Crisis! what crisis?

Abstract There is a crisis discussed in the discipline of Information Systems. Those who perceive such a crisis to exist are by no means agreed, as to its nature and origins. Our inquiry shows that there are a three distinct “crises” being debated. The first of these relates to the Substance and boundaries of the discipline itself and if it is even a discipline at all. Another “crisis” relates to higher education and a fall in demand for IS courses from new students. Commentators perceive this to threaten the existence of IS departments in Universities, and to have potentially serious consequences for both research strategies and career paths of academics. Thirdly, there is perception of a crisis in the wider world, characterised by fewer vacancies in IS-relevant occupations whilst, at the same time, employers complain of a shortage of suitably skilled applicants for the vacancies available. This paper examines evidence for the three “crises,” real or imagined, suggested above, in the Information Systems field

On the complexity of collaborative cyber crime investigations

This article considers the challenges faced by digital evidence specialists when collaborating with other specialists and agencies in other jurisdictions when investigating cyber crime. The opportunities, operational environment and modus operandi of a cyber criminal are considered, with a view to developing the skills and procedural support that investigators might usefully consider in order to respond more effectively to the investigation of cyber crimes across State boundaries

Tools for modelling support and construction of optimization applications

We argue the case for an open systems approach towards modelling and application support. We discuss how the 'usability' and 'skills' analysis naturally leads to a viable strategy for integrating application construction with modelling tools and optimizers. The role of the implementation environment is also seen to be critical in that it is retained as a building block within the resulting system

Integrating security and usability into the requirements and design process

According to Ross Anderson, 'Many systems fail because their designers protect the wrong things or protect the right things in the wrong way'. Surveys also show that security incidents in industry are rising, which highlights the difficulty of designing good security. Some recent approaches have targeted security from the technological perspective, others from the human–computer interaction angle, offering better User Interfaces (UIs) for improved usability of security mechanisms. However, usability issues also extend beyond the user interface and should be considered during system requirements and design. In this paper, we describe Appropriate and Effective Guidance for Information Security (AEGIS), a methodology for the development of secure and usable systems. AEGIS defines a development process and a UML meta-model of the definition and the reasoning over the system's assets. AEGIS has been applied to case studies in the area of Grid computing and we report on one of these

Attaining social value from electronic government

We define and elaborate a Social Value framework supporting evaluation and attainment of the broader socio-political and socio-economic goals that characterise many electronic government initiatives. The key elements of the framework are the willingness of citizens to (positively) recommend an e-government service to others, based upon personal trust in the service provider, and personal experience of the service, based upon experience of service provision and outcomes. The validity of the framework is explored through an empirical quantitative study of citizens' experiences of a newly introduced e-government system to allocate public social housing. The results of this study include evidence of generic antecedents of trust and willingness to recommend, pointing the way to more general applicability of the framework for designers and managers of electronic government systems

Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-Science

e-Science projects face a difficult challenge in providing access to valuable computational resources, data and software to large communities of distributed users. Oil the one hand, the raison d'etre of the projects is to encourage members of their research communities to use the resources provided. Oil the other hand, the threats to these resources from online attacks require robust and effective Security to mitigate the risks faced. This raises two issues: ensuring that (I) the security mechanisms put in place are usable by the different users of the system, and (2) the security of the overall system satisfies the security needs of all its different stakeholders. A failure to address either of these issues call seriously jeopardise the success of e-Science projects.The aim of this paper is to firstly provide a detailed understanding of how these challenges call present themselves in practice in the development of e-Science applications. Secondly, this paper examines the steps that projects can undertake to ensure that security requirements are correctly identified, and security measures are usable by the intended research community. The research presented in this paper is based Oil four case studies of c-Science projects. Security design traditionally uses expert analysis of risks to the technology and deploys appropriate countermeasures to deal with them. However, these case studies highlight the importance of involving all stakeholders in the process of identifying security needs and designing secure and usable systems.For each case study, transcripts of the security analysis and design sessions were analysed to gain insight into the issues and factors that surround the design of usable security. The analysis concludes with a model explaining the relationships between the most important factors identified. This includes a detailed examination of the roles of responsibility, motivation and communication of stakeholders in the ongoing process of designing usable secure socio-technical systems such as e-Science. (C) 2007 Elsevier Ltd. All rights reserved