Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems, cyber risk at the edge

The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture

Motivational determinants of physical education grades and the intention to practice sport in the future

Self-Determination Theory (SDT) is amongst motivational frameworks the most popular and contemporary approach to human motivation, being applied in the last decades in several domains, including sport, exercise and physical education (PE). Additionally, Achievement Goal Theory (AGT) has presented evidence of how contextual factors may influence student's behavior in this particular context. The main purpose of this study was to analyze the motivational climate created by the teacher in the classroom, students' satisfaction of Basic Psychological Needs (BPN), and how their behavioral regulation could explain PE grades and intention to practice sports in the future.Funding: This project was supported by the National Funds through FCT – Portuguese Foundation for Science and Technology (UID/ DTP/04045/2013) – and the European Fund for Regional Development (FEDER) allocated by European Union through the COMPETE 2020 Programme (POCI-01-0145FEDER-006969) – Competitiveness and Internationalization (POCI).info:eu-repo/semantics/publishedVersio

Distributed aspect-oriented service composition for business compliance governance with public service processes

Service-Oriented Architecture (SOA) offers a technical foundation for Enterprise Application Integration and business collaboration through service-based business components. With increasing process outsourcing and cloud computing, enterprises need process-level integration and collaboration (process-oriented) to quickly launch new business processes for new customers and products. However, business processes that cross organisations’ compliance regulation boundaries are still unaddressed. We introduce a distributed aspect-oriented service composition approach, which enables multiple process clients hot-plugging their business compliance models (business rules, fault handling policy, and execution monitor) to BPEL business processes

Understanding Contextual Differences in Residential LTC Provision for Cross-National Research : Identifying Internationally Relevant CDEs

Long-term care (LTC) reflects a growing emphasis on person-centered care (PCC), with services oriented around individuals' needs and preferences. Addressing contextual and cultural differences across countries offers important insight into factors that facilitate or hinder application of PCC practices within and across countries. This article takes an international lens to consider country-specific contexts of LTC, describing preliminary steps to develop common data elements that capture contextual differences across LTC settings globally. Through an iterative series of online, telephone, and in-person sessions, we engaged in in-depth discussions with 11 colleague experts in residential LTC and coauthors from six countries (China and Hong Kong, England, Sweden, Thailand, Trinidad and Tobago, and the United States). Our discussions yielded rich narrative describing a vast range in types of LTC settings, leading to our development of a working definition of residential LTC. Scope of services, funding, ownership, and regulations varied greatly across countries and across different residential LTC settings within countries. Moving forward, we recommend expanding our activities to countries that reflect different stages of residential LTC development. Our goal is to contribute to a larger initiative underway by the WE-THRIVE consortium to establish a global research measurement infrastructure that advances PCC internationally.Peer reviewe

Machine-Readable Privacy Certificates for Services

Privacy-aware processing of personal data on the web of services requires managing a number of issues arising both from the technical and the legal domain. Several approaches have been proposed to matching privacy requirements (on the clients side) and privacy guarantees (on the service provider side). Still, the assurance of effective data protection (when possible) relies on substantial human effort and exposes organizations to significant (non-)compliance risks. In this paper we put forward the idea that a privacy certification scheme producing and managing machine-readable artifacts in the form of privacy certificates can play an important role towards the solution of this problem. Digital privacy certificates represent the reasons why a privacy property holds for a service and describe the privacy measures supporting it. Also, privacy certificates can be used to automatically select services whose certificates match the client policies (privacy requirements). Our proposal relies on an evolution of the conceptual model developed in the Assert4Soa project and on a certificate format specifically tailored to represent privacy properties. To validate our approach, we present a worked-out instance showing how privacy property Retention-based unlinkability can be certified for a banking financial service.Comment: 20 pages, 6 figure

Administering the Tax System We Have

Traditional perceptions of tax exceptionalism from administrativ–law doctrines and requirements have been predicated at least in part on the importance of the tax code\u27s revenue–raising function. Yet, Congress increasingly relies on the Internal Revenue Service to administer government programs that have little to do with raising revenue and much more to do with distributing government benefits to the economically disadvantaged, subsidizing approved activities, and regulating outright certain economic sectors like nonprofits, pensions, and health care. As the attentions of the Treasury Department and Internal Revenue Service shift away from raising revenue and toward these other matters, the revenue—based justification for tax exceptionalism from general administrative—law norms fades. To demonstrate the shift, the Article incorporates empirical analysis of Treasury Department and Internal Revenue Service regulatory activity over time