size and complexity, such CIs are often supported by Industrial Automation and Control Systems (IACS), which are in charge of managing assets and controlling everyday operations. As these IACS become larger and more complex, encompassing a growing number of processes and interconnected monitoring and actuating devices, the attack surface of the underlying CIs increases. This situation calls for new strategies to improve Critical Infrastructure Protection (CIP) frameworks, based on evolved approaches for data analytics, able to gather insights from the CI. In this paper, we propose an Intrusion and Anomaly Detection System (IADS) framework that adopts forensics and compliance auditing capabilities at its core to improve CIP. Adopted forensics techniques help to address, for instance, post-incident analysis and investigation, while the support of continuous auditing processes simplifies compliance management and service quality assessment. More specifically, after discussing the rationale for such a framework, this paper presents a formal description of the proposed components and functions and discusses how the framework can be implemented using a cloud-native approach, to address both functional and non-functional requirements. An experimental analysis of the framework scalability is also provided.info:eu-repo/semantics/publishedVersio

    How do patients and providers navigate the “corruption complex” in mixed health systems? The case of Abuja, Nigeria.

    Get PDF
    INTRODUCTION: Over the last decades, scholars have sought to investigate the causes, manifestations, and impacts of corruption in healthcare. Most of this scholarship has focused on corruption as it occurs in public health facilities. However, in Nigeria, in which most residents attend private health facilities for at least some of their care needs, this focus is incomplete. In such contexts, it is important to understand corruption as it occurs across both public and private settings, and in the interactions between them. This study seeks to address this gap. It aims to examine how corruption is experienced by, and impacts upon, patients and providers as they navigate the “corruption complex” in the mixed health system of Abuja, Nigeria. OBJECTIVES: This over-arching aim is addressed via three interrelated objectives, as follows: 1.To investigate the experiences of patients and providers concerning the causes, manifestations, and impacts of corruption in public health facilities, in Abuja, Nigeria. 2.To investigate patients / provider experiences of corruption as they relate to private health facilities in Abuja, Nigeria. 3.To investigate how, and the extent to which, corruption is enabled by the co-existence of and interactions between public and private health facilities in the context of the mixed health system of Nigeria – and of Abuja in particular. METHODS: All three objectives are addressed via a qualitative exploratory study. Data was collected in Abuja, Nigeria’s Federal Capital Territory (between October 2021 to May 2022) through: (i) in-depth interviews with 53 key informants, representing a range of patient and provider types, and policymakers; and (ii) participant observation over eight months of fieldwork. The research took place in three secondary-level public health facilities (Gwarinpa, Kubwa, and Wuse General hospital) and three equivalent-sized private health facilities (Nissa, Garki, and King's Care Hospital) in Abuja. The empirical data was analysed using Braun and Clarke's (2006) reflexive thematic analysis approach and presented in a narrative form. Abuja was selected as the research setting, as the city is representative of the mixed health system structures that exist in Nigeria, especially in the country’s larger urban areas. RESULTS: Objective 1: Corruption in public health facilities is driven by a shortage of resources, low salaries, commercialisation of health and relationships between patients and providers, and weak accountability structures. Corruption takes various forms which include: bribery, informal payments, theft, influence- activities associated with nepotism, and pressure from informal rules. Impacts include erosion of the right to health care and patient dignity, alongside increased barriers to access, including financial barriers, especially for poorer patients. Objective 2: Corruption in private health facilities is driven by incentives aimed at profit maximisation, poor regulation, and lack of oversight. Corruption takes various forms which include: inappropriate or unnecessary prescriptions (often driven by the potential for kickbacks), forging of medical reports, over-invoicing, and other related types of fraud, and under/over-treatment of patients. Impacts include reductions to the quality of care provided and exacerbation of financial risks to patients. Objective 3: The nature of public-private sector interactions creates scope for several forms of corruption. For example, these interactions contribute to the causes of corruption in the public sector - especially the problem of scarcity of resources. Related manifestations include dual practice, absenteeism, and theft (e.g., diversion of patients, medical supplies, and equipment from public to private facilities). The impacts of such practices include inequities of access, for example, due to delays in and denials of needed services and additional financial barriers encountered in public facilities, alongside reductions to quality of care, pricing transparency and financial protection in private facilities. CONCLUSION: Patients experience corruption in both public and private health facilities in Abuja, Nigeria. The causes, manifestations and impacts of corruption differ across these settings. In the public sector, corruption creates financial and non-financial barriers to care – aggravating inequities of access. In the private health sector, corruption undermines quality of care and exacerbates financial risks. The public-private mix is itself implicated in the problem – giving rise to new opportunities for corruption, to the detriment of patients’ health and welfare. For policymakers in Nigeria to address the problem of corruption, a cross-sectoral approach - inclusive of the full range of providers within the mixed health system – will be required

