Semantic discovery and reuse of business process patterns

Patterns currently play an important role in modern information systems (IS) development and their use has mainly been restricted to the design and implementation phases of the development lifecycle. Given the increasing significance of business modelling in IS development, patterns have the potential of providing a viable solution for promoting reusability of recurrent generalized models in the very early stages of development. As a statement of research-in-progress this paper focuses on business process patterns and proposes an initial methodological framework for the discovery and reuse of business process patterns within the IS development lifecycle. The framework borrows ideas from the domain engineering literature and proposes the use of semantics to drive both the discovery of patterns as well as their reuse

Legal Education in Disruption: The Headwinds and Tailwinds of Technology

By harnessing improvements on communications and computational systems, law firms are producing a revolution in the practice of law. Self-help legal manuals have transformed into sophisticated interactive software; predictive coding can empower clients to receive sophisticated legal advice from a machine; socially mediated portals select among potential lawyers and assess the quality of the advice given; and virtual law firms threaten to distintermediate the grand edifices of twentieth century Big Law. These changes may profoundly restructure the legal practice, undermining the business model for many solo and small firm practices. This paper focuses on the implications of these profound disruptive changes. It looks at the expectations the market may place on future lawyers and by extension the training necessary for lawyers entering the practice of law. The final section reflects a suggested curriculum and programmatic redesign, highlighting one possible future legal educational model, complete with acquiescence to existing constraints found in American Bar Association and other accreditation regimes

Viiteraamistik turvariskide haldamiseks plokiahela abil

Turvalise tarkvara loomiseks on olemas erinevad programmid (nt OWASP), ohumudelid (nt STRIDE), turvariskide juhtimise mudelid (nt ISSRM) ja eeskirjad (nt GDPR). Turvaohud aga arenevad pidevalt, sest traditsiooniline tehnoloogiline infrastruktuur ei rakenda turvameetmeid kavandatult. Blockchain näib leevendavat traditsiooniliste rakenduste turvaohte. Kuigi plokiahelapõhiseid rakendusi peetakse vähem haavatavateks, ei saanud need erinevate turvaohtude eest kaitsmise hõbekuuliks. Lisaks areneb plokiahela domeen pidevalt, pakkudes uusi tehnikaid ja sageli vahetatavaid disainikontseptsioone, mille tulemuseks on kontseptuaalne ebaselgus ja segadus turvaohtude tõhusal käsitlemisel. Üldiselt käsitleme traditsiooniliste rakenduste TJ-e probleemi, kasutades vastumeetmena plokiahelat ja plokiahelapõhiste rakenduste TJ-t. Alustuseks uurime, kuidas plokiahel leevendab traditsiooniliste rakenduste turvaohte, ja tulemuseks on plokiahelapõhine võrdlusmudel (PV), mis järgib TJ-e domeenimudelit. Järgmisena esitleme PV-it kontseptualiseerimisega alusontoloogiana kõrgema taseme võrdlusontoloogiat (ULRO). Pakume ULRO kahte eksemplari. Esimene eksemplar sisaldab Cordat, kui lubatud plokiahelat ja finantsjuhtumit. Teine eksemplar sisaldab lubadeta plokiahelate komponente ja tervishoiu juhtumit. Mõlemad ontoloogiaesitlused aitavad traditsiooniliste ja plokiahelapõhiste rakenduste TJ-es. Lisaks koostasime veebipõhise ontoloogia parsimise tööriista OwlParser. Kaastööde tulemusel loodi ontoloogiapõhine turberaamistik turvariskide haldamiseks plokiahela abil. Raamistik on dünaamiline, toetab TJ-e iteratiivset protsessi ja potentsiaalselt vähendab traditsiooniliste ja plokiahelapõhiste rakenduste turbeohte.Various programs (e.g., OWASP), threat models (e.g., STRIDE), security risk management models (e.g., ISSRM), and regulations (e.g., GDPR) exist to communicate and reduce the security threats to build secure software. However, security threats continuously evolve because the traditional technology infrastructure does not implement security measures by design. Blockchain is appearing to mitigate traditional applications’ security threats. Although blockchain-based applications are considered less vulnerable, they did not become the silver bullet for securing against different security threats. Moreover, the blockchain domain is constantly evolving, providing new techniques and often interchangeable design concepts, resulting in conceptual ambiguity and confusion in treating security threats effectively. Overall, we address the problem of traditional applications’ SRM using blockchain as a countermeasure and the SRM of blockchain-based applications. We start by surveying how blockchain mitigates the security threats of traditional applications, and the outcome is a blockchain-based reference model (BbRM) that adheres to the SRM domain model. Next, we present an upper-level reference ontology (ULRO) as a foundation ontology and provide two instantiations of the ULRO. The first instantiation includes Corda as a permissioned blockchain and the financial case. The second instantiation includes the permissionless blockchain components and the healthcare case. Both ontology representations help in the SRM of traditional and blockchain-based applications. Furthermore, we built a web-based ontology parsing tool, OwlParser. Contributions resulted in an ontology-based security reference framework for managing security risks using blockchain. The framework is dynamic, supports the iterative process of SRM, and potentially lessens the security threats of traditional and blockchain-based applications.https://www.ester.ee/record=b551352

Securitisation and the Role of the State in Delivering UK Cyber Security in a New-Medieval Cyberspace

