On the Automated Management of Security Incidents in Smart Space

The proliferation of smart spaces, such as smart buildings, is increasing opportunities for offenders to exploit the interplay between cyber and physical components, in order to trigger security incidents. Organizations are obliged to report security incidents to comply with recent data protection regulations. Organizations can also use incident reports to improve security of the smart spaces where they operate. Incident reporting is often documented in structured natural language. However, reports often do not capture relevant information about cyber and physical vulnerabilities present in a smart space that are exploited during an incident. Moreover, sharing information about security incidents can be difficult, or even impossible, since a report may contain sensitive information about an organization. In previous work, we provided a meta-model to represent security incidents in smart spaces. We also developed an automated approach to share incident knowledge across different organizations. In this paper we focus on incident reporting. We provide a System Editor to represent smart buildings where incidents can occur. Our editor allows us to represent cyber and physical components within a smart building and their interplay. We also propose an Incident Editor to represent the activities of an incident, including —for each activity— the target and the resources exploited, the location where the activity occurred, and the activity initiator. Building on our previous work, incidents represented using our editor can be shared across various organizations, and instantiated in different smart spaces to assess how they can re-occur. We also propose an Incident Filter component that allows viewing and prioritizing the most relevant incident instantiations, for example, involving a minimum number of activities. We assess the feasibility of our approach in assisting incident reporting using an example of a security incident that occurred in a research center

Smart homes and their users:a systematic analysis and key challenges

Published research on smart homes and their users is growing exponentially, yet a clear understanding of who these users are and how they might use smart home technologies is missing from a field being overwhelmingly pushed by technology developers. Through a systematic analysis of peer-reviewed literature on smart homes and their users, this paper takes stock of the dominant research themes and the linkages and disconnects between them. Key findings within each of nine themes are analysed, grouped into three: (1) views of the smart home-functional, instrumental, socio-technical; (2) users and the use of the smart home-prospective users, interactions and decisions, using technologies in the home; and (3) challenges for realising the smart home-hardware and software, design, domestication. These themes are integrated into an organising framework for future research that identifies the presence or absence of cross-cutting relationships between different understandings of smart homes and their users. The usefulness of the organising framework is illustrated in relation to two major concerns-privacy and control-that have been narrowly interpreted to date, precluding deeper insights and potential solutions. Future research on smart homes and their users can benefit by exploring and developing cross-cutting relationships between the research themes identified

Regional Data Archiving and Management for Northeast Illinois

This project studies the feasibility and implementation options for establishing a regional data archiving system to help monitor and manage traffic operations and planning for the northeastern Illinois region. It aims to provide a clear guidance to the regional transportation agencies, from both technical and business perspectives, about building such a comprehensive transportation information system. Several implementation alternatives are identified and analyzed. This research is carried out in three phases. In the first phase, existing documents related to ITS deployments in the broader Chicago area are summarized, and a thorough review is conducted of similar systems across the country. Various stakeholders are interviewed to collect information on all data elements that they store, including the format, system, and granularity. Their perception of a data archive system, such as potential benefits and costs, is also surveyed. In the second phase, a conceptual design of the database is developed. This conceptual design includes system architecture, functional modules, user interfaces, and examples of usage. In the last phase, the possible business models for the archive system to sustain itself are reviewed. We estimate initial capital and recurring operational/maintenance costs for the system based on realistic information on the hardware, software, labor, and resource requirements. We also identify possible revenue opportunities. A few implementation options for the archive system are summarized in this report; namely: 1. System hosted by a partnering agency 2. System contracted to a university 3. System contracted to a national laboratory 4. System outsourced to a service provider The costs, advantages and disadvantages for each of these recommended options are also provided.ICT-R27-22published or submitted for publicationis peer reviewe

Gender and Equality in Transport. Proceedings of the 2021 Travel Demand Management Symposium

Proceedings of the 10TH INTERNATIONAL TRAVEL DEMAND MANAGEMENT (TDM) SYMPOSIUM IN CONJUNCTION WITH TINNGO AND DIAMOND FINAL CONFERENCE titled: Gender and Equality in Transpor

