Threats Classification with Ishikawa\u27s diagram

Threats identification plays an important role in information system design. This paper proposes an approach to analyse causes of threats using extended Ishikawa’s diagram. Several classes of causes are identified, introduced and put in example; each class containing several sub-classes. This causes analysis is part of a global threat-based approach which consists of three steps: identification, analysis, and treatment. Causes classification is used at the analysis step

Intervening to improve outcomes for vulnerable young people : a review of the evidence

Concerns about the number of young people who fail to reach their potential at school, or get into trouble, or are not in education, employment or training (NEET), underpin the continuing commitment to end child poverty in the UK by 2020, and the Coalition Government’s pledge to increase the focus on supporting the neediest families and those with multiple problems. A strong policy commitment to improving the life chances of vulnerable young people has in recent years led to the testing of a number of initiatives. This review sought to identify: the common barriers to the effective implementation of new initiatives; elements of effective practice in the delivery of multi-agency services for vulnerable young people and their families; the costs associated with integrated service delivery; the outcomes that can be achieved; and whether fewer and more targeted initiatives might offer better value for money, particularly during a period of fiscal reform. Includes: •Introduction to the Review •Identifying and Assessing Vulnerable Young People •Multi-Agency Working: Innovations in the Delivery of Support Services •Delivering Interventions and Improving Outcomes for Young People •Assessing Value for Money in Interventions To Improve Outcomes for Young People •Looking to the Future: Defining Elements of Effective Practic

Modelling the regulative role of business processes with use and misuse cases

Business processes contain value-added and abuse prevention activities. Most modelling techniques do not provide a rationale for abuse prevention activities. Such a rationale is needed when redesigning business processes. In this paper we propose to consider business processes as the main regulatory mechanism that an organization uses to survive and flourish in its environment. We propose a theoretical framework based on the concept of Homeostasis, the maintenance of identity in a changing world. The framework classifies business processes into three levels and explains the interconnections between processes at different levels and the organization’s environment. Based on this framework, we extend the “Use and Misuse Cases” technique to support modelling of value-added and abuse prevention activities and their interconnections with the organization’s environment. We thus provide the needed rationale for business process redesign

Deriving security requirements from crosscutting threat descriptions

It is generally accepted that early determination of the stakeholder requirements assists in the development of systems that better meet the needs of those stakeholders. General security requirements frustrate this goal because it is difficult to determine how they affect the functional requirements of the system. This paper illustrates how representing threats as crosscutting concerns aids in determining the effect of security requirements on the functional requirements. Assets (objects that have value in a system) are first enumerated, and then threats on these assets are listed. The points where assets and functional requirements join are examined to expose vulnerabilities to the threats. Security requirements, represented as constraints, are added to the functional requirements to reduce the scope of the vulnerabilities. These requirements are used during the analysis and specification process, thereby incorporating security concerns into the functional requirements of the system

Lost in Translation: Piloting a Novel Framework to Assess the Challenges in Translating Scientific Uncertainty From Empirical Findings to WHO Policy Statements.

BACKGROUND:Calls for evidence-informed public health policy, with implicit promises of greater program effectiveness, have intensified recently. The methods to produce such policies are not self-evident, requiring a conciliation of values and norms between policy-makers and evidence producers. In particular, the translation of uncertainty from empirical research findings, particularly issues of statistical variability and generalizability, is a persistent challenge because of the incremental nature of research and the iterative cycle of advancing knowledge and implementation. This paper aims to assess how the concept of uncertainty is considered and acknowledged in World Health Organization (WHO) policy recommendations and guidelines. METHODS:We selected four WHO policy statements published between 2008-2013 regarding maternal and child nutrient supplementation, infant feeding, heat action plans, and malaria control to represent topics with a spectrum of available evidence bases. Each of these four statements was analyzed using a novel framework to assess the treatment of statistical variability and generalizability. RESULTS:WHO currently provides substantial guidance on addressing statistical variability through GRADE (Grading of Recommendations Assessment, Development, and Evaluation) ratings for precision and consistency in their guideline documents. Accordingly, our analysis showed that policy-informing questions were addressed by systematic reviews and representations of statistical variability (eg, with numeric confidence intervals). In contrast, the presentation of contextual or "background" evidence regarding etiology or disease burden showed little consideration for this variability. Moreover, generalizability or "indirectness" was uniformly neglected, with little explicit consideration of study settings or subgroups. CONCLUSION:In this paper, we found that non-uniform treatment of statistical variability and generalizability factors that may contribute to uncertainty regarding recommendations were neglected, including the state of evidence informing background questions (prevalence, mechanisms, or burden or distributions of health problems) and little assessment of generalizability, alternate interventions, and additional outcomes not captured by systematic review. These other factors often form a basis for providing policy recommendations, particularly in the absence of a strong evidence base for intervention effects. Consequently, they should also be subject to stringent and systematic evaluation criteria. We suggest that more effort is needed to systematically acknowledge (1) when evidence is missing, conflicting, or equivocal, (2) what normative considerations were also employed, and (3) how additional evidence may be accrued

Arguing Security: A Framework for Analyzing Security Requirements

When considering the security of a system, the analyst must simultaneously work with two types of properties: those that can be shown to be true, and those that must be argued as being true. The first consists of properties that can be demonstrated conclusively, such as the type of encryption in use or the existence of an authentication scheme. The second consists of things that cannot be so demonstrated but must be considered true for a system to be secure, such as the trustworthiness of a public key infrastructure or the willingness of people to keep their passwords secure. The choices represented by the second case are called trust assumptions, and the analyst should supply arguments explaining why the trust assumptions are valid. This thesis presents three novel contributions: a framework for security requirements elicitation and analysis, based upon the construction of a context for the system; an explicit place and role for trust assumptions in security requirements; and structured satisfaction arguments to validate that a system can satisfy the security requirements. The system context is described using a problem-centered notation, then is validated against the security requirements through construction of a satisfaction argument. The satisfaction argument is in two parts: a formal argument that the system can meet its security requirements, and structured informal arguments supporting the assumptions exposed during argument construction. If one cannot construct a convincing argument, designers are asked to provide design information to resolve the problems and another pass is made through the framework to verify that the proposed solution satisfies the requirements. Alternatively, stakeholders are asked to modify the goals for the system so that the problems can be resolved or avoided. The contributions are evaluated by using the framework to do a security requirements analysis within an air traffic control technology evaluation project