Both the 2010 and the 2015 UK National Security Strategies identified threats from cyberspace as being among the most significant ‘Tier One’ threats to UK national security. These threats have been constructed as a threat to the state, a threat to the country’s Critical National Infrastructure (CNI), a threat to future economic success and a threat to businesses and individual citizens. As a result, the response to this threat has historically been seen as being a shared responsibility with most potential victims of cyber-attack responsible for their own security and the UK state agencies operating as a source of advice and guidance to promote best practice in the private sector. A range of government departments, including the Cabinet Office, MI5 and GCHQ among others, have been responsible for the government’s own cyber security. However, despite a budget allocation of £860 million for the 2010 – 2015 period, progress on reducing the frequency and cost of cyber-attacks was limited and the 2010 strategy for dealing with cyber security was widely seen as having failed. This led to a new National Cyber Security Strategy (NCSS) in 2016 which indicated a significant change in approach, in particular with a more proactive role for the state through the formation of the National Cyber Security Centre (NCSC) and a £1.6 billion budget for cyber security between 2016 and 2021. However, cyber-attacks remain a significant issue for many organisations in both the public and private sector, and attacks such as the Wannacry ransomware/wiper attack, UK specific data breaches such as those witnessed in 2017 at Debenhams, Three, Wonga and ABTA, and breaches outside the UK that impacted UK citizens such as Equifax show that the frequency and impact of cyber security issues remain significant. The underlying cause of the insecurity of cyberspace is reflected in the metaphorical description of cyberspace as the wild-west or as an ungoverned space. This is a result of cyberspace features such as anonymity, problematic attribution and a transnational nature that can limit the effective reach of law enforcement agencies. When these features are combined with an increasing societal and economic dependence on information technology and mediated data, this increases the potential economic impact of disruption to these systems and enhances the value of the data for both legitimate and illegitimate purposes. This thesis argues that cyberspace is not ungoverned, and that it is more accurate to consider cyberspace to be a New Medieval environment with multiple overlapping authorities. In fact, cyberspace has always been far from ungoverned, it is just differently governed from a realspace Westphalian nation state system. The thesis also argues that cyberspace is currently experiencing a ‘Westphalian transformation’ with the UK state (among many others) engaged in a process designed to assert its authority and impose state primacy in cyberspace. This assertion of state authority is being driven by an identifiable process of securitisation in response to the constructed existential threat posed by unchecked cyberattacks by nation states and criminal enterprises. The Copenhagen School’s securitisation theory has been used to inform an original analysis of key speech acts by state securitising actors that has highlighted the key elements of the securitisation processes at work. This has clearly shown the development of the securitisation discourse, and the importance of referent objects and audience in asserting the state’s authority through the securitisation process. Original qualitative data collected through in-depth semi-structured interviews with elite members of the cyber security community has provided insights to the key issues in cyber security that support the view that cyberspace has New Medieval characteristics. The interview data has also allowed for the construction of a view of the complexities of the cyberspace environment, the overlapping authorities of state and private sector organisations and some of the key issues that arise. These issues are identified as being characteristic of a particularly complex form of policy problem referred to as a ‘wicked problem’. An understanding of cyber security as a wicked problem may aid in the identification of future possible policy approaches for cyber security policy in the UK

Investigating the impact of bureacratic factors on government organisational performance in the Kingdom of Bahrain: A multiple case study approach

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.This research is undertaken in response to the need to offer fresh insights to the number of models of organisational bureaucracy. The main aim of this thesis is to explore the bureaucratic factors related to governmental organisations that may influence their performance. Through conceptual and empirical research, several key factors have been identified which link organisational performance to social responsibility, job satisfaction, motivation, and decision quality. To support this research, Hofstede’s cultural dimensions were used in connection with the performance dimensions and the bureaucratic factors. In this context, the case study design used multiple sources of evidence in a triangulation strategy to contribute to developing a perspective on bureaucracy and its impact to government organisations in the Kingdom of Bahrain. Thus, a conceptual framework has been developed and proposed as part of the study. This research adopted a semi-structured interview research design in order to elicit the views of individuals and in-depth qualitative information. The findings in the context of this research confirmed that Bahrainis are highly rule-oriented, risk averse and do not readily accept change. In addition, they have a high preference for avoiding uncertainty thus they maintain rigid codes of belief and behaviour. The results of the empirical investigation have therefore enriched the growing literature of bureaucracy and performance of government organisations not only in the Kingdom of Bahrain but also in the global setting it used the Hofstede’s cultural dimensions. The result of this research may be of help to a range of human resource managers, public administrators, employees and other stakeholders in bureaucratic organisational context

Civil Society in the 'Visegrad Four': Data and Literature in the Czech Republic, Hungary, Poland and Slovakia

The first of three publications on the '25 Years After -- Mapping Civil Society in the Visegrád Four' project contains an overview of existing data and literature in the Czech Republic, Hungary, Poland and Slovakia. It looks at where and what kind of research on civil society has been and is being done, who is doing it and where the gaps are.To be consistent and comparable, the four country reports include the same core sections: relevant publications on civil society in the respective country; existing databases and other data sources; active centres of research, training, and policy studies. More than providing just a list, this report looks at how they can be evaluated in terms of scope, accurateness and depth. Finally, it considers the question of what the most crucial gaps in research and funding in the countries are.An academic volume is slated for the end of 2014. For other publications in English and German, see www.maecenata.eu