    Cultures of Citizenship in the Twenty-First Century: Literary and Cultural Perspectives on a Legal Concept

    Get PDF
    In the early twenty-first century, the concept of citizenship is more contested than ever. As refugees set out to cross the Mediterranean, European nation-states refer to "cultural integrity" and "immigrant inassimilability," revealing citizenship to be much more than a legal concept. The contributors to this volume take an interdisciplinary approach to considering how cultures of citizenship are being envisioned and interrogated in literary and cultural (con)texts. Through this framework, they attend to the tension between the citizen and its spectral others - a tension determined by how a country defines difference at a given moment

    Digitalization and Development

    Get PDF
    This book examines the diffusion of digitalization and Industry 4.0 technologies in Malaysia by focusing on the ecosystem critical for its expansion. The chapters examine the digital proliferation in major sectors of agriculture, manufacturing, e-commerce and services, as well as the intermediary organizations essential for the orderly performance of socioeconomic agents. The book incisively reviews policy instruments critical for the effective and orderly development of the embedding organizations, and the regulatory framework needed to quicken the appropriation of socioeconomic synergies from digitalization and Industry 4.0 technologies. It highlights the importance of collaboration between government, academic and industry partners, as well as makes key recommendations on how to encourage adoption of IR4.0 technologies in the short- and long-term. This book bridges the concepts and applications of digitalization and Industry 4.0 and will be a must-read for policy makers seeking to quicken the adoption of its technologies

    Enhancing the forensic comparison process of common trace materials through the development of practical and systematic methods

    Get PDF
    An ongoing advancement in forensic trace evidence has driven the development of new and objective methods for comparing various materials. While many standard guides have been published for use in trace laboratories, different areas require a more comprehensive understanding of error rates and an urgent need for harmonizing methods of examination and interpretation. Two critical areas are the forensic examination of physical fits and the comparison of spectral data, which depend highly on the examiner’s judgment. The long-term goal of this study is to advance and modernize the comparative process of physical fit examinations and spectral interpretation. This goal is fulfilled through several avenues: 1) improvement of quantitative-based methods for various trace materials, 2) scrutiny of the methods through interlaboratory exercises, and 3) addressing fundamental aspects of the discipline using large experimental datasets, computational algorithms, and statistical analysis. A substantial new body of knowledge has been established by analyzing population sets of nearly 4,000 items representative of casework evidence. First, this research identifies material-specific relevant features for duct tapes and automotive polymers. Then, this study develops reporting templates to facilitate thorough and systematic documentation of an analyst’s decision-making process and minimize risks of bias. It also establishes criteria for utilizing a quantitative edge similarity score (ESS) for tapes and automotive polymers that yield relatively high accuracy (85% to 100%) and, notably, no false positives. Finally, the practicality and performance of the ESS method for duct tape physical fits are evaluated by forensic practitioners through two interlaboratory exercises. Across these studies, accuracy using the ESS method ranges between 95-99%, and again no false positives are reported. The practitioners’ feedback demonstrates the method’s potential to assist in training and improve peer verifications. This research also develops and trains computational algorithms to support analysts making decisions on sample comparisons. The automated algorithms in this research show the potential to provide objective and probabilistic support for determining a physical fit and demonstrate comparative accuracy to the analyst. Furthermore, additional models are developed to extract feature edge information from the systematic comparison templates of tapes and textiles to provide insight into the relative importance of each comparison feature. A decision tree model is developed to assist physical fit examinations of duct tapes and textiles and demonstrates comparative performance to the trained analysts. The computational tools also evaluate the suitability of partial sample comparisons that simulate situations where portions of the item are lost or damaged. Finally, an objective approach to interpreting complex spectral data is presented. A comparison metric consisting of spectral angle contrast ratios (SCAR) is used as a model to assess more than 94 different-source and 20 same-source electrical tape backings. The SCAR metric results in a discrimination power of 96% and demonstrates the capacity to capture information on the variability between different-source samples and the variability within same-source samples. Application of the random-forest model allows for the automatic detection of primary differences between samples. The developed threshold could assist analysts with making decisions on the spectral comparison of chemically similar samples. This research provides the forensic science community with novel approaches to comparing materials commonly seen in forensic laboratories. The outcomes of this study are anticipated to offer forensic practitioners new and accessible tools for incorporation into current workflows to facilitate systematic and objective analysis and interpretation of forensic materials and support analysts’ opinions

