108,476 research outputs found
COBRA framework to evaluate e-government services: A citizen-centric perspective
E-government services involve many stakeholders who have different objectives that can have an impact on success. Among these stakeholders, citizens are the primary stakeholders of government activities. Accordingly, their satisfaction plays an important role in e-government success. Although several models have been proposed to assess the success of e-government services through measuring users' satisfaction levels, they fail to provide a comprehensive evaluation model. This study provides an insight and critical analysis of the extant literature to identify the most critical factors and their manifested variables for user satisfaction in the provision of e-government services. The various manifested variables are then grouped into a new quantitative analysis framework consisting of four main constructs: cost; benefit; risk and opportunity (COBRA) by analogy to the well-known SWOT qualitative analysis framework. The COBRA measurement scale is developed, tested, refined and validated on a sample group of e-government service users in Turkey. A structured equation model is used to establish relationships among the identified constructs, associated variables and users' satisfaction. The results confirm that COBRA framework is a useful approach for evaluating the success of e-government services from citizens' perspective and it can be generalised to other perspectives and measurement contexts. Crown Copyright Ā© 2014.PIAP-GA-2008-230658) from the European Union Framework Program and another grant (NPRP 09-1023-5-158) from the Qatar National Research Fund (amember of Qatar Foundation
An Assurance Framework for Independent Co-assurance of Safety and Security
Integrated safety and security assurance for complex systems is difficult for
many technical and socio-technical reasons such as mismatched processes,
inadequate information, differing use of language and philosophies, etc.. Many
co-assurance techniques rely on disregarding some of these challenges in order
to present a unified methodology. Even with this simplification, no methodology
has been widely adopted primarily because this approach is unrealistic when met
with the complexity of real-world system development.
This paper presents an alternate approach by providing a Safety-Security
Assurance Framework (SSAF) based on a core set of assurance principles. This is
done so that safety and security can be co-assured independently, as opposed to
unified co-assurance which has been shown to have significant drawbacks. This
also allows for separate processes and expertise from practitioners in each
domain. With this structure, the focus is shifted from simplified unification
to integration through exchanging the correct information at the right time
using synchronisation activities
Medical Cyber-Physical Systems Development: A Forensics-Driven Approach
The synthesis of technology and the medical industry has partly contributed
to the increasing interest in Medical Cyber-Physical Systems (MCPS). While
these systems provide benefits to patients and professionals, they also
introduce new attack vectors for malicious actors (e.g. financially-and/or
criminally-motivated actors). A successful breach involving a MCPS can impact
patient data and system availability. The complexity and operating requirements
of a MCPS complicates digital investigations. Coupling this information with
the potentially vast amounts of information that a MCPS produces and/or has
access to is generating discussions on, not only, how to compromise these
systems but, more importantly, how to investigate these systems. The paper
proposes the integration of forensics principles and concepts into the design
and development of a MCPS to strengthen an organization's investigative
posture. The framework sets the foundation for future research in the
refinement of specific solutions for MCPS investigations.Comment: This is the pre-print version of a paper presented at the 2nd
International Workshop on Security, Privacy, and Trustworthiness in Medical
Cyber-Physical Systems (MedSPT 2017
Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services
In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is\ud
not achievable and the limited resources available should be directed to satisfy the most important ones. We propose to explicitly link security requirements with the organizationās business vision, i.e. to provide business\ud
rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements.\ud
Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance. We validate our approach by way of a focus group session
- ā¦