On compound purposes and compound reasons for enabling privacy

This paper puts forward a verification method for compound purposes and compound reasons to be used during purpose limitation. When it is absolutely necessary to collect privacy related information, it is essential that privacy enhancing technologies (PETs) protect access to data – in general accomplished by using the concept of purposes bound to data. Compound purposes and reasons are an enhancement of purposes used during purpose limitation and binding and are more expressive than purposes in their general form. Data users specify their access needs by making use of compound reasons which are defined in terms of (compound) purposes. Purposes are organised in a lattice with purposes near the greatest lower bound (GLB) considered weak (less specific) and purposes near the least upper bound (LUB) considered strong (most specific). Access is granted based on the verification of the statement of intent (from the data user) against the compound purpose bound to the data; however, because purposes are in a lattice, the data user is not limited to a statement of intent that matches the purposes bound to the data exactly – the statement can be a true reflection of their intent with the data. Hence, the verification of compound reasons against compound purposes cannot be accomplished by current published verification algorithms. Before presenting the verification method, compound purposes and reasons, as well as the structures used to represent them, and the operators that are used to define compounds is presented. Finally, some thoughts on implementation are provided.http://www.jucs.org/;internal&action=noaction&Parameter=120816403095

A novel planning approach for the water, sanitation and hygiene (WaSH) sector: the use of object-oriented bayesian networks

Conventional approaches to design and plan water, sanitation, and hygiene (WaSH) interventions are not suitable for capturing the increasing complexity of the context in which these services are delivered. Multidimensional tools are needed to unravel the links between access to basic services and the socio-economic drivers of poverty. This paper applies an object-oriented Bayesian network to reflect the main issues that determine access to WaSH services. A national Program in Kenya has been analyzed as initial case study. The main findings suggest that the proposed approach is able to accommodate local conditions and to represent an accurate reflection of the complexities of WaSH issues, incorporating the uncertainty intrinsic to service delivery processes. Results indicate those areas in which policy makers should prioritize efforts and resources. Similarly, the study shows the effects of sector interventions, as well as the foreseen impact of various scenarios related to the national Program.Preprin

Participatory, Visible and Sustainable. Designing a Community Website for a Minority Group

This paper tackles three aspects of community-based technological initiatives aimed to support minority groups’ public expression and communication: participation, visibility and sustainability. Participation requires\ud the active involvement of the community members in various project phases (from design to evaluation), sharing decisional power with project leaders. Visibility\ud refers to the capacity of community messages to reach a relevant audience outside the boundaries of the community itself. Sustainability indicates the capacity of a project to continue, under the control and management of the local community, beyond its “supported” lifetime. The mutual influence of these three dimensions is examined in general and also in the light of a specific case study: an initiative involving a Romani community in rural Romania, having as main outcome the development of a community website (www.romanivoices.com/podoleni)

Electronic Medical Record Adoption in New Zealand Primary Care Physician Offices

Describes EMR adoption in New Zealand's primary healthcare system, including how government investment was secured and data protection laws, unique patient identifiers, and standards and certification were established, with lessons for the United States

Patterns and Interactions in Network Security

Networks play a central role in cyber-security: networks deliver security attacks, suffer from them, defend against them, and sometimes even cause them. This article is a concise tutorial on the large subject of networks and security, written for all those interested in networking, whether their specialty is security or not. To achieve this goal, we derive our focus and organization from two perspectives. The first perspective is that, although mechanisms for network security are extremely diverse, they are all instances of a few patterns. Consequently, after a pragmatic classification of security attacks, the main sections of the tutorial cover the four patterns for providing network security, of which the familiar three are cryptographic protocols, packet filtering, and dynamic resource allocation. Although cryptographic protocols hide the data contents of packets, they cannot hide packet headers. When users need to hide packet headers from adversaries, which may include the network from which they are receiving service, they must resort to the pattern of compound sessions and overlays. The second perspective comes from the observation that security mechanisms interact in important ways, with each other and with other aspects of networking, so each pattern includes a discussion of its interactions.Comment: 63 pages, 28 figures, 56 reference

Model-Driven Cyber Range Training: A Cyber Security Assurance Perspective

Security demands are increasing for all types of organisations, due to the ever-closer integration of computing infrastructures and smart devices into all aspects of the organisational operations. Consequently, the need for security-aware employees in every role of an organisation increases in accordance. Cyber Range training emerges as a promising solution, allowing employees to train in both realistic environments and scenarios and gaining hands-on experience in security aspects of varied complexity, depending on their role and level of expertise. To that end, this work introduces a model-driven approach for Cyber Range training that facilitates the generation of tailor-made training scenarios based on a comprehensive model-based description of the organisation and its security posture. Additionally, our approach facilitates the auto- mated deployment of such training environments, tailored to each defined scenario, through simulation and emulation means. To further highlight the usability of the proposed approach, this work also presents scenarios focusing on phishing threats, with increasing level of complexity and difficulty

Urban Air Mobility Market Study

The Booz Allen Team explored market size and potential barriers to Urban Air Mobility (UAM) by focusing on three potential markets – Airport Shuttle, Air Taxi, and Air Ambulance. We found that the Airport Shuttle and Air Taxi markets are viable, with a significant total available market value in the U.S. of $500 billion, for a fully unconstrained scenario. In this unconstrained best-case scenario, passengers would have the ability to access and fly a UAM at any time, from any location to any destination, without being hindered by constraints such as weather, infrastructure, or traffic volume. Significant legal and regulatory, weather, certification, public perception, and infrastructure constraints exist, which reduce the market potential for these applications to only about 0.5$2.5 billion, in the near term. However, we determined that these constraints can be addressed through ongoing intra-governmental partnerships, government and industry collaboration, strong industry commitment, and existing legal and regulatory enablers. We found that the Air Ambulance market is not a viable market if served by electric vertical takeoff and landing (eVTOL) vehicles due to technology constraints but may potentially be viable if a hybrid VTOL aircraft are utilized

RFID chips: Future technology on everyone’s lips

Radio frequency identification (RFID) is considered a technology of the future, but RFID chips have long established themselves in our everyday lives. RFID systems combine the physical world of a product with the virtual world of digital data. Projects based on RFID far transcend simply replacing the bar code, and in fact represent a new all-encompassing structural concept. The RFID market is faced with the conflicting demands for cheap solutions on the one hand and guaranteed high-level security, which is predicated on additional investment, on the other. The retail trade is playing a decisive part in the broad-based roll-out of RFID projects. Beyond deployment in the retail market, though, RFID will soon be considered an indispensable part of the entire value chain in all sectors of the economy.information- and communication technology; ICT; e-business; e-commerce; B2C-e-commerce; internet; retail; supply chain management; tag