    The Individual And Their World

    Get PDF

    “Men are the alphas. Men can't be hurt. Men can't be victims” - Narrative, identity, and male victims of female perpetrated intimate partner abuse.

    Get PDF
    This thesis details the process and analysis of the ‘Hard to Tell’ study, a qualitative, narrative study examining how male victims of female perpetrated intimate partner abuse (IPA) tell their story, and what it might mean for their identity. The study consisted of life-story interviews with 18 self-identifying male victims. Between them they described the full range of abuse, including physical, sexual, emotional, psychological, financial, controlling, coercive, and legal and administrative. The differing nature of these forms of abuse meant that some were easier to describe in narrative form, which carried significant implications for their ability to make sense of their experiences and explain it to others. Analysis was informed by a complex and dynamic understanding of identity, including key concepts from Narrative Identity Theory (McAdams, 2018; Bamberg, 2011) and Positioning Theory (Korobov, 2010; 2015). In telling their story, these male survivors were driven to defend against powerful cultural narratives of masculinity and male perpetration that contrasted with their experience as a man and as a victim. In doing so they drew upon other cultural narratives such as mental ill-health and childhood trauma to attain a valid identity position. Cultural narratives such as those of coercive controlling abuse and narcissism, enabled them to identify their abuse and sidestep gendered assumptions of perpetration. This thesis proposes a model of identity work within autobiographical narration that incorporates key components of the individual, audience, context, and culture. A prominent feature of these men’s stories was the role played by third parties, who enabled them to reframe their experience as an abuse narrative and begin a process of escape and recovery. This places professionals at the heart of this model, as audience and co-producer within a critical process of narrative sense making and identity validation

    Exploring Text Mining and Analytics for Applications in Public Security: An in-depth dive into a systematic literature review

    Get PDF
    Text mining and related analytics emerge as a technological approach to support human activities in extracting useful knowledge through texts in several formats. From a managerial point of view, it can help organizations in planning and decision-making processes, providing information that was not previously evident through textual materials produced internally or even externally. In this context, within the public/governmental scope, public security agencies are great beneficiaries of the tools associated with text mining, in several aspects, from applications in the criminal area to the collection of people's opinions and sentiments about the actions taken to promote their welfare. This article reports details of a systematic literature review focused on identifying the main areas of text mining application in public security, the most recurrent technological tools, and future research directions. The searches covered four major article bases (Scopus, Web of Science, IEEE Xplore, and ACM Digital Library), selecting 194 materials published between 2014 and the first half of 2021, among journals, conferences, and book chapters. There were several findings concerning the targets of the literature review, as presented in the results of this article
    • 

    corecore