On the Security of Software Systems and Services

This work investigates new methods for facing the security issues and threats arising from the composition of software. This task has been carried out through the formal modelling of both the software composition scenarios and the security properties, i.e., policies, to be guaranteed. Our research moves across three different modalities of software composition which are of main interest for some of the most sensitive aspects of the modern information society. They are mobile applications, trust-based composition and service orchestration. Mobile applications are programs designed for being deployable on remote platforms. Basically, they are the main channel for the distribution and commercialisation of software for mobile devices, e.g., smart phones and tablets. Here we study the security threats that affect the application providers and the hosting platforms. In particular, we present a programming framework for the development of applications with a static and dynamic security support. Also, we implemented an enforcement mechanism for applying fine-grained security controls on the execution of possibly malicious applications. In addition to security, trust represents a pragmatic and intuitive way for managing the interactions among systems. Currently, trust is one of the main factors that human beings keep into account when deciding whether to accept a transaction or not. In our work we investigate the possibility of defining a fully integrated environment for security policies and trust including a runtime monitor. Finally, Service-Oriented Computing (SOC) is the leading technology for business applications distributed over a network. The security issues related to the service networks are many and multi-faceted. We mainly deal with the static verification of secure composition plans of web services. Moreover, we introduce the synthesis of dynamic security checks for protecting the services against illegal invocations

Identifying the impact of the circular economy on the Fast-Moving Consumer Goods Industry Opportunities and challenges for businesses, workers and consumers – mobile phones as an example STUDY

Mobile phones, particularly smartphones, have undergone a period of rapid growth to become virtually indispensable to today's lifestyle. Yet their production, use and disposal can entail a significant environmental burden. This study looks at the opportunities and challenges that arise from implementing circular economy approaches in the mobile phone value chain. A review of the value chain and different circular approaches is complemented by a scenario analysis that aims to quantify the potential impacts of certain circular approaches such as recycling, refurbishment and lifetime extension. The study finds that there is a large untapped potential for recovering materials from both the annual flow of new mobile phones sold in Europe once they reach the end of their life and the accumulated stock of unused, so-called hibernating devices in EU households. Achieving high recycling rates for these devices can offer opportunities to reduce EU dependence on imported materials and make secondary raw materials available on the EU market. As such, policy action would be required to close the collection gap for mobile phone devices. Implementing circular approaches in the mobile phone value chain can furthermore lead to job creation in the refurbishment sector. Extending the lifetime of mobile phones can also provide CO2 mitigation benefits, particularly from displacing the production of new devices

Extending the generalizability and pragmatic contributions to solve privacy paradox

Privacy issue has increasingly become an integral part of organizations and businesses that operate within the digital era. However, heretofore, there is a lack of a systematic literature review to help scholars to integrate what has been done in previous studies when privacy issues were addressed especially the privacy paradox that still perplexes both academia and practitioners alike. Furthermore, with the inconsistency of findings regarding the privacy paradox, there is also a need to support researchers in recognizing the substantial constructs to improve the results of their empirical papers. Therefore, this paper aims to serve as an integrated review to congregate constructs that can help scholars to improve the generalizability and pragmatic contributions when addressing privacy paradox issue. Besides the conclusion that there is a lack of empirical papers on privacy paradox published in the business, management and marketing journal publications, we also synthesize constructs such as the population of the study, methodology, cross-cultural aspect and context of the study to improve the extent of the generalizability and practical contributions of empirical paper related to the privacy paradox. The limitations and implications of this study are also discussed at the end of this paper

Overview of New Forms of Employment - 2018 Update

Across Europe, new forms of employment are emerging that differ significantly from traditional employment. Some of these forms of employment transform the relationship between employer and employee while others change work organisation and work patterns. They often involve locations other than the usual employer’s premises, and or extensive use of information and communications technology. This report identifies nine forms of employment that are either new or have become increasingly important in Europe since the year 2000. All of the nine forms discussed are aimed at increasing flexibility for employers and/or employees. Some may benefit employers and employees equally, but in a few cases there are concerns regarding their impact on working conditions and the labour market. The report highlights the need for awareness of potential problems and of safety nets for workers

