Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-Science

e-Science projects face a difficult challenge in providing access to valuable computational resources, data and software to large communities of distributed users. Oil the one hand, the raison d'etre of the projects is to encourage members of their research communities to use the resources provided. Oil the other hand, the threats to these resources from online attacks require robust and effective Security to mitigate the risks faced. This raises two issues: ensuring that (I) the security mechanisms put in place are usable by the different users of the system, and (2) the security of the overall system satisfies the security needs of all its different stakeholders. A failure to address either of these issues call seriously jeopardise the success of e-Science projects.The aim of this paper is to firstly provide a detailed understanding of how these challenges call present themselves in practice in the development of e-Science applications. Secondly, this paper examines the steps that projects can undertake to ensure that security requirements are correctly identified, and security measures are usable by the intended research community. The research presented in this paper is based Oil four case studies of c-Science projects. Security design traditionally uses expert analysis of risks to the technology and deploys appropriate countermeasures to deal with them. However, these case studies highlight the importance of involving all stakeholders in the process of identifying security needs and designing secure and usable systems.For each case study, transcripts of the security analysis and design sessions were analysed to gain insight into the issues and factors that surround the design of usable security. The analysis concludes with a model explaining the relationships between the most important factors identified. This includes a detailed examination of the roles of responsibility, motivation and communication of stakeholders in the ongoing process of designing usable secure socio-technical systems such as e-Science. (C) 2007 Elsevier Ltd. All rights reserved

A comparative analysis of business process modelling techniques

Business process modelling is an increasingly popular research area for both organisations and academia due to its usefulness in facilitating human understanding and communication. Several modelling techniques have been proposed and used to capture the characteristics of business processes. However, available techniques view business processes from different perspectives and have different features and capabilities. Furthermore, to date limited guidelines exist for selecting appropriate modelling techniques based on the characteristics of the problem and its requirements. This paper presents a comparative analysis of some popular business process modelling techniques. The comparative framework is based on five criteria: flexibility, ease of use, understandability, simulation support and scope. The study highlights some of the major paradigmatic differences between the techniques. The proposed framework can serve as the basis for evaluating further modelling techniques and generating selection procedures

On Engineering Support for Business Process Modelling and Redesign

Currently, there is an enormous (research) interest in business process redesign (BPR). Several management-oriented approaches have been proposed showing how to make BPR work. However, detailed descriptions of empirical experience are few. Consistent engineering methodologies to aid and guide a BPR-practitioner are currently emerging. Often, these methodologies are claimed to be developed for business process modelling, but stem directly from information system design cultures. We consider an engineering methodology for BPR to consist of modelling concepts, their representation, computerized tools and methods, and pragmatic skills and guidelines for off-line modelling, communicating, analyzing, (re)designing\ud business processes. The modelling concepts form the architectural basis of such an engineering methodology. Therefore, the choice, understanding and precise definition of these concepts determine the productivity and effectiveness of modelling tasks within a BPR project. The\ud current paper contributes to engineering support for BPR. We work out general issues that play a role in the development of engineering support for BPR. Furthermore, we introduce an architectural framework for business process modelling and redesign. This framework consists of a coherent set of modelling concepts and techniques on how to use them. The framework enables the modelling of both the structural and dynamic characteristics of business processes. We illustrate its applicability by modelling a case from service industry. Moreover, the architectural framework supports abstraction and refinement techniques. The use of these techniques for a BPR trajectory are discussed

Conversational Agents, Humorous Act Construction, and Social Intelligence

Humans use humour to ease communication problems in human-human interaction and \ud in a similar way humour can be used to solve communication problems that arise\ud with human-computer interaction. We discuss the role of embodied conversational\ud agents in human-computer interaction and we have observations on the generation\ud of humorous acts and on the appropriateness of displaying them by embodied\ud conversational agents in order to smoothen, when necessary, their interactions\ud with a human partner. The humorous acts we consider are generated spontaneously.\ud They are the product of an appraisal of the conversational situation and the\ud possibility to generate a humorous act from the elements that make up this\ud conversational situation, in particular the interaction history of the\ud conversational partners

Cloud service localisation

The essence of cloud computing is the provision of software and hardware services to a range of users in dierent locations. The aim of cloud service localisation is to facilitate the internationalisation and localisation of cloud services by allowing their adaption to dierent locales. We address the lingual localisation by providing service-level language translation techniques to adopt services to dierent languages and regulatory localisation by providing standards-based mappings to achieve regulatory compliance with regionally varying laws, standards and regulations. The aim is to support and enforce the explicit modelling of aspects particularly relevant to localisation and runtime support consisting of tools and middleware services to automating the deployment based on models of locales, driven by the two localisation dimensions. We focus here on an ontology-based conceptual information model that integrates locale specication in a coherent way

Specification and analysis of SOC systems using COWS: a finance case study

Service-oriented computing, an emerging paradigm for distributed computing based on the use of services, is calling for the development of tools and techniques to build safe and trustworthy systems, and to analyse their behaviour. Therefore many researchers have proposed to use process calculi, a cornerstone of current foundational research on specification and analysis of concurrent and distributed systems. We illustrate this approach by focussing on COWS, a process calculus expressly designed for specifying and combining services, while modelling their dynamic behaviour. We present the calculus and one of the analysis techniques it enables, that is based on the temporal logic SocL and the associated model checker CMC. We demonstrate applicability of our tools by means of a large case study, from the financial domain, which is first specified in COWS, and then analysed by using SocL to express many significant properties and CMC to verify them

The future of technology enhanced active learning – a roadmap

The notion of active learning refers to the active involvement of learner in the learning process, capturing ideas of learning-by-doing and the fact that active participation and knowledge construction leads to deeper and more sustained learning. Interactivity, in particular learnercontent interaction, is a central aspect of technology-enhanced active learning. In this roadmap, the pedagogical background is discussed, the essential dimensions of technology-enhanced active learning systems are outlined and the factors that are expected to influence these systems currently and in the future are identified. A central aim is to address this promising field from a best practices perspective, clarifying central issues and formulating an agenda for future developments in the form of a roadmap