TInnGO's representation of European gender transport poverty as a wicked problem

Globally, transport poverty is acknowledged as a wicked problem. Transport is an enabler to education, health care, employment, and leisure activities. Therefore, reducing transport poverty is key for the EU to building an inclusive and equal society. However, many citizens are denied access to effective and efficient forms of transport. They may lack agency/freedom to travel, the transport they need unaffordable or unavailable. Certain groups are designed out of transport systems, and therefore out of the life of the city. Not all these reasons are to do with transport per se, but they are exacerbated by inequalities in the transport system. The term ‘gender transport poverty’ has been used to emphasize the added problems faced by women because of their gender.The H2020 TInnGO project was designed to create a paradigm shift in the European transport (usage, employment, and education) sector, in the emerging field of smart mobility with respect to gender. This paper articulates some of the work conducted by the project to show the gains which can be made through recognizing and naming gender transport poverty as a wicked problem

On the use of serious games technology to facilitate large-scale training in cybercrime response

As technology becomes pervasive in everyday life, there are very few crimes that don’t have some ‘cyber’ element to them. The vast majority of crime now has some digital footprint; whether it’s from a CCTV camera, mobile phone or IoT device, there exists a vast range of technological devices with the ability to store digital evidence that could be of use during a criminal investigation. There is a clear requirement to ensure that digital forensic investigators have received up-to-date training on appropriate methods for the seizure, acquisition and analysis of digital devices. However, given the increasing number of crimes now involving a range of technological devices it is increasingly important for those police officers who respond to incidents of crime to have received appropriate training.The aim of our research is to transform the delivery of first responder training in tackling cybercrime.A project trialling the use of computer games technology to train officers in cybercrime response is described. A game simulating typical cybercrime scenes has been developed and its use in training first responders has been evaluated within Police Scotland. Overall, this approach to the large-scale provision of training (potentially to a whole force) is shown to offer potential

The Implementation of Smart Mobility for Smart Cities: A Case Study in Qatar

This paper contributes to building a systematic view of the mobility characteristics of smart cities by reviewing the lessons learned from the best practices implemented around the world. The main features of smart cities, such as smart homes, smart infrastructure, smart operations, smart services, smart utilities, smart energy, smart governance, smart lifestyle, smart business, and smart mobility in North America, Asia, and Europe are briefly reviewed. The study predominantly focuses on smart mobility features and their implications in newly built smart cities. As a case study, the modern city of Lusail located in the north of Doha, Qatar is considered. The provision of car park management and guidance, real-time traffic signal control, traffic information system, active-modes arrangement in promenade and busy urban avenues, LRT, buses, taxis, and water taxis information system, and multimodal journey planning facilities in the Lusail smart city is discussed in this study. Consequently, the implications of smart mobility features on adopting Intelligent Transportation Systems (ITS) will be studied. The study demonstrates that the implementation of Information and Communication Technologies (ICT) when supported by Intelligent Transportation Systems (ITS), could result in making the most efficient use of existing transportation infrastructure and consequently improve the safety and security, mobility, and the environment in urban areas. The findings of this study could be considered an initial step in the implementation of Mobility-as-a-Service (MaaS) in cities with advanced public transportation such as Doha, the capital of Qatar. Doi: 10.28991/CEJ-2022-08-10-09 Full Text: PD

Autonomic Cloud Computing: Open Challenges and Architectural Elements

As Clouds are complex, large-scale, and heterogeneous distributed systems, management of their resources is a challenging task. They need automated and integrated intelligent strategies for provisioning of resources to offer services that are secure, reliable, and cost-efficient. Hence, effective management of services becomes fundamental in software platforms that constitute the fabric of computing Clouds. In this direction, this paper identifies open issues in autonomic resource provisioning and presents innovative management techniques for supporting SaaS applications hosted on Clouds. We present a conceptual architecture and early results evidencing the benefits of autonomic management of Clouds.Comment: 8 pages, 6 figures, conference keynote pape

Effective CCTV and the challenge of constructing legitimate suspicion using remote visual images

This paper compares the effectiveness of public CCTV systems according to meta-reviews, with what might be expected based upon theoretical predictions. The apparent gulf between practice and prediction is explored in the light of the challenges faced by CCTV operators in terms of effective target selection. In addition, counter-intuitive reactions by members of the public to situational symbols of crime deterrence may also undermine the efficacy of CCTV. Evidence is introduced and reviewed that suggests CCTV operators may employ implicit profiles to select targets. Essentially, young, scruffy males who appear to be loitering are disproportionately targeted compared with their base rate use of surveyed areas. However, the extent to which such a profile is diagnostic of criminal intent or behaviour is unclear. Such profiles may represent little more than ‘pattern matching’ within an impoverished visual medium. Finally, suggestions for future research and effective CCTV operator practice are offered in order to improve target selection.Peer reviewe