Bring Your Own Device (BYOD) adoption in South African SMEs

The advancement in technological development is now altering the conventional order in the diffusion of IT innovation from a top-down approach (organisation to employees) to a bottom-up approach (employees to organisation). This change is more notable in developed economies and has led to the Bring Your Own Device (BYOD) phenomenon which promises increased productivity for employees and their organisations. There have been several studies on the corporate adoption of BYOD but few have investigated the phenomenon from a small and medium enterprise (SME) perspective and from developing countries specifically. This study investigated the BYOD phenomenon in South African SMEs. The goal was to identify contextual factors influencing BYOD adoption with the purpose of understanding how these factors shaped and reshaped by SME actions. The Perceived EReadiness Model (PERM) was adopted to unearth contextual BYOD adoption factors, while the Structuration Theory was adopted as the theoretical lens from which the social construction of the BYOD phenomenon was understood. The study adopted an interpretive stance and was qualitative in nature. Data was collected from SMEs using semi-structured interviews, and analysed using a thematic analysis approach. The findings show that for BYOD to be adopted and institutionalized in an SME there needs to be organisational readiness in terms of awareness, management support, business resources, human resources, employees' pressure, formal governance, and technological readiness. Specifically, business resources, management support and technological readiness were perceived to be of the outmost importance to the success of BYOD. Environmental factors of market forces, support from industry, government readiness and the sociocultural factor are identified. Findings from the structuration analysis reports the presence of rules and resources (structures) which SMEs draw upon in their BYOD actions and interactions. It provides understanding on the guiding structures such as "no training" and "no formal governance" within which BYOD meanings are formed, and actions such as allowing employees to use their devices to access organisational resources without the fear of security breaches and data theft, are enacted. While it is true that the successive adoption of ICTs in organisation depends on the availability of a conducive formal policy, findings in the study show that SMEs used their business resources and management support as guiding structures of domination which were legitimized by internal informal verbal rules, lack of an institutional BYOD specific policy, minimal industry support; and the presences of social pressure

Developing a distributed electronic health-record store for India

The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India

From Social Data Mining to Forecasting Socio-Economic Crisis

Socio-economic data mining has a great potential in terms of gaining a better understanding of problems that our economy and society are facing, such as financial instability, shortages of resources, or conflicts. Without large-scale data mining, progress in these areas seems hard or impossible. Therefore, a suitable, distributed data mining infrastructure and research centers should be built in Europe. It also appears appropriate to build a network of Crisis Observatories. They can be imagined as laboratories devoted to the gathering and processing of enormous volumes of data on both natural systems such as the Earth and its ecosystem, as well as on human techno-socio-economic systems, so as to gain early warnings of impending events. Reality mining provides the chance to adapt more quickly and more accurately to changing situations. Further opportunities arise by individually customized services, which however should be provided in a privacy-respecting way. This requires the development of novel ICT (such as a self- organizing Web), but most likely new legal regulations and suitable institutions as well. As long as such regulations are lacking on a world-wide scale, it is in the public interest that scientists explore what can be done with the huge data available. Big data do have the potential to change or even threaten democratic societies. The same applies to sudden and large-scale failures of ICT systems. Therefore, dealing with data must be done with a large degree of responsibility and care. Self-interests of individuals, companies or institutions have limits, where the public interest is affected, and public interest is not a sufficient justification to violate human rights of individuals. Privacy is a high good, as confidentiality is, and damaging it would have serious side effects for society.Comment: 65 pages, 1 figure, Visioneer White Paper, see http://www.visioneer.ethz.c

Costs and benefits of superfast broadband in the UK

This paper was commissioned from LSE Enterprise by Convergys Smart Revenue Solutions to stimulate an open and constructive debate among the main stakeholders about the balance between the costs, the revenues, and the societal benefits of ‘superfast’ broadband. The intent has been to analyse the available facts and to propose wider perspectives on economic and social interactions. The paper has two parts: one concentrates on superfast broadband deployment and the associated economic and social implications (for the UK and its service providers), and the other considers alternative social science approaches to these implications. Both parts consider the potential contribution of smart solutions to superfast broadband provision and use. Whereas Part I takes the “national perspective” and the “service provider perspective”, which deal with the implications of superfast broadband for the UK and for service providers, Part II views matters in other ways, particularly by looking at how to realise values beyond the market economy, such as those inherent in neighbourliness, trust and democrac